Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2014-1528

Source

Mozilla Foundation Security Advisory 2014-41

Out-of-bounds write in Cairo

Announced

April 29, 2014

Reporter

Jukka Jylänki

Impact

High

Products

Firefox, SeaMonkey

Fixed in

Firefox 29
SeaMonkey 2.26

Description

Security researcher Jukka Jylänki reported a crash in the the Cairo graphics library. This happens when Cairo paints out-of-bounds to the destination buffer in the compositing function when working with canvas in certain circumstances. This issue allows malicious web content to cause a potentially exploitable crash.

This issue only affects Firefox 28 and Seamonkey 2.25 on Windows. Earlier versions of both products and installations on Linux and OS X were unaffected

References

crash in sse2_composite_src_x888_8888 (CVE-2014-1528)

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

Out-of-bounds write in Cairo

Out-of-bounds write in Cairo

Description

References

Vulmon Search

About

Products

Connect