Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
383
VMScore

CVE-2017-7475

Published: 19/05/2017 Updated: 12/02/2023
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Subscribe to Cairographics

Vulnerability Summary

Cairo version 1.15.4 is vulnerable to a NULL pointer dereference related to the FT_Load_Glyph and FT_Render_Glyph resulting in an application crash.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

cairographics cairo 1.15.4

Vendor Advisories

Debian CVElist Bug Report Logs: cairo: CVE-2017-7475: NULL pointer dereference with a crafted font file
Debian Bug report logs - #870264 cairo: CVE-2017-7475: NULL pointer dereference with a crafted font file Package: src:cairo; Maintainer for src:cairo is Debian GNOME Maintainers <pkg-gnome-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 31 Jul 2017 12:24:02 UTC S ...
Red Hat: CVE-2017-7475
Cairo version 1154 is vulnerable to a NULL pointer dereference related to the FT_Load_Glyph and FT_Render_Glyph resulting in an application crash ...
Arch Linux Issues:
Cairo is vulnerable to a NULL pointer dereference related to the FT_Load_Glyph and FT_Render_Glyph resulting in an application crash ...

Github Repositories

https://github.com/facebookincubator/meta-fbvuln

OpenEmbedded meta-layer that allows producing a vulnerability manifest alongside a Yocto build. The produced manifest is suitable for ongoing vulnerability scanning of fielded software.

meta-fbvuln An OpenEmbedded layer containing a class for collecting vulnerability management metadata for continuous vulnerability scanning of target images The processing performed by this class is derived from the cve-checkbbclass in oe-core Usage Add this layer to your bblayersconf: echo 'BBLAYERS += "/path/to/meta-fbvuln"' >> conf/bblay

References

CWE-476https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7475https://bugs.freedesktop.org/show_bug.cgi?id=100763http://seclists.org/oss-sec/2017/q2/151https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3Ehttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870264https://nvd.nist.govhttps://github.com/facebookincubator/meta-fbvulnhttps://access.redhat.com/security/cve/cve-2017-7475https://security.archlinux.org/CVE-2017-7475
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895blind SQL injectionCVE-2024-5064CVE-2023-52677CVE-2023-52682CVE-2024-30051CVE-2024-35849remote attackersremote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook