CVE-2013-0800
Last modified
CVE-2013-0800 is a vulnerability of currently unknown severity. Integer signedness error in the pixman_fill_sse2 function in pixman-sse2.c in Pixman, as distributed with Cairo and used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to execute arbitrary code via crafted values that trigger attempted use of a (1) negative box boundary or (2) negative box size, leading to an out-of-bounds write operation.. EPSS estimates a 3.94% chance of exploitation in the next 30 days.
Description
Integer signedness error in the pixman_fill_sse2 function in pixman-sse2.c in Pixman, as distributed with Cairo and used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to execute arbitrary code via crafted values that trigger attempted use of a (1) negative box boundary or (2) negative box size, leading to an out-of-bounds write operation.
Metrics
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Mozilla | Firefox | < 20.0 | — |
| Mozilla | Firefox | >= 17.0, < 17.0.5 | — |
| Mozilla | Seamonkey | < 2.17 | — |
| Mozilla | Thunderbird | < 17.0.5 | — |
| Mozilla | Thunderbird Esr | >= 17.0, < 17.0.5 | — |
| Debian | Debian Linux | 7.0 | — |
| Canonical | Ubuntu Linux | 10.04 | — |
| Canonical | Ubuntu Linux | 11.10 | — |
| Canonical | Ubuntu Linux | 12.04 | — |
| Canonical | Ubuntu Linux | 12.10 | — |
| Opensuse | Opensuse | 11.4 | — |
| Opensuse | Opensuse | 12.1 | — |
| Opensuse | Opensuse | 12.2 | — |
| Opensuse | Opensuse | 12.3 | — |
| Suse | Linux Enterprise Desktop | 10 | Sp4 |
| Suse | Linux Enterprise Desktop | 11 | Sp2 |
| Suse | Linux Enterprise Server | 10 | Sp4 |
| Suse | Linux Enterprise Server | 11 | Sp1 |
| Suse | Linux Enterprise Software Development Kit | 10 | Sp4 |
| Suse | Linux Enterprise Software Development Kit | 11 | Sp2 |
References
- http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00009.htmlMailing List, Third Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00010.htmlMailing List, Third Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00013.htmlMailing List, Third Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00019.htmlMailing List, Third Party Advisory
- http://lists.opensuse.org/opensuse-updates/2013-06/msg00012.htmlMailing List, Third Party Advisory
- http://www.debian.org/security/2013/dsa-2699Third Party Advisory
- http://www.ubuntu.com/usn/USN-1791-1Third Party Advisory
- https://bugzilla.mozilla.org/show_bug.cgi?id=825721Issue Tracking, Patch, Vendor Advisory
- http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00009.htmlMailing List, Third Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00010.htmlMailing List, Third Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00013.htmlMailing List, Third Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00019.htmlMailing List, Third Party Advisory
- http://lists.opensuse.org/opensuse-updates/2013-06/msg00012.htmlMailing List, Third Party Advisory
- http://www.debian.org/security/2013/dsa-2699Third Party Advisory
- http://www.ubuntu.com/usn/USN-1791-1Third Party Advisory
- https://bugzilla.mozilla.org/show_bug.cgi?id=825721Issue Tracking, Patch, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2013-0800?
How severe is CVE-2013-0800?
How do I fix CVE-2013-0800?
Are you affected by CVE-2013-0800?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST