Format String Vulnerability in Graphviz yyerror Function

CVE-2014-9157 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Format string vulnerability in the yyerror function in lib/cgraph/scan.l in Graphviz allows remote attackers to have unspecified impact via format string specifiers in unknown vectors, which are not properly handled in an error string.

Learn more about our Web Application Penetration Testing UK.