Vulnerabilities > CVE-2014-5116 - Denial-Of-Service vulnerability in Cairographics Cairo 1.10.2

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
cairographics
exploit available
NVD
Published: 2014-07-29
Updated: 2014-07-30

Summary

The cairo_image_surface_get_data function in Cairo 1.10.2, as used in GTK+ and Wireshark, allows context-dependent attackers to cause a denial of service (NULL pointer dereference) via a large string. <a href="http://cwe.mitre.org/data/definitions/476.html" target="_blank">CWE-476: NULL Pointer Dereference</a>

Vulnerable Configurations

Part Description Count
Application
Cairographics
1

Exploit-Db

descriptionWireshark 1.10.7 - DoS PoC. CVE-2014-5116. Dos exploit for windows platform
fileexploits/windows/dos/33384.py
idEDB-ID:33384
last seen2016-02-03
modified2014-05-16
platformwindows
port
published2014-05-16
reporterOsanda Malith
sourcehttps://www.exploit-db.com/download/33384/
titleWireshark 1.10.7 - DoS PoC
typedos

References