CVE-2013-1591

Опубликовано: 31 янв. 2013

Источник: nvd

CVSS3: 9.8

CVSS2: 10

EPSS Низкий

Описание

Stack-based buffer overflow in libpixman, as used in Pale Moon before 15.4 and possibly other products, has unspecified impact and context-dependent attack vectors. NOTE: this issue might be resultant from an integer overflow in the fast_composite_scaled_bilinear function in pixman-inlines.h, which triggers an infinite loop.

Комментарий

Adding additional products per

http://rhn.redhat.com/errata/RHSA-2013-0687.html

Red Hat Enterprise Linux 6

http://rhn.redhat.com/errata/RHSA-2013-0746.html

Red Hat Enterprise Virtualization 3

Ссылки

http://cgit.freedesktop.org/pixman/commit/?id=de60e2e0e3eb6084f8f14b63f25b3cbfb012943f
Mailing List
Patch
http://rhn.redhat.com/errata/RHSA-2013-0687.html
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2013-0746.html
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2013:116
Broken Link
http://www.palemoon.org/releasenotes-ng.shtml
Broken Link
https://bugzilla.redhat.com/show_bug.cgi?id=910149
Exploit
Issue Tracking
Patch
https://support.f5.com/csp/article/K51392553
Third Party Advisory
https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0077
Third Party Advisory
http://cgit.freedesktop.org/pixman/commit/?id=de60e2e0e3eb6084f8f14b63f25b3cbfb012943f
Mailing List
Patch
http://rhn.redhat.com/errata/RHSA-2013-0687.html
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2013-0746.html
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2013:116
Broken Link
http://www.palemoon.org/releasenotes-ng.shtml
Broken Link
https://bugzilla.redhat.com/show_bug.cgi?id=910149
Exploit
Issue Tracking
Patch
https://support.f5.com/csp/article/K51392553
Third Party Advisory
https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0077
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:redhat:enterprise_virtualization:3.0:*:*:*:*:*:*:*

Конфигурация 2

cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*

Конфигурация 3

cpe:2.3:a:palemoon:pale_moon:*:*:*:*:*:*:*:*

Версия до 15.4 (исключая)

EPSS

Процентиль: 80%

0.01394

Низкий

9.8 Critical

CVSS3

10 Critical

CVSS2

Дефекты

CWE-190

Связанные уязвимости

CVE-2013-1591

CVSS3: 9.8

ubuntu

больше 12 лет назад

CVE-2013-1591

redhat

почти 13 лет назад

CVE-2013-1591

CVSS3: 9.8

debian

больше 12 лет назад

Stack-based buffer overflow in libpixman, as used in Pale Moon before ...

GHSA-7rw2-cfj2-g8vr

CVSS3: 9.8

github

больше 3 лет назад

ELSA-2013-0687

oracle-oval

больше 12 лет назад

ELSA-2013-0687: pixman security update (MODERATE)

EPSS

Процентиль: 80%

0.01394

Низкий

9.8 Critical

CVSS3

10 Critical

CVSS2

Дефекты

CWE-190