Description
The cairo_image_surface_get_data function in Cairo 1.10.2, as used in GTK+ and Wireshark, allows context-dependent attackers to cause a denial of service (NULL pointer dereference) via a large string.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Osanda Malith Jayathissa · pythondoswindows
https://www.exploit-db.com/exploits/33384
References (3)
Core 3
Core References
Exploit exploit
x_refsource_exploit-db
http://www.exploit-db.com/exploits/33384
Issue Tracking x_refsource_confirm
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9761
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/107083
Scores
EPSS
0.0584
EPSS Percentile
90.6%
Details
Status
published
Products (1)
cairographics/cairo
1.10.2
Published
Jul 29, 2014
Tracked Since
Feb 18, 2026