Endpoint Vulnerability

Crash using DrawTarget in Cairo graphics library

Description

Security researcher Atte Kettunen used the Address Sanitizer tool to discover a crash while drawing images through the Cairo graphics library while using the DrawTarget function. This can result in a segmentation fault due to zero-ing out of memory outside the bounds of the image.

Affected Products

Firefox

References

CVE-2015-0824,