ID CVE-2013-6425
Summary Integer underflow in the pixman_trapezoid_valid macro in pixman.h in Pixman before 0.32.0, as used in X.Org server and cairo, allows context-dependent attackers to cause a denial of service (crash) via a negative bottom value.
References
Vulnerable Configurations
  • Canonical Ubuntu Linux 12.04 LTS (Long-Term Support)
    cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts
  • Canonical Ubuntu Linux 12.10
    cpe:2.3:o:canonical:ubuntu_linux:12.10
  • Canonical Ubuntu Linux 13.04
    cpe:2.3:o:canonical:ubuntu_linux:13.04
  • Canonical Ubuntu Linux 13.10
    cpe:2.3:o:canonical:ubuntu_linux:13.10
  • Cairographics Cairo
    cpe:2.3:a:cairographics:cairo
  • Pixman 0.30.2
    cpe:2.3:a:pixman:pixman:0.30.2
  • Pixman 0.30.0
    cpe:2.3:a:pixman:pixman:0.30.0
  • Pixman 0.28.2
    cpe:2.3:a:pixman:pixman:0.28.2
  • Pixman 0.28.0
    cpe:2.3:a:pixman:pixman:0.28.0
  • Pixman 0.26.2
    cpe:2.3:a:pixman:pixman:0.26.2
  • Pixman 0.26.0
    cpe:2.3:a:pixman:pixman:0.26.0
  • Pixman 0.24.4
    cpe:2.3:a:pixman:pixman:0.24.4
  • Pixman 0.24.2
    cpe:2.3:a:pixman:pixman:0.24.2
  • Pixman 0.24.0
    cpe:2.3:a:pixman:pixman:0.24.0
  • Pixman 0.22.2
    cpe:2.3:a:pixman:pixman:0.22.2
  • Pixman 0.22.0
    cpe:2.3:a:pixman:pixman:0.22.0
  • Pixman 0.20.2
    cpe:2.3:a:pixman:pixman:0.20.2
  • Pixman 0.20.0
    cpe:2.3:a:pixman:pixman:0.20.0
  • Pixman 0.18.4
    cpe:2.3:a:pixman:pixman:0.18.4
  • Pixman 0.18.2
    cpe:2.3:a:pixman:pixman:0.18.2
  • Pixman 0.18.0
    cpe:2.3:a:pixman:pixman:0.18.0
  • Pixman 0.16.4
    cpe:2.3:a:pixman:pixman:0.16.4
  • Pixman 0.16.2
    cpe:2.3:a:pixman:pixman:0.16.2
  • Pixman 0.16.0
    cpe:2.3:a:pixman:pixman:0.16.0
  • Pixman 0.14.0
    cpe:2.3:a:pixman:pixman:0.14.0
  • Pixman 0.12.0
    cpe:2.3:a:pixman:pixman:0.12.0
  • Pixman 0.10.0
    cpe:2.3:a:pixman:pixman:0.10.0
  • Pixman 0.9.6
    cpe:2.3:a:pixman:pixman:0.9.6
  • X.Org xserver
    cpe:2.3:a:x:x_server
CVSS
Base: 5.0 (as of 22-01-2014 - 09:56)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2014-9063.NASL
    description CVE-2013-6425, added patches from https://bugzilla.redhat.com/show_bug.cgi?id=1043743 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-19
    plugin id 77070
    published 2014-08-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77070
    title Fedora 20 : pixman-0.30.0-4.fc20 (2014-9063)
  • NASL family Amazon Linux Local Security Checks
    NASL id ALA_ALAS-2014-272.NASL
    description An integer overflow, which led to a heap-based buffer overflow, was found in the way pixman handled trapezoids. If a remote attacker could trick an application using pixman into rendering a trapezoid shape with specially crafted coordinates, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2013-6425)
    last seen 2019-02-21
    modified 2018-04-18
    plugin id 72290
    published 2014-02-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=72290
    title Amazon Linux AMI : pixman (ALAS-2014-272)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2014-5.NASL
    description - Added pixman-bnc853824-bfo67484-CVE-2013-6425-fix-underflow.pa tch for bnc#853824. Fixes an integer underflow bug which can cause a crash.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 75396
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=75396
    title openSUSE Security Update : pixman (openSUSE-SU-2014:0011-1)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2013-1869.NASL
    description Updated pixman packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Pixman is a pixel manipulation library for the X Window System and Cairo. An integer overflow, which led to a heap-based buffer overflow, was found in the way pixman handled trapezoids. If a remote attacker could trick an application using pixman into rendering a trapezoid shape with specially crafted coordinates, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2013-6425) Users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All applications using pixman must be restarted for this update to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 71613
    published 2013-12-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=71613
    title RHEL 5 / 6 : pixman (RHSA-2013:1869)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2013-302.NASL
    description Updated pixman package fixes security vulnerability : Bryan Quigley discovered an integer underflow in pixman. If a user were tricked into opening a specially crafted file, an attacker could cause a denial of service via application crash (CVE-2013-6425).
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 71609
    published 2013-12-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=71609
    title Mandriva Linux Security Advisory : pixman (MDVSA-2013:302)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2014-6825.NASL
    description Fix CVE-2013-6425 (RHBZ #1043744) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-19
    plugin id 74391
    published 2014-06-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=74391
    title Fedora 20 : mingw-pixman-0.30.0-5.fc20 (2014-6825)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2014-6.NASL
    description - Added pixman-bnc853824-bfo67484-CVE-2013-6425-fix-underflow.pa tch for bnc#853824. Fixes an integer underflow bug which can cause a crash.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 75400
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=75400
    title openSUSE Security Update : pixman (openSUSE-SU-2014:0007-1)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2014-9359.NASL
    description fix tests on big endians CVE-2013-6425, added patches from https://bugzilla.redhat.com/show_bug.cgi?id=1043743 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-19
    plugin id 77227
    published 2014-08-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77227
    title Fedora 20 : pixman-0.30.0-5.fc20 (2014-9359)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_LIBPIXMAN-1-0-131221.NASL
    description This update fixes the following security issue with pixman : - Integer underflow when handling trapezoids. (bnc#853824, CVE-2013-6425)
    last seen 2019-02-21
    modified 2014-01-23
    plugin id 71835
    published 2014-01-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=71835
    title SuSE 11.2 Security Update : pixman (SAT Patch Number 8701)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2014-9399.NASL
    description fix tests on big endians CVE-2013-6425, added patches from https://bugzilla.redhat.com/show_bug.cgi?id=1043743 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-19
    plugin id 77441
    published 2014-08-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=77441
    title Fedora 19 : pixman-0.30.0-5.fc19 (2014-9399)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2014-6829.NASL
    description Fix CVE-2013-6425 (RHBZ #1043744) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-19
    plugin id 74393
    published 2014-06-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=74393
    title Fedora 19 : mingw-pixman-0.30.0-4.fc19 (2014-6829)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-2823.NASL
    description Bryan Quigley discovered an integer underflow in Pixman which could lead to denial of service or the execution of arbitrary code.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 71528
    published 2013-12-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=71528
    title Debian DSA-2823-1 : pixman - integer underflow
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2014-7.NASL
    description - Added pixman-bnc853824-bfo67484-CVE-2013-6425-fix-underflow.pa tch for bnc#853824. Fixes an integer underflow bug which can cause a crash.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 75406
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=75406
    title openSUSE Security Update : pixman (openSUSE-SU-2014:0014-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_LIBPIXMAN-1-0-131220.NASL
    description This update fixes the following security issue with pixman : - Integer underflow when handling trapezoids. (bnc#853824, CVE-2013-6425)
    last seen 2019-02-21
    modified 2014-01-23
    plugin id 71834
    published 2014-01-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=71834
    title SuSE 11.3 Security Update : pixman (SAT Patch Number 8697)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2013-1869.NASL
    description From Red Hat Security Advisory 2013:1869 : Updated pixman packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Pixman is a pixel manipulation library for the X Window System and Cairo. An integer overflow, which led to a heap-based buffer overflow, was found in the way pixman handled trapezoids. If a remote attacker could trick an application using pixman into rendering a trapezoid shape with specially crafted coordinates, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2013-6425) Users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All applications using pixman must be restarted for this update to take effect.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 71611
    published 2013-12-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=71611
    title Oracle Linux 6 : pixman (ELSA-2013-1869)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201402-03.NASL
    description The remote host is affected by the vulnerability described in GLSA-201402-03 (Pixman: User-assisted execution of arbitrary code) The trapezoid handling code in Pixman contains an integer underflow vulnerability. Impact : A context-dependent attacker could entice a user to open a specially crafted file using an application linked against Pixman, possibly resulting in execution of arbitrary code with the privileges of the process, or a Denial of Service condition. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 72256
    published 2014-02-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=72256
    title GLSA-201402-03 : Pixman: User-assisted execution of arbitrary code
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20131220_PIXMAN_ON_SL5_X.NASL
    description An integer overflow, which led to a heap-based buffer overflow, was found in the way pixman handled trapezoids. If a remote attacker could trick an application using pixman into rendering a trapezoid shape with specially crafted coordinates, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2013-6425) All applications using pixman must be restarted for this update to take effect.
    last seen 2019-02-21
    modified 2018-12-31
    plugin id 71630
    published 2013-12-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=71630
    title Scientific Linux Security Update : pixman on SL5.x, SL6.x i386/x86_64
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2013-1869.NASL
    description Updated pixman packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. Pixman is a pixel manipulation library for the X Window System and Cairo. An integer overflow, which led to a heap-based buffer overflow, was found in the way pixman handled trapezoids. If a remote attacker could trick an application using pixman into rendering a trapezoid shape with specially crafted coordinates, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2013-6425) Users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All applications using pixman must be restarted for this update to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 71584
    published 2013-12-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=71584
    title CentOS 5 / 6 : pixman (CESA-2013:1869)
redhat via4
advisories
bugzilla
id 1037975
title CVE-2013-6425 pixman: integer underflow when handling trapezoids
oval
OR
  • AND
    • comment Red Hat Enterprise Linux 5 is installed
      oval oval:com.redhat.rhsa:tst:20070055001
    • OR
      • AND
        • comment pixman is earlier than 0:0.22.0-2.2.el5_10
          oval oval:com.redhat.rhsa:tst:20131869002
        • comment pixman is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20131869003
      • AND
        • comment pixman-devel is earlier than 0:0.22.0-2.2.el5_10
          oval oval:com.redhat.rhsa:tst:20131869004
        • comment pixman-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20131869005
  • AND
    • OR
      • comment Red Hat Enterprise Linux 6 Client is installed
        oval oval:com.redhat.rhsa:tst:20100842001
      • comment Red Hat Enterprise Linux 6 Server is installed
        oval oval:com.redhat.rhsa:tst:20100842002
      • comment Red Hat Enterprise Linux 6 Workstation is installed
        oval oval:com.redhat.rhsa:tst:20100842003
      • comment Red Hat Enterprise Linux 6 ComputeNode is installed
        oval oval:com.redhat.rhsa:tst:20100842004
    • OR
      • AND
        • comment pixman is earlier than 0:0.26.2-5.1.el6_5
          oval oval:com.redhat.rhsa:tst:20131869010
        • comment pixman is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20130687006
      • AND
        • comment pixman-devel is earlier than 0:0.26.2-5.1.el6_5
          oval oval:com.redhat.rhsa:tst:20131869012
        • comment pixman-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20130687008
rhsa
id RHSA-2013:1869
released 2013-12-20
severity Important
title RHSA-2013:1869: pixman security update (Important)
rpms
  • pixman-0:0.22.0-2.2.el5_10
  • pixman-devel-0:0.22.0-2.2.el5_10
  • pixman-0:0.26.2-5.1.el6_5
  • pixman-devel-0:0.26.2-5.1.el6_5
refmap via4
confirm http://cgit.freedesktop.org/pixman/commit/?id=5e14da97f16e421d084a9e735be21b1025150f0c
debian DSA-2823
misc
mlist
  • [Pixman] 20131110 [ANNOUNCE] pixman release 0.32.0 now available
  • [oss-security] 20131203 CVE Request: xorg-server and pixman
  • [oss-security] 20131204 Re: CVE Request: xorg-server and pixman
suse
  • openSUSE-SU-2014:0007
  • openSUSE-SU-2014:0011
  • openSUSE-SU-2014:0014
  • openSUSE-SU-2014:0145
ubuntu USN-2047-1
Last major update 05-03-2014 - 23:49
Published 18-01-2014 - 14:55
Back to Top