RSS   Vulnerabilities for 'Pixman'   RSS

2019-07-31
 
CVE-2015-5297

CWE-190
 

 
An integer overflow issue has been reported in the general_composite_rect() function in pixman prior to version 0.32.8. An attacker could exploit this issue to cause an application using pixman to crash or, potentially, execute arbitrary code.

 
2016-04-13
 
CVE-2014-9766

 

 
Integer overflow in the create_bits function in pixman-bits-image.c in Pixman before 0.32.6 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via large height and stride values.

 
2014-01-18
 
CVE-2013-6425

CWE-189
 

 
Integer underflow in the pixman_trapezoid_valid macro in pixman.h in Pixman before 0.32.0, as used in X.Org server and cairo, allows context-dependent attackers to cause a denial of service (crash) via a negative bottom value.

 
2013-04-03
 
CVE-2013-0800

 

 
Integer signedness error in the pixman_fill_sse2 function in pixman-sse2.c in Pixman, as distributed with Cairo and used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to execute arbitrary code via crafted values that trigger attempted use of a (1) negative box boundary or (2) negative box size, leading to an out-of-bounds write operation.

 


Copyright 2024, cxsecurity.com

 

Back to Top