Veracode Vulnerability DatabaseVERACODE:11358Denial Of Service (DoS)
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.007 Low
EPSS
Percentile
79.9%
pixman is vulnerable to denial of service (DoS) attacks. The vulnerability exists as adding additional products per http://rhn.redhat.com/errata/RHSA-2013-0687.html Red Hat Enterprise Linux 6 http://rhn.redhat.com/errata/RHSA-2013-0746.html Red Hat Enterprise Virtualization 3Stack-based buffer overflow in libpixman, as used in Pale Moon before 15.4 and possibly other products, has unspecified impact and context-dependent attack vectors. NOTE: this issue might be resultant from an integer overflow in the fast_composite_scaled_bilinear function in pixman-inlines.h, which triggers an infinite loop.
| CPE | Name | Operator | Version |
|---|---|---|---|
| pixman | eq | 0.18.4__1.el6_0.1 | |
| pixman | eq | 0.26.2__4.el6 | |
| pixman | eq | 0.16.6__1.el6 |
References
cgit.freedesktop.org/pixman/commit/?id=de60e2e0e3eb6084f8f14b63f25b3cbfb012943f
rhn.redhat.com/errata/RHSA-2013-0687.html
rhn.redhat.com/errata/RHSA-2013-0746.html
www.mandriva.com/security/advisories?name=MDVSA-2013:116
www.palemoon.org/releasenotes-ng.shtml
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=910149
rhn.redhat.com/errata/RHSA-2013-0687.html
support.f5.com/csp/article/K51392553
wiki.mageia.org/en/Support/Advisories/MGASA-2013-0077
Related
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.007 Low
EPSS
Percentile
79.9%