CVE-2007-5503
CVE-2007-5503
Multiple integer overflows in Cairo before 1.4.12 might allow remote attackers to execute arbitrary code, as demonstrated using a crafted PNG image with large width and height values, which is not properly handled by the read_png function.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://bugs.gentoo.org/show_bug.cgi?id=200350http://bugs.gentoo.org/show_bug.cgi?id=201860http://gitweb.freedesktop.org/?p=cairo%3Ba=commitdiff%3Bh=5c7d2d14d78e4dfb1ef6d2c40f0910f177e07360http://gitweb.freedesktop.org/?p=cairo%3Ba=commitdiff%3Bh=e49bcde27f88e21d5b8037a0089a226096f6514bhttp://gitweb.freedesktop.org/?p=cairo%3Ba=commitdiff_plain%3Bh=6020f67f1a49cfe3844c4938d4af24c63c8424cc%3Bhp=c79fc9af334fd6f2d1078071d64178125561b187http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.htmlhttp://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.htmlhttp://rhn.redhat.com/errata/RHSA-2007-1078.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=387431http://secunia.com/advisories/27775http://secunia.com/advisories/27819http://secunia.com/advisories/27880