Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2013-0800

Source

Mozilla Foundation Security Advisory 2013-31

Out-of-bounds write in Cairo library

Announced

April 2, 2013

Reporter

Abhishek Arya

Impact

High

Products

Firefox, Firefox ESR, SeaMonkey, Thunderbird, Thunderbird ESR

Fixed in

Firefox 20
Firefox ESR 17.0.5
SeaMonkey 2.17
Thunderbird 17.0.5
Thunderbird ESR 17.0.5

Description

Security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team used the Address Sanitizer tool to discover an out-of-bounds write in Cairo graphics library. When certain values are passed to it during rendering, Cairo attempts to use negative boundaries or sizes for boxes, leading to a potentially exploitable crash in some instances.

References

OOB Write in pixman_fill_sse2 (CVE-2013-0800)

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

Out-of-bounds write in Cairo library

Out-of-bounds write in Cairo library

Description

References

Vulmon Search

About

Products

Connect