The fill_xrgb32_lerp_opaque_spans function in cairo-image-compositor.c in cairo prior to 1.14.2 allows remote malicious users to cause a denial of service (out-of-bounds read and application crash) via a negative span length.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
opensuse opensuse 13.2 |
||
cairographics cairo |