FKIE_CVE-2008-4555

Vulnerability from fkie_nvd - Published: 2008-10-14 21:10 - Updated: 2025-04-09 00:30
Severity ?
Summary
Stack-based buffer overflow in the push_subg function in parser.y (lib/graph/parser.c) in Graphviz 2.20.2, and possibly earlier versions, allows user-assisted remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a DOT file with a large number of Agraph_t elements.
References
cve@mitre.orghttp://bugs.gentoo.org/show_bug.cgi?id=240636
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2008-10/msg00012.html
cve@mitre.orghttp://roeehay.blogspot.com/2008/10/graphviz-buffer-overflow-code-execution.htmlExploit
cve@mitre.orghttp://secunia.com/advisories/32186Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/32656
cve@mitre.orghttp://security.gentoo.org/glsa/glsa-200811-04.xml
cve@mitre.orghttp://securityreason.com/securityalert/4409
cve@mitre.orghttp://www.securityfocus.com/archive/1/497150/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/bid/31648Patch
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/45765
af854a3a-2127-422b-91ae-364da2661108http://bugs.gentoo.org/show_bug.cgi?id=240636
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00012.html
af854a3a-2127-422b-91ae-364da2661108http://roeehay.blogspot.com/2008/10/graphviz-buffer-overflow-code-execution.htmlExploit
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/32186Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/32656
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-200811-04.xml
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/4409
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/497150/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/31648Patch
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/45765
Impacted products
Vendor Product Version
graphviz graphviz *
graphviz graphviz 1.5.1
graphviz graphviz 1.5.2
graphviz graphviz 1.5.3
graphviz graphviz 1.7.5.1
graphviz graphviz 1.7.5.2
graphviz graphviz 1.7.5.3
graphviz graphviz 1.7.5.4
graphviz graphviz 1.7.5.5
graphviz graphviz 1.7.5.6
graphviz graphviz 1.7.5.7
graphviz graphviz 1.7.5_0.1
graphviz graphviz 1.7.5_0.2
graphviz graphviz 1.7.5_0.3
graphviz graphviz 1.7.16.1
graphviz graphviz 1.7.16.2
graphviz graphviz 1.8.5.1
graphviz graphviz 1.8.5.2
graphviz graphviz 1.8.9.1
graphviz graphviz 1.10_2003-09-15_0415_1
graphviz graphviz 1.10_2003-09-15_0415_2
graphviz graphviz 1.12.1
graphviz graphviz 1.12.2
graphviz graphviz 1.12.3
graphviz graphviz 1.14.1
graphviz graphviz 1.16.1
graphviz graphviz 2.2
graphviz graphviz 2.2.1
graphviz graphviz 2.2.1.1
graphviz graphviz 2.2.2
graphviz graphviz 2.4
graphviz graphviz 2.6
graphviz graphviz 2.8
graphviz graphviz 2.10
graphviz graphviz 2.12
graphviz graphviz 2.14
graphviz graphviz 2.16
graphviz graphviz 2.18
graphviz graphviz 2.20.0
graphviz graphviz 2.20.1
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:graphviz:graphviz:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "48ADB706-41AB-48AA-873F-99F42C5E9DB8",
              "versionEndIncluding": "2.20.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:graphviz:graphviz:1.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "04867C7C-03F4-486E-A904-76B92DD2D231",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:graphviz:graphviz:1.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "881EFB0C-B1F9-4BEC-A691-B7E92D55CAA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:graphviz:graphviz:1.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C33A3AE6-C333-4C18-9B1F-D8B9089FF148",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:graphviz:graphviz:1.7.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "52F50133-DBAC-4EFE-856B-13D4236B220B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:graphviz:graphviz:1.7.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "64C3EB33-7B25-455C-BD94-9B86C5D76448",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:graphviz:graphviz:1.7.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA1B8359-D739-4B32-BBDA-26CC8AFD4D65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:graphviz:graphviz:1.7.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EBFA9B1-3312-499E-A45E-A992802996F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:graphviz:graphviz:1.7.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F75D86FD-E9AF-4932-B3D4-2C4BCC559FC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:graphviz:graphviz:1.7.5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "552B1521-AC06-4C20-8A49-752483E20121",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:graphviz:graphviz:1.7.5.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C963327-0114-4016-8BF7-44FBFA97CD80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:graphviz:graphviz:1.7.5_0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B063B6C-AA10-41A3-B982-0B022DB0E596",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:graphviz:graphviz:1.7.5_0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C08EF00E-F5CD-49E8-A4E0-603CEE02F8B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:graphviz:graphviz:1.7.5_0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2A9748D-37DA-4D37-A743-96621FC65437",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:graphviz:graphviz:1.7.16.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E822EF19-28B2-4A84-8C2F-B8065D363A45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:graphviz:graphviz:1.7.16.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "85A2DF81-E5ED-46A3-AEBD-08927B877712",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:graphviz:graphviz:1.8.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "52E70A3F-B326-483D-B0E4-67178A5AB9DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:graphviz:graphviz:1.8.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA51A2D7-8268-4D45-8458-82AD91322569",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:graphviz:graphviz:1.8.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9BAF218-187D-4E4E-B941-451F38C773AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:graphviz:graphviz:1.10_2003-09-15_0415_1:*:*:*:*:*:*:*",
              "matchCriteriaId": "34A7F6BA-B506-42C0-B86E-7A9C19D603CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:graphviz:graphviz:1.10_2003-09-15_0415_2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F93B4CE-92E4-40D0-A44A-01592361EA32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:graphviz:graphviz:1.12.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "350A7BA0-E720-4B95-A9DB-7F06642ABEA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:graphviz:graphviz:1.12.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B12FFD9-A002-4B2D-A7DA-56C6A80F92D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:graphviz:graphviz:1.12.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "47CCA1E6-8581-4DE1-9F61-0CAD41070673",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:graphviz:graphviz:1.14.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "779025D9-B0A4-4289-AE30-D1D5BEDE5AC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:graphviz:graphviz:1.16.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E590CD96-193C-42EE-84FB-E03FFA0101B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:graphviz:graphviz:2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "813BCA94-6788-4E91-8342-78A2566CBA14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:graphviz:graphviz:2.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5B0A716-4F84-4923-9AD0-B2AC2B9BD6F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:graphviz:graphviz:2.2.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F08312F7-9551-4E6B-A9D5-A416ADBCD36F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:graphviz:graphviz:2.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "477565F2-2833-4C4C-BDED-6458D1093B49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:graphviz:graphviz:2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F600528-A3A5-4217-B1E4-9BB965E413A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:graphviz:graphviz:2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "75539435-9CBD-44C6-A440-8A4E622F9352",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:graphviz:graphviz:2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B0BEE5F-DD57-4855-980E-27DB2EBAA48B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:graphviz:graphviz:2.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "E74CB1DA-A055-4A70-A361-789C617C3261",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:graphviz:graphviz:2.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "C090C4CD-CAAC-4BD1-8889-1EC7709D438B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:graphviz:graphviz:2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "A91B224C-9D35-4729-8726-5C33686BAD74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:graphviz:graphviz:2.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "432ED061-0F23-47CF-BDBC-39E81F722C0E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:graphviz:graphviz:2.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A3F6046-5475-44F8-B3EC-20D3FC650264",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:graphviz:graphviz:2.20.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E441704-9E08-440A-BB29-9729FC9BEA90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:graphviz:graphviz:2.20.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9D9F70C-17E1-4901-B11F-A22F415BE6F8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in the push_subg function in parser.y (lib/graph/parser.c) in Graphviz 2.20.2, and possibly earlier versions, allows user-assisted remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a DOT file with a large number of Agraph_t elements."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer en la funci\u00f3n push_subg de parser.y (lib/graph/parser.c) en Graphviz 2.20.2 y posiblemente versiones anteriores, permite a atacantes remotos ayudados por el usuario provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) o ejecutar c\u00f3digo de su elecci\u00f3n mediante un archivo DOT con un n\u00famero grande de elementos Agraph_t."
    }
  ],
  "id": "CVE-2008-4555",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 8.5,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 6.8,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2008-10-14T21:10:35.770",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://bugs.gentoo.org/show_bug.cgi?id=240636"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00012.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://roeehay.blogspot.com/2008/10/graphviz-buffer-overflow-code-execution.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/32186"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/32656"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://security.gentoo.org/glsa/glsa-200811-04.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityreason.com/securityalert/4409"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/497150/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/31648"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45765"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://bugs.gentoo.org/show_bug.cgi?id=240636"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00012.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://roeehay.blogspot.com/2008/10/graphviz-buffer-overflow-code-execution.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/32186"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/32656"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200811-04.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/4409"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/497150/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/31648"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45765"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.