CVE-2013-1591

Published: 31 January 2013

Stack-based buffer overflow in libpixman, as used in Pale Moon before 15.4 and possibly other products, has unspecified impact and context-dependent attack vectors. NOTE: this issue might be resultant from an integer overflow in the fast_composite_scaled_bilinear function in pixman-inlines.h, which triggers an infinite loop.

Priority

Low

Status

Package Release Status
pixman
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 16.04 ESM (Xenial Xerus) Not vulnerable
(0.28.2-0ubuntu1)
Ubuntu 14.04 ESM (Trusty Tahr) Not vulnerable
(0.28.2-0ubuntu1)
Patches:
Upstream: http://cgit.freedesktop.org/pixman/commit/?id=de60e2e0e3eb6084f8f14b63f25b3cbfb012943f
This vulnerability is mitigated in part by the use of gcc's stack protector in Ubuntu.