Vulnerability Details CVE-2013-1591
Stack-based buffer overflow in libpixman, as used in Pale Moon before 15.4 and possibly other products, has unspecified impact and context-dependent attack vectors. NOTE: this issue might be resultant from an integer overflow in the fast_composite_scaled_bilinear function in pixman-inlines.h, which triggers an infinite loop.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.014
EPSS Ranking 79.5%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
References
- http://cgit.freedesktop.org/pixman/commit/?id=de60e2e0e3eb6084f8f14b63f25b3cbfb012943f
- http://rhn.redhat.com/errata/RHSA-2013-0687.html
- http://rhn.redhat.com/errata/RHSA-2013-0746.html
- http://www.mandriva.com/security/advisories?name=MDVSA-2013:116
- http://www.palemoon.org/releasenotes-ng.shtml
- https://bugzilla.redhat.com/show_bug.cgi?id=910149
- https://support.f5.com/csp/article/K51392553
- https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0077
- http://cgit.freedesktop.org/pixman/commit/?id=de60e2e0e3eb6084f8f14b63f25b3cbfb012943f
- http://rhn.redhat.com/errata/RHSA-2013-0687.html
- http://rhn.redhat.com/errata/RHSA-2013-0746.html
- http://www.mandriva.com/security/advisories?name=MDVSA-2013:116
- http://www.palemoon.org/releasenotes-ng.shtml
- https://bugzilla.redhat.com/show_bug.cgi?id=910149
- https://support.f5.com/csp/article/K51392553
- https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0077
Products affected by CVE-2013-1591
-
cpe:2.3:a:palemoon:pale_moon:11.0
-
cpe:2.3:a:palemoon:pale_moon:11.0.1
-
cpe:2.3:a:palemoon:pale_moon:12.0
-
cpe:2.3:a:palemoon:pale_moon:12.1
-
cpe:2.3:a:palemoon:pale_moon:12.2
-
cpe:2.3:a:palemoon:pale_moon:12.2.1
-
cpe:2.3:a:palemoon:pale_moon:12.3
-
cpe:2.3:a:palemoon:pale_moon:15.0
-
cpe:2.3:a:palemoon:pale_moon:15.1
-
cpe:2.3:a:palemoon:pale_moon:15.1.1
-
cpe:2.3:a:palemoon:pale_moon:15.2
-
cpe:2.3:a:palemoon:pale_moon:15.2.1
-
cpe:2.3:a:palemoon:pale_moon:15.3
-
cpe:2.3:a:palemoon:pale_moon:15.3.1
-
cpe:2.3:a:palemoon:pale_moon:15.3.2
-
cpe:2.3:a:palemoon:pale_moon:4.0
-
cpe:2.3:a:palemoon:pale_moon:4.0.3
-
cpe:2.3:a:palemoon:pale_moon:4.0.5
-
cpe:2.3:a:palemoon:pale_moon:4.0.6
-
cpe:2.3:a:palemoon:pale_moon:4.0.7
-
cpe:2.3:a:palemoon:pale_moon:5.0
-
cpe:2.3:a:palemoon:pale_moon:6.0
-
cpe:2.3:a:palemoon:pale_moon:6.0.2
-
cpe:2.3:a:palemoon:pale_moon:7.0
-
cpe:2.3:a:palemoon:pale_moon:7.0.1
-
cpe:2.3:a:palemoon:pale_moon:9.0
-
cpe:2.3:a:palemoon:pale_moon:9.0.1
-
cpe:2.3:a:palemoon:pale_moon:9.1
-
cpe:2.3:a:palemoon:pale_moon:9.2
-
cpe:2.3:a:redhat:enterprise_virtualization:3.0
-
cpe:2.3:o:redhat:enterprise_linux:6.0