Endpoint Vulnerability

Memory corruption in Cairo during PDF font rendering

Description

Security researcher John Thomson discovered a memory corruption in the Cairo graphics library during font rendering of a PDF file for display. This memory corruption leads to a potentially exploitable crash and to a denial of service (DOS). This issues is not able to be triggered in a default configuration and would require a malicious extension to be installed.

Affected Products

Thunderbird

References

CVE-2014-1509,