Search

Find a vulnerability

Search criteria

    2 vulnerabilities by The pixman Project

    CVE-2015-5297 (GCVE-0-2015-5297)

    Vulnerability from nvd – Published: 2019-07-31 22:03 – Updated: 2024-08-06 06:41
    VLAI
    Summary
    An integer overflow issue has been reported in the general_composite_rect() function in pixman prior to version 0.32.8. An attacker could exploit this issue to cause an application using pixman to crash or, potentially, execute arbitrary code.
    CWE
    Assigner
    References
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T06:41:09.351Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-5297"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://bugs.freedesktop.org/show_bug.cgi?id=92027"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "pixman",
              "vendor": "The pixman Project",
              "versions": [
                {
                  "status": "affected",
                  "version": "0.32.8"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An integer overflow issue has been reported in the general_composite_rect() function in pixman prior to version 0.32.8. An attacker could exploit this issue to cause an application using pixman to crash or, potentially, execute arbitrary code."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-190",
                  "description": "CWE-190",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-07-31T22:03:56.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-5297"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://bugs.freedesktop.org/show_bug.cgi?id=92027"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert@redhat.com",
              "ID": "CVE-2015-5297",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "pixman",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "0.32.8"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "The pixman Project"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An integer overflow issue has been reported in the general_composite_rect() function in pixman prior to version 0.32.8. An attacker could exploit this issue to cause an application using pixman to crash or, potentially, execute arbitrary code."
                }
              ]
            },
            "impact": {
              "cvss": [
                [
                  {
                    "vectorString": "6.7/CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
                    "version": "3.0"
                  }
                ]
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-190"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-5297",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-5297"
                },
                {
                  "name": "https://bugs.freedesktop.org/show_bug.cgi?id=92027",
                  "refsource": "MISC",
                  "url": "https://bugs.freedesktop.org/show_bug.cgi?id=92027"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2015-5297",
        "datePublished": "2019-07-31T22:03:56.000Z",
        "dateReserved": "2015-07-01T00:00:00.000Z",
        "dateUpdated": "2024-08-06T06:41:09.351Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2015-5297 (GCVE-0-2015-5297)

    Vulnerability from cvelistv5 – Published: 2019-07-31 22:03 – Updated: 2024-08-06 06:41
    VLAI
    Summary
    An integer overflow issue has been reported in the general_composite_rect() function in pixman prior to version 0.32.8. An attacker could exploit this issue to cause an application using pixman to crash or, potentially, execute arbitrary code.
    CWE
    Assigner
    References
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T06:41:09.351Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-5297"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://bugs.freedesktop.org/show_bug.cgi?id=92027"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "pixman",
              "vendor": "The pixman Project",
              "versions": [
                {
                  "status": "affected",
                  "version": "0.32.8"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An integer overflow issue has been reported in the general_composite_rect() function in pixman prior to version 0.32.8. An attacker could exploit this issue to cause an application using pixman to crash or, potentially, execute arbitrary code."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-190",
                  "description": "CWE-190",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-07-31T22:03:56.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-5297"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://bugs.freedesktop.org/show_bug.cgi?id=92027"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert@redhat.com",
              "ID": "CVE-2015-5297",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "pixman",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "0.32.8"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "The pixman Project"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An integer overflow issue has been reported in the general_composite_rect() function in pixman prior to version 0.32.8. An attacker could exploit this issue to cause an application using pixman to crash or, potentially, execute arbitrary code."
                }
              ]
            },
            "impact": {
              "cvss": [
                [
                  {
                    "vectorString": "6.7/CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
                    "version": "3.0"
                  }
                ]
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-190"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-5297",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-5297"
                },
                {
                  "name": "https://bugs.freedesktop.org/show_bug.cgi?id=92027",
                  "refsource": "MISC",
                  "url": "https://bugs.freedesktop.org/show_bug.cgi?id=92027"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2015-5297",
        "datePublished": "2019-07-31T22:03:56.000Z",
        "dateReserved": "2015-07-01T00:00:00.000Z",
        "dateUpdated": "2024-08-06T06:41:09.351Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }