Cairo is prone to an integer-overflow vulnerability because it fails to ensure that integer values aren't overrun. Attackers may exploit this issue to overflow a buffer and to corrupt process memory. Attackers may be able to execute arbitrary machine code in the context of an affected application. Failed exploit attempts will likely result in a denial-of-service condition. This issue affects versions prior to Cairo 1.4.12.
Thanks for the report. Dupe though ;-) *** This bug has been marked as a duplicate of bug 200350 ***