CentOS Update For Pixman CESA-2013:1869 Centos5 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

Pixman is a pixel manipulation library for the X Window System and Cairo. An integer overflow, which led to a heap-based buffer overflow, was found in the way pixman handled trapezoids. If a remote attacker could trick an application using pixman into rendering a trapezoid shape with specially crafted coordinates, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2013-6425) Users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All applications using pixman must be restarted for this update to take effect.

Affected

pixman on CentOS 5

References

http://lists.centos.org/pipermail/centos-announce/2013-December/020091.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2013-6425

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

CentOS Update for acpid CESA-2009:0474 centos4 i386
CentOS Security Advisory CESA-2009:1619 (dstat)
CentOS Security Advisory CESA-2009:1039 (ntp)
CentOS Update for acpid CESA-2009:1642 centos5 i386
CentOS Security Advisory CESA-2009:1522 (kernel)

CentOS Update for pixman CESA-2013:1869 centos5

Take action and discover your vulnerabilities