Vulnerability CVE-2013-0800
Published: 2013-04-03

Description:
Integer signedness error in the pixman_fill_sse2 function in pixman-sse2.c in Pixman, as distributed with Cairo and used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to execute arbitrary code via crafted values that trigger attempted use of a (1) negative box boundary or (2) negative box size, leading to an out-of-bounds write operation.

CVSS2 => (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
9.3/10
10/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Pixman -> Pixman 
Mozilla -> Firefox 
Mozilla -> Firefox esr 
Mozilla -> Seamonkey 
Mozilla -> Thunderbird 
Mozilla -> Thunderbird esr 
Cairographics -> Cairo 

 References:
https://bugzilla.mozilla.org/show_bug.cgi?id=825721
http://www.ubuntu.com/usn/USN-1791-1
http://www.mozilla.org/security/announce/2013/mfsa2013-31.html
http://rhn.redhat.com/errata/RHSA-2013-0697.html
http://rhn.redhat.com/errata/RHSA-2013-0696.html
http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00013.html
http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00010.html
http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00009.html
Copyright 2024, cxsecurity.com

 

Back to Top