An integer overflow issue has been reported in the general_composite_rect() function in pixman prior to version 0.32.8. An attacker could exploit this issue to cause an application using pixman to crash or, potentially, execute arbitrary code.
Un fallo de desbordamiento de entero ha sido informado en el general_composite_rect() function en pixman anterior a la versión 0.32.8 un atacante podría explotar este problema para causar una aplicación usando pixman para bloquear o potencialmente, ejecutar un código arbitrario.
USN-3843-1 fixed a vulnerability in pixman. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that pixman incorrectly handled the general_composite_rect function. A remote attacker could use this issue to cause pixman to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
