Denial of Service Vulnerability in Cairo by FreeDesktop
CVE-2017-7475

5.5MEDIUM

Key Information:

Vendor

Red Hat
Status
Cairo
Vendor
CVE Published:
19 May 2017

What is CVE-2017-7475?

Cairo version 1.15.4 is impacted by a vulnerability that allows an attacker to exploit a NULL pointer dereference, specifically during the operations of FT_Load_Glyph and FT_Render_Glyph. This could lead to a denial of service condition, causing the application to crash unexpectedly. Users of this version are advised to apply necessary updates and security patches to mitigate this issue.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Cairo 1.15.4

References

https://bugs.freedesktop.org/show_bug.cgi?id=100763
x_refsource_MISC
http://seclists.org/oss-sec/2017/q2/151
mailing-listx_refsource_MLIST
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7475
x_refsource_MISC

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.