Main Vulnerability Database SB2016052003

SB2016052003 - Denial of service in librsvg

Published: May 20, 2016 Updated: February 1, 2020

Security Bulletin ID SB2016052003

Severity

Medium

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Out-of-bounds read (CVE-ID: CVE-2015-7557)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary error in the _rsvg_node_poly_build_path() function in rsvg-shapes.c. A remote attacker can create an odd number of elements in a coordinate pair in an SVG document, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.

Remediation

Install update from vendor's website.

References

https://git.gnome.org/browse/librsvg/tree/NEWS
https://git.gnome.org/browse/librsvg/commit/rsvg-shapes.c?id=40af93e6eb1c94b90c3b9a0b87e0840e126bb8df
http://www.openwall.com/lists/oss-security/2015/12/21/5