CVE-2013-0800
Publication date 3 April 2013
Last updated 24 July 2024
Ubuntu priority
Integer signedness error in the pixman_fill_sse2 function in pixman-sse2.c in Pixman, as distributed with Cairo and used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to execute arbitrary code via crafted values that trigger attempted use of a (1) negative box boundary or (2) negative box size, leading to an out-of-bounds write operation.
Status
Package | Ubuntu Release | Status |
---|---|---|
firefox | 13.10 saucy |
Fixed 20.0+build1-0ubuntu1
|
13.04 raring |
Fixed 20.0+build1-0ubuntu1
|
|
12.10 quantal |
Fixed 20.0+build1-0ubuntu0.12.10.3
|
|
12.04 LTS precise |
Fixed 20.0+build1-0ubuntu0.12.04.3
|
|
11.10 oneiric |
Fixed 20.0+build1-0ubuntu0.11.10.3
|
|
10.04 LTS lucid |
Fixed 20.0+build1-0ubuntu0.10.04.3
|
|
8.04 LTS hardy | Ignored end of life | |
seamonkey | 13.10 saucy | Not in release |
13.04 raring | Not in release | |
12.10 quantal | Not in release | |
12.04 LTS precise | Not in release | |
11.10 oneiric | Ignored end of life | |
10.04 LTS lucid | Ignored end of life | |
8.04 LTS hardy | Ignored end of life | |
thunderbird | 13.10 saucy |
Fixed 17.0.5+build1-0ubuntu1
|
13.04 raring |
Fixed 17.0.5+build1-0ubuntu1
|
|
12.10 quantal |
Fixed 17.0.5+build1-0ubuntu0.12.10.1
|
|
12.04 LTS precise |
Fixed 17.0.5+build1-0ubuntu0.12.04.1
|
|
11.10 oneiric |
Fixed 17.0.5+build1-0ubuntu0.11.10.1
|
|
10.04 LTS lucid |
Fixed 17.0.5+build1-0ubuntu0.10.04.1
|
|
8.04 LTS hardy | Ignored end of life | |
xulrunner-1.9.2 | 13.10 saucy | Not in release |
13.04 raring | Not in release | |
12.10 quantal | Not in release | |
12.04 LTS precise | Not in release | |
11.10 oneiric | Not in release | |
10.04 LTS lucid | Ignored end of life | |
8.04 LTS hardy | Ignored end of life | |
xulrunner-2.0 | 13.10 saucy | Not in release |
13.04 raring | Not in release | |
12.10 quantal | Not in release | |
12.04 LTS precise | Not in release | |
11.10 oneiric | Not in release | |
10.04 LTS lucid | Not in release | |
8.04 LTS hardy | Not in release |
Notes
References
Related Ubuntu Security Notices (USN)
- USN-1786-1
- Firefox vulnerabilities
- 4 April 2013
- USN-1791-1
- Thunderbird vulnerabilities
- 8 April 2013