QwikSec

Security Database

CVE

CWE

Training

CVE-2013-0800

Published: Apr 3, 2013

Modified: Aug 6, 2024

PUBLISHED

Description

Integer signedness error in the pixman_fill_sse2 function in pixman-sse2.c in Pixman, as distributed with Cairo and used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to execute arbitrary code via crafted values that trigger attempted use of a (1) negative box boundary or (2) negative box size, leading to an out-of-bounds write operation.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

SUSE-SU-2013:0850

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_UBUNTU

vendor-advisory

x_refsource_DEBIAN

openSUSE-SU-2013:0630

vendor-advisory

x_refsource_SUSE

http://www.mozilla.org/security/announce/2013/mfsa2013-31.html

x_refsource_CONFIRM

vendor-advisory

x_refsource_REDHAT

https://bugzilla.mozilla.org/show_bug.cgi?id=825721

x_refsource_CONFIRM

openSUSE-SU-2013:0631

vendor-advisory

x_refsource_SUSE

oval:org.mitre.oval:def:16909

vdb-entry

signature

x_refsource_OVAL

vendor-advisory

x_refsource_REDHAT

SUSE-SU-2013:0645

vendor-advisory

x_refsource_SUSE

openSUSE-SU-2013:0875

vendor-advisory

x_refsource_SUSE

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.