Stack-based buffer overflow in libpixman, as used in Pale Moon before 15.4 and possibly other products, has unspecified impact and context-dependent attack vectors. NOTE: this issue might be resultant from an integer overflow in the fast_composite_scaled_bilinear function in pixman-inlines.h, which triggers an infinite loop.

Threat-Mapped Scoring

Score: 1.5

Priority: P4 - Informational (Low)

• S10 – Denial of Service

EPSS

Score: 0.01394
Percentile: 0.79534

CVSS Scoring

Mapped CWE(s)

• CWE-190 : Integer Overflow or Wraparound

All CAPEC(s)

CAPEC(s) with Mapped TTPs

Mapped ATT&CK TTPs

Affected Products

• cpe:2.3:a:redhat:enterprise_virtualization:3.0:*:*:*:*:*:*:*
• cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
• cpe:2.3:a:palemoon:pale_moon:*:*:*:*:*:*:*:*

← Back to Home