Описание
cairo-truetype-subset.c in cairo 1.15.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) because of mishandling of an unexpected malloc(0) call.
Ссылки
- Mailing ListThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
- Third Party Advisory
- Mailing ListThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.15.6 (включая)
cpe:2.3:a:cairographics:cairo:*:*:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
EPSS
Процентиль: 57%
0.00358
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-125
Связанные уязвимости
CVSS3: 7.5
ubuntu
больше 8 лет назад
cairo-truetype-subset.c in cairo 1.15.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) because of mishandling of an unexpected malloc(0) call.
CVSS3: 3.3
redhat
больше 8 лет назад
cairo-truetype-subset.c in cairo 1.15.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) because of mishandling of an unexpected malloc(0) call.
CVSS3: 7.5
debian
больше 8 лет назад
cairo-truetype-subset.c in cairo 1.15.6 and earlier allows remote atta ...
EPSS
Процентиль: 57%
0.00358
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-125