Solution
Please Install the Updated Packages.
Insight
Pixman is a pixel manipulation library for the X Window System and Cairo.
An integer overflow, which led to a heap-based buffer overflow, was found in the way pixman handled trapezoids. If a remote attacker could trick an application using pixman into rendering a trapezoid shape with specially crafted coordinates, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2013-6425)
Users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All applications using pixman must be restarted for this update to take effect.
Affected
pixman on CentOS 6
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2013-6425 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities