Vulnerability Details CVE-2017-7475
Cairo version 1.15.4 is vulnerable to a NULL pointer dereference related to the FT_Load_Glyph and FT_Render_Glyph resulting in an application crash.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 30.6%
CVSS Severity
CVSS v3 Score 5.5
CVSS v2 Score 4.3
References
- http://seclists.org/oss-sec/2017/q2/151
- https://bugs.freedesktop.org/show_bug.cgi?id=100763
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7475
- https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E
- http://seclists.org/oss-sec/2017/q2/151
- https://bugs.freedesktop.org/show_bug.cgi?id=100763
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7475
- https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E
Products affected by CVE-2017-7475
-
cpe:2.3:a:cairographics:cairo:1.15.4