Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Ubuntu Local Security Checks --> Category: infos

USN265-1 : libcairo vulnerability Vulnerability Scan

Vulnerability Scan Summary
libcairo vulnerability

Detailed Explanation for this Vulnerability Test

Synopsis :

These remote packages are missing security patches :
- libcairo2
- libcairo2-dev
- libcairo2-doc

Description :

When rendering glyphs, the cairo graphics rendering library did not
check the maximum length of character strings. A request to display
an excessively long string with cairo caused a program crash due to an
X library error.

Mike Davis discovered that this could be turned into a Denial of
Service attack in Evolution. An email with an attachment with very
long lines caused Evolution to crash repeatedly until that email was
manually removed from the mail folder.

This only affects Ubuntu 5.10. Previous Ubuntu releases did not use
libcairo for text rendering.

Solution :

Upgrade to :
- libcairo2-1.0.2-0ubuntu1.1 (Ubuntu 5.10)
- libcairo2-dev-1.0.2-0ubuntu1.1 (Ubuntu 5.10)
- libcairo2-doc-1.0.2-0ubuntu1.1 (Ubuntu 5.10)

Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.