Peter Valchev (Google Security) discovered a series of integer overflow weaknesses in Cairo, a vector graphics rendering library used by many other applications. If an application uses cairo to render a maliciously crafted PNG image, the vulnerability allows the execution of arbitrary code.