Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : libcairo vulnerability (USN-550-1)

Peter Valchev discovered that Cairo did not correctly decode PNG image data. By tricking a user or automated system into processing a specially crafted PNG with Cairo, a remote attacker could execute arbitrary code with user privileges. Note that Tenable Network Security has extracted the precedi...

Ubuntu 5.10 : libcairo vulnerability (USN-265-1)

When rendering glyphs, the cairo graphics rendering library did not check the maximum length of character strings. A request to display an excessively long string with cairo caused a program crash due to an X library error. Mike Davis discovered that this could be turned into a Denial of Service...

Mandrake Linux Security Advisory : cairo (MDKSA-2006:057)

GNOME Evolution allows remote attackers to cause a denial of service persistent client crash via an attached text file that contains 'Content-Disposition: inline' in the header, and a very long line in the body, which causes the client to repeatedly crash until the e-mail message is manually...

CVE-2006-0528

The CVE-2006-0528 entry concerns the cairo library (libcairo) used by GNOME Evolution. Affected component: cairo rendering of email attachments. Root cause: parsing an attachment with a header containing "Content-Disposition: inline" and a very long body line can trigger repeated client crashes, ...