Out-of-Bounds Stack-Memory Write Vulnerability in Cairo through 1.15.14

Out-of-Bounds Stack-Memory Write Vulnerability in Cairo through 1.15.14

CVE-2018-18064 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

cairo through 1.15.14 has an out-of-bounds stack-memory write during processing of a crafted document by WebKitGTK+ because of the interaction between cairo-rectangular-scan-converter.c (the generate and render_rows functions) and cairo-image-compositor.c (the _cairo_image_spans_and_zero function).

Learn more about our Web App Pen Testing.