CVE-2018-18064

Published: 08/10/2018 Updated: 07/11/2023

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 384

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

cairo up to and including 1.15.14 has an out-of-bounds stack-memory write during processing of a crafted document by WebKitGTK+ because of the interaction between cairo-rectangular-scan-converter.c (the generate and render_rows functions) and cairo-image-compositor.c (the _cairo_image_spans_and_zero function).

Vulnerable Product	Search on Vulmon	Subscribe to Product
cairographics cairo

Debian Bug report logs - #916083 cairo: CVE-2018-18064: Out of bound memset in libcairo result in stack buffer overflow Package: src:cairo; Maintainer for src:cairo is Debian GNOME Maintainers <pkg-gnome-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sun, 9 Dec 2018 ...

cairo through 11514 has an out-of-bounds stack-memory write during processing of a crafted document by WebKitGTK+ because of the interaction between cairo-rectangular-scan-converterc (the generate and render_rows functions) and cairo-image-compositorc (the _cairo_image_spans_and_zero function) ...

CWE-787 https://gitlab.freedesktop.org/cairo/cairo/issues/341 https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916083 https://nvd.nist.gov

CVE-2018-18064

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect