cairo through 1.15.14 has an out-of-bounds stack-memory write during processing of a crafted document by WebKitGTK+ because of the interaction between cairo-rectangular-scan-converter.c (the generate and render_rows functions) and cairo-image-compositor.c (the _cairo_image_spans_and_zero function).
References
Link | Resource |
---|---|
https://gitlab.freedesktop.org/cairo/cairo/issues/341 | Exploit Third Party Advisory |
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2018-10-08T18:00:00
Updated: 2021-02-25T16:06:36
Reserved: 2018-10-08T00:00:00
Link: CVE-2018-18064
JSON object: View
NVD Information
Status : Modified
Published: 2018-10-08T18:29:00.270
Modified: 2023-11-07T02:54:37.580
Link: CVE-2018-18064
JSON object: View
Redhat Information
No data.
CWE