{"id":"CVE-2013-1591","details":"Stack-based buffer overflow in libpixman, as used in Pale Moon before 15.4 and possibly other products, has unspecified impact and context-dependent attack vectors.  NOTE: this issue might be resultant from an integer overflow in the fast_composite_scaled_bilinear function in pixman-inlines.h, which triggers an infinite loop.","modified":"2026-04-10T03:44:23.747039Z","published":"2013-01-31T23:55:01Z","references":[{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2013-0687.html"},{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2013-0746.html"},{"type":"ADVISORY","url":"http://www.mandriva.com/security/advisories?name=MDVSA-2013:116"},{"type":"ADVISORY","url":"https://support.f5.com/csp/article/K51392553"},{"type":"ADVISORY","url":"https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0077"},{"type":"ARTICLE","url":"http://cgit.freedesktop.org/pixman/commit/?id=de60e2e0e3eb6084f8f14b63f25b3cbfb012943f"},{"type":"EVIDENCE","url":"https://bugzilla.redhat.com/show_bug.cgi?id=910149"},{"type":"FIX","url":"http://cgit.freedesktop.org/pixman/commit/?id=de60e2e0e3eb6084f8f14b63f25b3cbfb012943f"},{"type":"FIX","url":"https://bugzilla.redhat.com/show_bug.cgi?id=910149"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=910149"},{"type":"WEB","url":"http://www.palemoon.org/releasenotes-ng.shtml"}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}