CVE-2007-5503

Published: Nov 30, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

Multiple integer overflows in Cairo before 1.4.12 might allow remote attackers to execute arbitrary code, as demonstrated using a crafted PNG image with large width and height values, which is not properly handled by the read_png function.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://issues.rpath.com/browse/RPL-1966

x_refsource_CONFIRM

USN-550-2

vendor-advisory

x_refsource_UBUNTU

GLSA-201209-25

vendor-advisory

x_refsource_GENTOO

http://www.vmware.com/security/advisories/VMSA-2008-0014.html

x_refsource_CONFIRM

28529

third-party-advisory

x_refsource_SECUNIA

28555

third-party-advisory

x_refsource_SECUNIA

27985

third-party-advisory

x_refsource_SECUNIA

27880

third-party-advisory

x_refsource_SECUNIA

http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0015

x_refsource_CONFIRM

https://bugzilla.redhat.com/show_bug.cgi?id=387431

x_refsource_CONFIRM

SSA:2007-337-01

vendor-advisory

x_refsource_SLACKWARE

http://gitweb.freedesktop.org/?p=cairo%3Ba=commitdiff%3Bh=e49bcde27f88e21d5b8037a0089a226096f6514b

x_refsource_CONFIRM

DSA-1542

vendor-advisory

x_refsource_DEBIAN

28289

third-party-advisory

x_refsource_SECUNIA

http://www.vmware.com/support/server/doc/releasenotes_server.html

x_refsource_CONFIRM

28476

third-party-advisory

x_refsource_SECUNIA

27887

third-party-advisory

x_refsource_SECUNIA

http://bugs.gentoo.org/show_bug.cgi?id=201860

x_refsource_MISC

26650

vdb-entry

x_refsource_BID

cario-readpng-bo(38771)

vdb-entry

x_refsource_XF

http://www.vmware.com/support/player2/doc/releasenotes_player2.html

x_refsource_CONFIRM

GLSA-200712-24

vendor-advisory

x_refsource_GENTOO

MDVSA-2008:019

vendor-advisory

x_refsource_MANDRIVA

27819

third-party-advisory

x_refsource_SECUNIA

USN-550-1

vendor-advisory

x_refsource_UBUNTU

http://bugs.gentoo.org/show_bug.cgi?id=200350

x_refsource_CONFIRM

FEDORA-2007-3818

vendor-advisory

x_refsource_FEDORA

GLSA-200712-04

vendor-advisory

x_refsource_GENTOO

http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html

x_refsource_CONFIRM

ADV-2007-4045

vdb-entry

x_refsource_VUPEN

20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.

mailing-list

x_refsource_BUGTRAQ

31711

third-party-advisory

x_refsource_SECUNIA

http://gitweb.freedesktop.org/?p=cairo%3Ba=commitdiff_plain%3Bh=6020f67f1a49cfe3844c4938d4af24c63c8424cc%3Bhp=c79fc9af334fd6f2d1078071d64178125561b187

x_refsource_CONFIRM

http://gitweb.freedesktop.org/?p=cairo%3Ba=commitdiff%3Bh=5c7d2d14d78e4dfb1ef6d2c40f0910f177e07360

x_refsource_CONFIRM

20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.

mailing-list

x_refsource_FULLDISC

31707

third-party-advisory

x_refsource_SECUNIA

oval:org.mitre.oval:def:11251

vdb-entry

signature

x_refsource_OVAL

1019027

vdb-entry

x_refsource_SECTRACK

28838

third-party-advisory

x_refsource_SECUNIA

27775

third-party-advisory

x_refsource_SECUNIA

SUSE-SR:2008:003

vendor-advisory

x_refsource_SUSE

29767

third-party-advisory

x_refsource_SECUNIA

20080115 rPSA-2008-0015-1 cairo

mailing-list

x_refsource_BUGTRAQ

RHSA-2007:1078

vendor-advisory

x_refsource_REDHAT

ADV-2008-2466

vdb-entry

x_refsource_VUPEN

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2007-5503

Description

Affected Products

References