Published: 18/01/2014 Updated: 13/02/2023

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Integer underflow in the pixman_trapezoid_valid macro in pixman.h in Pixman prior to 0.32.0, as used in X.Org server and cairo, allows context-dependent malicious users to cause a denial of service (crash) via a negative bottom value.

Vulnerable Product	Search on Vulmon	Subscribe to Product
pixman pixman
canonical ubuntu linux 13.04
canonical ubuntu linux 13.10
canonical ubuntu linux 12.10
canonical ubuntu linux 12.04
debian debian linux 7.0
debian debian linux 6.0
redhat enterprise linux server 5.0
redhat enterprise linux workstation 5.0
redhat enterprise linux server aus 6.5
redhat enterprise linux server tus 6.5
redhat enterprise linux desktop 6.0
redhat enterprise linux server 6.0
redhat enterprise linux workstation 6.0
redhat enterprise linux desktop 5.0
redhat enterprise linux eus 6.5
opensuse opensuse 12.3
opensuse opensuse 11.4
opensuse opensuse 12.2
opensuse opensuse 13.1

Synopsis Important: pixman security update Type/Severity Security Advisory: Important Topic Updated pixman packages that fix one security issue are now available forRed Hat Enterprise Linux 5 and 6The Red Hat Security Response Team has rated this update as having important security impact A Common Vulnera ...

Bryan Quigley discovered an integer underflow in Pixman which could lead to denial of service or the execution of arbitrary code For the oldstable distribution (squeeze), this problem has been fixed in version 0164-1+deb6u1 For the stable distribution (wheezy), this problem has been fixed in version 0260-4+deb7u1 For the unstable distributio ...

An integer overflow, which led to a heap-based buffer overflow, was found in the way pixman handled trapezoids If a remote attacker could trick an application using pixman into rendering a trapezoid shape with specially crafted coordinates, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the us ...

Integer underflow in the pixman_trapezoid_valid macro in pixmanh in Pixman before 0320, as used in XOrg server and cairo, allows context-dependent attackers to cause a denial of service (crash) via a negative bottom value ...

CWE-191 http://www.openwall.com/lists/oss-security/2013/12/03/8 http://www.openwall.com/lists/oss-security/2013/12/04/8 https://bugs.launchpad.net/ubuntu/+source/xorg-server/+bug/1197921 https://bugs.freedesktop.org/show_bug.cgi?id=67484 http://lists.freedesktop.org/archives/pixman/2013-November/003109.html http://www.ubuntu.com/usn/USN-2047-1 http://cgit.freedesktop.org/pixman/commit/?id=5e14da97f16e421d084a9e735be21b1025150f0c http://www.debian.org/security/2013/dsa-2823 http://rhn.redhat.com/errata/RHSA-2013-1869.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00008.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00005.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00001.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00097.html https://access.redhat.com/errata/RHSA-2013:1869 https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2013-6425 https://www.debian.org/security/./dsa-2823

CVE-2013-6425

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect