CVE-2013-1591

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2013-1591
Stack-based buffer overflow in libpixman, as used in Pale Moon before 15.4 and possibly other products, has unspecified impact and context-dependent attack vectors. NOTE: this issue might be resultant from an integer overflow in the fast_composite_scaled_bilinear function in pixman-inlines.h, which triggers an infinite loop.

10.0 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References
Link Resource
http://www.palemoon.org/releasenotes-ng.shtml
https://bugzilla.redhat.com/show_bug.cgi?id=910149 Exploit Patch
http://rhn.redhat.com/errata/RHSA-2013-0746.html Vendor Advisory
http://cgit.freedesktop.org/pixman/commit/?id=de60e2e0e3eb6084f8f14b63f25b3cbfb012943f Exploit Patch
http://rhn.redhat.com/errata/RHSA-2013-0687.html Vendor Advisory
https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0077
http://www.mandriva.com/security/advisories?name=MDVSA-2013:116
https://support.f5.com/csp/article/K51392553
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

cpe:2.3:a:redhat:enterprise_virtualization:3.0:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:a:palemoon:pale_moon:4.0.5:*:*:*:*:*:*:*
cpe:2.3:a:palemoon:pale_moon:4.0.6:*:*:*:*:*:*:*
cpe:2.3:a:palemoon:pale_moon:5.0:*:*:*:*:*:*:*
cpe:2.3:a:palemoon:pale_moon:6.0:*:*:*:*:*:*:*
cpe:2.3:a:palemoon:pale_moon:9.2:*:*:*:*:*:*:*
cpe:2.3:a:palemoon:pale_moon:11.0:*:*:*:*:*:*:*
cpe:2.3:a:palemoon:pale_moon:11.0.1:*:*:*:*:*:*:*
cpe:2.3:a:palemoon:pale_moon:15.0:*:*:*:*:*:*:*
cpe:2.3:a:palemoon:pale_moon:15.1:*:*:*:*:*:*:*
cpe:2.3:a:palemoon:pale_moon:7.0.1:*:*:*:*:*:*:*
cpe:2.3:a:palemoon:pale_moon:9.0:*:*:*:*:*:*:*
cpe:2.3:a:palemoon:pale_moon:15.3.1:*:*:*:*:*:*:*
cpe:2.3:a:palemoon:pale_moon:15.2.1:*:*:*:*:*:*:*
cpe:2.3:a:palemoon:pale_moon:7.0:*:*:*:*:*:*:*
cpe:2.3:a:palemoon:pale_moon:12.2.1:*:*:*:*:*:*:*
cpe:2.3:a:palemoon:pale_moon:4.0.3:*:*:*:*:*:*:*
cpe:2.3:a:palemoon:pale_moon:6.0.2:*:*:*:*:*:*:*
cpe:2.3:a:palemoon:pale_moon:12.3:*:*:*:*:*:*:*
cpe:2.3:a:palemoon:pale_moon:9.0.1:*:*:*:*:*:*:*
cpe:2.3:a:palemoon:pale_moon:15.1.1:*:*:*:*:*:*:*
cpe:2.3:a:palemoon:pale_moon:4.0.7:*:*:*:*:*:*:*
cpe:2.3:a:palemoon:pale_moon:*:*:*:*:*:*:*:*
cpe:2.3:a:palemoon:pale_moon:12.2:*:*:*:*:*:*:*
cpe:2.3:a:palemoon:pale_moon:12.3:r2:*:*:*:*:*:*
cpe:2.3:a:palemoon:pale_moon:15.3:*:*:*:*:*:*:*
cpe:2.3:a:palemoon:pale_moon:12.0:*:*:*:*:*:*:*
cpe:2.3:a:palemoon:pale_moon:15.2:*:*:*:*:*:*:*
cpe:2.3:a:palemoon:pale_moon:4.0:*:*:*:*:*:*:*
cpe:2.3:a:palemoon:pale_moon:12.1:*:*:*:*:*:*:*
cpe:2.3:a:palemoon:pale_moon:9.1:*:*:*:*:*:*:*
Information

Published : 2013-01-31 15:55

Updated : 2019-05-22 06:29

NVD link : CVE-2013-1591

Mitre link : CVE-2013-1591

JSON object : View

CWE
CWE-189

Numeric Errors

Advertisement

dedicated server usa
Products Affected

palemoon

  • pale_moon

redhat

  • enterprise_virtualization
  • enterprise_linux