Vulnerability Details : CVE-2013-1591
Stack-based buffer overflow in libpixman, as used in Pale Moon before 15.4 and possibly other products, has unspecified impact and context-dependent attack vectors. NOTE: this issue might be resultant from an integer overflow in the fast_composite_scaled_bilinear function in pixman-inlines.h, which triggers an infinite loop.
Vulnerability category: Overflow
Products affected by CVE-2013-1591
- cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:enterprise_virtualization:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:palemoon:pale_moon:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2013-1591
0.41%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 74 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2013-1591
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST | |
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST | 2024-02-15 |
CWE ids for CVE-2013-1591
-
Assigned by: nvd@nist.gov (Primary)
-
The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.Assigned by: nvd@nist.gov (Primary)
References for CVE-2013-1591
-
https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0077
Support/Advisories/MGASA-2013-0077 - Mageia wikiThird Party Advisory
-
https://bugzilla.redhat.com/show_bug.cgi?id=910149
910149 – (CVE-2013-1591) CVE-2013-1591 pixman: stack-based buffer overflowExploit;Issue Tracking;Patch
-
http://www.palemoon.org/releasenotes-ng.shtml
Pale Moon -Broken Link
-
http://rhn.redhat.com/errata/RHSA-2013-0746.html
RHSA-2013:0746 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://rhn.redhat.com/errata/RHSA-2013-0687.html
RHSA-2013:0687 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://cgit.freedesktop.org/pixman/commit/?id=de60e2e0e3eb6084f8f14b63f25b3cbfb012943f
pixman - Pixman: The pixel-manipulation library for X and cairo. (mirrored from https://gitlab.freedesktop.org/pixman/pixman)Mailing List;Patch
-
http://www.mandriva.com/security/advisories?name=MDVSA-2013:116
mandriva.comBroken Link
-
https://support.f5.com/csp/article/K51392553
Third Party Advisory
Jump to