CentOS Update For Pixman CESA-2013:1869 Centos6 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

Pixman is a pixel manipulation library for the X Window System and Cairo. An integer overflow, which led to a heap-based buffer overflow, was found in the way pixman handled trapezoids. If a remote attacker could trick an application using pixman into rendering a trapezoid shape with specially crafted coordinates, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2013-6425) Users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All applications using pixman must be restarted for this update to take effect.

Affected

pixman on CentOS 6

References

http://lists.centos.org/pipermail/centos-announce/2013-December/020089.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2013-6425
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

CentOS Security Advisory CESA-2009:0473 (kernel)
CentOS Update for 4Suite CESA-2009:1572 centos4 i386
CentOS Update for abrt CESA-2013:0215 centos6
CentOS Security Advisory CESA-2009:1541 (kernel)
CentOS Security Advisory CESA-2009:0295 (net-snmp)

CentOS Update for pixman CESA-2013:1869 centos6

Take action and discover your vulnerabilities