Cairo up to 1.15.14 WebKitGTK+ cairo-rectangular-scan-converter.c _cairo_image_spans_and_zero memory corruption

entryeditHistoryDiffjsonxmlCTI

A vulnerability classified as critical was found in Cairo up to 1.15.14. Affected by this vulnerability is the function _cairo_image_spans_and_zero of the file cairo-rectangular-scan-converter.c of the component WebKitGTK+. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Field10/09/2018 08:36 AM03/31/2020 04:51 PM
cvss3_nvd_prNN
cvss3_nvd_uiRR
cvss3_nvd_sUU
cvss3_nvd_cNN
cvss3_nvd_iNN
cvss3_nvd_aHH
date1538949600 (10/08/2018)1538949600 (10/08/2018)
urlhttps://gitlab.freedesktop.org/cairo/cairo/issues/341https://gitlab.freedesktop.org/cairo/cairo/issues/341
price_0day$0-$5k$0-$5k
cveCVE-2018-18064CVE-2018-18064
cve_assigned15389496001538949600
cve_nvd_published15389568001538956800
cve_nvd_summarycairo through 1.15.14 has an out-of-bounds stack-memory write during processing of a crafted document by WebKitGTK+ because of the interaction between cairo-rectangular-scan-converter.c (the generate and render_rows functions) and cairo-image-compositor.c (the _cairo_image_spans_and_zero function).cairo through 1.15.14 has an out-of-bounds stack-memory write during processing of a crafted document by WebKitGTK+ because of the interaction between cairo-rectangular-scan-converter.c (the generate and render_rows functions) and cairo-image-compositor.c (the _cairo_image_spans_and_zero function).
locationWebsiteWebsite
cvss2_vuldb_eNDND
cvss2_vuldb_rlNDND
cvss2_vuldb_rcNDND
cvss3_vuldb_eXX
cvss3_vuldb_rlXX
cvss3_vuldb_rcXX
cvss3_nvd_basescore6.56.5
nameCairoCairo
version<=1.15.14<=1.15.14
componentWebKitGTK+WebKitGTK+
filecairo-rectangular-scan-converter.ccairo-rectangular-scan-converter.c
function_cairo_image_spans_and_zero_cairo_image_spans_and_zero
cwe119 (memory corruption)119 (memory corruption)
risk22
cvss2_vuldb_basescore6.86.8
cvss2_vuldb_tempscore6.86.8
cvss2_vuldb_avNN
cvss2_vuldb_acMM
cvss2_vuldb_auNN
cvss2_vuldb_ciPP
cvss2_vuldb_iiPP
cvss2_vuldb_aiPP
cvss2_nvd_avNN
cvss2_nvd_acMM
cvss2_nvd_auNN
cvss2_nvd_ciNN
cvss2_nvd_iiNN
cvss2_nvd_aiPP
cvss3_meta_basescore6.46.4
cvss3_meta_tempscore6.46.4
cvss3_vuldb_basescore6.36.3
cvss3_vuldb_tempscore6.36.3
cvss3_vuldb_avNN
cvss3_vuldb_acLL
cvss3_vuldb_prNN
cvss3_vuldb_uiRR
cvss3_vuldb_sUU
cvss3_vuldb_cLL
cvss3_vuldb_iLL
cvss3_vuldb_aLL
cvss3_nvd_avNN
cvss3_nvd_acLL
discoverydate1538956800

Want to stay up to date on a daily basis?

Enable the mail alert feature now!