PatchSiren

Cairographics CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

MEDIUM Cairographics CVE published 2017-02-03

CVE-2016-9082

CVE-2016-9082 describes a denial-of-service flaw in cairo 1.14.6. A large SVG file can trigger an integer overflow in the write_png function, which may lead to an invalid pointer dereference and application crash. NVD classifies the issue as CWE-190 and rates it Medium.