CVE-2014-5116
published 2014-07-29CVE-2014-5116: The cairo_image_surface_get_data function in Cairo 1.10.2, as used in GTK+ and Wireshark, allows context-dependent attackers to cause a denial of service (NULL…
PriorityP429medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
7.78%
93.9th percentile
The cairo_image_surface_get_data function in Cairo 1.10.2, as used in GTK+ and Wireshark, allows context-dependent attackers to cause a denial of service (NULL pointer dereference) via a large string.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cairographics | cairo | — | — |
| wireshark | wireshark | >= 0 < 2.6.3-1~ubuntu14.04.1 | 2.6.3-1~ubuntu14.04.1 |
| wireshark | wireshark | >= 0 < 2.6.3-1~ubuntu16.04.1 | 2.6.3-1~ubuntu16.04.1 |
| wireshark | wireshark | >= 0 < 2.6.3-1~ubuntu18.04.1 | 2.6.3-1~ubuntu18.04.1 |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv5.0MEDIUM
vendor_redhat5.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
flash-plugin: information disclosure issues fixed in APSB15-16
vendor_redhat·2015-07-08·CVSS 5.0
CVE-2015-3125 [MEDIUM] flash-plugin: information disclosure issues fixed in APSB15-16
flash-plugin: information disclosure issues fixed in APSB15-16
Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2014-0578, CVE-2015-3115, CVE-2015-3116, and CVE-2015-5116.
Red Hat
flash-plugin: information disclosure issues fixed in APSB15-16
vendor_redhat·2015-07-08·CVSS 5.0
CVE-2015-3115 [MEDIUM] flash-plugin: information disclosure issues fixed in APSB15-16
flash-plugin: information disclosure issues fixed in APSB15-16
Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2014-0578, CVE-2015-3116, CVE-2015-3125, and CVE-2015-5116.
Red Hat
flash-plugin: information disclosure issues fixed in APSB15-16
vendor_redhat·2015-07-08·CVSS 5.0
CVE-2015-5116 [MEDIUM] flash-plugin: information disclosure issues fixed in APSB15-16
flash-plugin: information disclosure issues fixed in APSB15-16
Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2014-0578, CVE-2015-3115, CVE-2015-3116, and CVE-2015-3125.
Red Hat
flash-plugin: information disclosure issues fixed in APSB15-16
vendor_redhat·2015-07-08·CVSS 5.0
CVE-2015-3116 [MEDIUM] flash-plugin: information disclosure issues fixed in APSB15-16
flash-plugin: information disclosure issues fixed in APSB15-16
Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2014-0578, CVE-2015-3115, CVE-2015-3125, and CVE-2015-5116.
Red Hat
flash-plugin: information disclosure issues fixed in APSB15-16
vendor_redhat·2015-07-08·CVSS 5.0
CVE-2014-0578 [MEDIUM] flash-plugin: information disclosure issues fixed in APSB15-16
flash-plugin: information disclosure issues fixed in APSB15-16
Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2015-3115, CVE-2015-3116, CVE-2015-3125, and CVE-2015-5116.
Red Hat
cairo: NULL pointer dereference in cairo_image_surface_get_data()
vendor_redhat·2014-02-14·CVSS 5.0
CVE-2014-5116 [MEDIUM] CWE-476 cairo: NULL pointer dereference in cairo_image_surface_get_data()
cairo: NULL pointer dereference in cairo_image_surface_get_data()
The cairo_image_surface_get_data function in Cairo 1.10.2, as used in GTK+ and Wireshark, allows context-dependent attackers to cause a denial of service (NULL pointer dereference) via a large string.
Statement: We do not consider a user-assisted crash of a client application such as Wireshark to be a security issue. For more information please see https://bugzilla.redhat.com/show_bug.cgi?id=1124500#c5
Package: cairo (Red Hat Enterprise Linux 5) - Not affected
Package: cairo (Red Hat Enterprise Linux 6) - Not affected
Package: cairo (Red Hat Enterprise Linux 7) - Not affected
Package: mingw-virt-viewer (Red Hat Enterprise Virtualization 3) - Not affected
GHSA
GHSA-jcm2-jp9c-jcgg: The cairo_image_surface_get_data function in Cairo 1
ghsa_unreviewed·2022-05-17
CVE-2014-5116 [MEDIUM] GHSA-jcm2-jp9c-jcgg: The cairo_image_surface_get_data function in Cairo 1
The cairo_image_surface_get_data function in Cairo 1.10.2, as used in GTK+ and Wireshark, allows context-dependent attackers to cause a denial of service (NULL pointer dereference) via a large string.
OSV
CVE-2014-5116: The cairo_image_surface_get_data function in Cairo 1
osv·2014-07-29·CVSS 5.0
CVE-2014-5116 [MEDIUM] CVE-2014-5116: The cairo_image_surface_get_data function in Cairo 1
The cairo_image_surface_get_data function in Cairo 1.10.2, as used in GTK+ and Wireshark, allows context-dependent attackers to cause a denial of service (NULL pointer dereference) via a large string.
No detection rules found.
Bugzilla
flash-plugin: information disclosure issues fixed in APSB15-16
bugzilla·2015-07-08·CVSS 5.0
CVE-2015-3114 [MEDIUM] flash-plugin: information disclosure issues fixed in APSB15-16
flash-plugin: information disclosure issues fixed in APSB15-16
Adobe Security Bulletin APSB15-16 for Adobe Flash Player describes a security bypass and multiple same-origin-policy bypass vulnerabilities that can be used to disclose sensitive information when Flash Player is used to play a specially crafted SWF file.
Quoting from the APSB15-16:
These updates resolve a security bypass vulnerability that could lead to information disclosure (CVE-2015-3114).
These updates resolve vulnerabilities that could be exploited to bypass the same-origin-policy and lead to information disclosure (CVE-2014-0578, CVE-2015-3115, CVE-2015-3116, CVE-2015-3125, CVE-2015-5116).
External References:
https://helpx.adobe.com/security/products/flash-player/apsb15-16.html
Discussion:
This issue has been add
Bugzilla
CVE-2014-5116 cairo: NULL pointer dereference in cairo_image_surface_get_data()
bugzilla·2014-07-29·CVSS 5.0
CVE-2014-5116 [MEDIUM] CVE-2014-5116 cairo: NULL pointer dereference in cairo_image_surface_get_data()
CVE-2014-5116 cairo: NULL pointer dereference in cairo_image_surface_get_data()
From the todays CVE candidates:
Name: CVE-2014-5116
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5116
Final-Decision:
Interim-Decision:
Modified:
Proposed:
Assigned: 20140729
Category:
Reference: EXPLOIT-DB:33384
Reference: URL:http://www.exploit-db.com/exploits/33384
Reference: CONFIRM:https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9761
Reference: OSVDB:107083
Reference: URL:http://www.osvdb.org/107083
The cairo_image_surface_get_data function in Cairo 1.10.2, as used in
GTK+ and Wireshark, allows context-dependent attackers to cause a
denial of service (NULL pointer dereference) via a large string.
Discussion:
removed by mistake, not sure how.
---
Hi,
What exact c
2014-07-29
Published