PT-2014-6293 · Cairo +1 · Cairo +1
Osanda
·
Published
2014-07-29
·
Updated
2023-01-06
·
CVE-2014-5116
CVSS v2.0
5.0
5.0
Medium
| Base vector | Vector | AV:N/AC:L/Au:N/C:N/I:N/A:P |
Name of the Vulnerable Software and Affected Versions:
Cairo version 1.10.2
Description:
The issue allows context-dependent attackers to cause a denial of service, specifically a NULL pointer dereference, via a large string. This is related to the `cairo image surface get data` function.
Recommendations:
For Cairo version 1.10.2, update to a newer version to mitigate the risk, as the `cairo image surface get data` function is vulnerable to a NULL pointer dereference.
Exploit
Fix
Related Identifiers
ALT-PU-2014-2282
ALT-PU-2023-1002
ALT-PU-2023-1010
CVE-2014-5116
Affected Products
Alt Linux
Cairo
References · 25
- 🔥 https://exploit-db.com/exploits/33384 · Exploit
- 🔥 http://exploit-db.com/exploits/33384 · Exploit
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5116 · Security Note
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18064 · Security Note
- https://errata.altlinux.org/ALT-PU-2014-2282 · Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2014-5116 · Security Note
- https://bdu.fstec.ru/vul/2016-01641 · Security Note
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35492 · Security Note
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7475 · Security Note
- https://errata.altlinux.org/ALT-PU-2023-1002 · Vendor Advisory
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3190 · Security Note
- https://errata.altlinux.org/ALT-PU-2023-1010 · Vendor Advisory
- https://osv.dev/vulnerability/UBUNTU-CVE-2014-5116 · Vendor Advisory
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9082 · Security Note
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9814 · Security Note