CVE-2008-4555
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2008-4555
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Stack-based buffer overflow in the push_subg function in parser.y (lib/graph/parser.c) in Graphviz 2.20.2, and possibly earlier versions, allows user-assisted remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a DOT file with a large number of Agraph_t elements.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Graphviz图形解析器Agraph_t远程栈溢出漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Graphviz(Graph Visualization Software)是美国AT&T实验室研发的一套用于绘制DOT语言脚本所描述的图形的开源绘图工具。 Graphviz的解析引擎中存在栈溢出漏洞,远程攻击者造成拒绝服务攻击漏洞(内存耗尽)或执行任意代码,利用一个DOT文件的大量Agraph_t属性.
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2008-4555
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2008-4555
请登录查看更多情报信息。
- http://bugs.gentoo.org/show_bug.cgi?id=240636x_refsource_CONFIRM
- http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00012.htmlvendor-advisoryx_refsource_SUSE
- https://nvd.nist.gov/vuln/detail/CVE-2008-4555
Same Patch Batch · n/a · 2008-10-14 · 57 CVEs total
| CVE-2008-4010 | BEA Product Suite组件" WebLogic Workshop "未明安全漏洞 | |
| CVE-2008-4441 | Linksys WAP4400N Marvell无线88W8361P-BEM1芯片组驱动远程拒绝服务漏洞 | |
| CVE-2008-4551 | Linux strongSwan mpz_export()函数远程拒绝服务漏洞 | |
| CVE-2008-4548 | RTS Sentry PTZCamPanelCtrl ActiveX控件ConnectServer()函数远程栈溢出漏洞 | |
| CVE-2008-4547 | dvrstation_cms 'pdvratl.dll' 缓冲区溢出漏洞 | |
| CVE-2008-4552 | nfs-utils软件包hosts_ctl()函数绕过安全限制漏洞 | |
| CVE-2008-4549 | ImageShack Toolbar 'ImageShackToolbar.dll' ActiveX Control 不安全方法漏洞 | |
| CVE-2008-4013 | BEA Product Suite 组件" WebLogic Server "未明安全漏洞 | |
| CVE-2008-4012 | BEA Product Suite 组件" WebLogic Server " 未明安全漏洞 | |
| CVE-2008-4011 | BEA Product Suite 组件" WebLogic Server "未明安全漏洞 | |
| CVE-2008-3639 | Common Unix Printing System 'read_rle16()' 堆溢出漏洞 | |
| CVE-2008-4009 | BEA Product Suite组件"WebLogic Server"未明安全漏洞 | |
| CVE-2008-4008 | BEA Product Suite组件"WebLogic Server Plugins for Apache component"未明安全漏洞 | |
| CVE-2008-4005 | Oracle Database组件"Oracle Application Express"未明安全漏洞 | |
| CVE-2008-4004 | Oracle多个产品组件"JDE EnterpriseOne Business Service Server "未明安全漏洞 | |
| CVE-2008-4003 | Oracle多个产品组件"PeopleTools"未明安全漏洞 | |
| CVE-2008-4002 | Oracle多个产品组件"PeopleTools"未明安全漏洞 | |
| CVE-2008-4001 | Oracle多个产品组件"PeopleSoft Enterprise Portal"未明安全漏洞 | |
| CVE-2008-4000 | Oracle多个产品组件"PeopleTools"未明安全漏洞 | |
| CVE-2008-3998 | Oracle E-Business组件"Oracle iStore"未明安全漏洞 |
Showing top 20 of 57 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
V. Comments for CVE-2008-4555
No comments yet