CVE-2013-0800

Name of the Vulnerable Software and Affected Versions Pixman versions prior to the version included in Firefox 20.0 Mozilla Firefox versions prior to 20.0 Firefox ESR 17.x versions prior to 17.0.5 Thunderbird versions prior to 17.0.5 Thunderbird ESR 17.x versions prior to 17.0.5 SeaMonkey versions prior to 2.17

Description The issue is caused by an integer signedness error in the pixman fill sse2 function in pixman-sse2.c in Pixman. This error allows remote attackers to execute arbitrary code via crafted values that trigger attempted use of a negative box boundary or negative box size, leading to an out-of-bounds write operation.

Recommendations For Mozilla Firefox versions prior to 20.0, update to version 20.0 or later. For Firefox ESR 17.x versions prior to 17.0.5, update to version 17.0.5 or later. For Thunderbird versions prior to 17.0.5, update to version 17.0.5 or later. For Thunderbird ESR 17.x versions prior to 17.0.5, update to version 17.0.5 or later. For SeaMonkey versions prior to 2.17, update to version 2.17 or later. As a temporary workaround, consider disabling the pixman fill sse2 function until a patch is available.