5

CVE-2013-6425

Integer underflow in the pixman_trapezoid_valid macro in pixman.h in Pixman before 0.32.0, as used in X.Org server and cairo, allows context-dependent attackers to cause a denial of service (crash) via a negative bottom value.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
PixmanPixman Version < 0.32.0
CanonicalUbuntu Linux Version12.04 SwEditionesm
CanonicalUbuntu Linux Version12.10
CanonicalUbuntu Linux Version13.04
CanonicalUbuntu Linux Version13.10
DebianDebian Linux Version6.0
DebianDebian Linux Version7.0
RedhatEnterprise Linux Eus Version6.5
OpensuseOpensuse Version11.4
OpensuseOpensuse Version12.2
OpensuseOpensuse Version12.3
OpensuseOpensuse Version13.1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3% 0.853
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
CWE-191 Integer Underflow (Wrap or Wraparound)

The product subtracts one value from another, such that the result is less than the minimum allowable integer value, which produces a value that is not equal to the correct result.

https://bugs.freedesktop.org/show_bug.cgi?id=67484
Patch
Third Party Advisory
Issue Tracking