Peter Valchev

Name of the Vulnerable Software and Affected Versions: Cairo versions prior to 1.4.12 Description: The issue is related to multiple integer overflows that may allow remote attackers to execute arbitrary code. This can be achieved by using a crafted PNG image with large width and height values, which is not properly handled by the `read png` function. Exploitation of this issue can lead to a breach of confidentiality, integrity, and availability of protected information. Recommendations: For versions prior to 1.4.12, update to version 1.4.12 or later to resolve the issue. As a temporary workaround, consider restricting the use of the `read png` function until a patch is available. Avoid using crafted PNG images with large width and height values in the affected function to minimize the risk of exploitation.