Heap-based buffer overflow in the pango_ft2_font_render_box_glyph function in pango/pangoft2-render.c in libpango in Pango 1.28.3 and earlier, when the FreeType2 backend is enabled, allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file, related to the glyph box for an FT_Bitmap object.
http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html
http://openwall.com/lists/oss-security/2011/01/18/6
http://openwall.com/lists/oss-security/2011/01/20/2
http://secunia.com/advisories/42934
http://secunia.com/advisories/43100
http://www.redhat.com/support/errata/RHSA-2011-0180.html
http://www.securityfocus.com/bid/45842
http://www.securitytracker.com/id?1024994
http://www.vupen.com/english/advisories/2011/0186
http://www.vupen.com/english/advisories/2011/0238
https://bugs.launchpad.net/ubuntu/+source/pango1.0/+bug/696616
https://bugzilla.gnome.org/show_bug.cgi?id=639882
OR
cpe:2.3:a:pango:pango:0.20:*:*:*:*:*:*:*
cpe:2.3:a:pango:pango:0.21:*:*:*:*:*:*:*
cpe:2.3:a:pango:pango:0.22:*:*:*:*:*:*:*
cpe:2.3:a:pango:pango:0.23:*:*:*:*:*:*:*
cpe:2.3:a:pango:pango:0.24:*:*:*:*:*:*:*
cpe:2.3:a:pango:pango:0.25:*:*:*:*:*:*:*
cpe:2.3:a:pango:pango:0.26:*:*:*:*:*:*:*
cpe:2.3:a:pango:pango:1.0:*:*:*:*:*:*:*
cpe:2.3:a:pango:pango:1.1:*:*:*:*:*:*:*
cpe:2.3:a:pango:pango:1.2:*:*:*:*:*:*:*
cpe:2.3:a:pango:pango:1.3:*:*:*:*:*:*:*
cpe:2.3:a:pango:pango:1.4:*:*:*:*:*:*:*
cpe:2.3:a:pango:pango:1.5:*:*:*:*:*:*:*
cpe:2.3:a:pango:pango:1.6:*:*:*:*:*:*:*
cpe:2.3:a:pango:pango:1.7:*:*:*:*:*:*:*
cpe:2.3:a:pango:pango:1.8:*:*:*:*:*:*:*
cpe:2.3:a:pango:pango:1.9:*:*:*:*:*:*:*
cpe:2.3:a:pango:pango:1.10:*:*:*:*:*:*:*
cpe:2.3:a:pango:pango:1.11:*:*:*:*:*:*:*
cpe:2.3:a:pango:pango:1.12:*:*:*:*:*:*:*
cpe:2.3:a:pango:pango:1.13:*:*:*:*:*:*:*
cpe:2.3:a:pango:pango:1.14:*:*:*:*:*:*:*
cpe:2.3:a:pango:pango:1.15:*:*:*:*:*:*:*
cpe:2.3:a:pango:pango:1.16:*:*:*:*:*:*:*
cpe:2.3:a:pango:pango:1.17:*:*:*:*:*:*:*
cpe:2.3:a:pango:pango:1.18:*:*:*:*:*:*:*
cpe:2.3:a:pango:pango:1.19:*:*:*:*:*:*:*
cpe:2.3:a:pango:pango:1.20:*:*:*:*:*:*:*
cpe:2.3:a:pango:pango:1.21:*:*:*:*:*:*:*
cpe:2.3:a:pango:pango:1.22:*:*:*:*:*:*:*
cpe:2.3:a:pango:pango:1.23:*:*:*:*:*:*:*
cpe:2.3:a:pango:pango:1.24:*:*:*:*:*:*:*
cpe:2.3:a:pango:pango:1.25:*:*:*:*:*:*:*
cpe:2.3:a:pango:pango:1.26:*:*:*:*:*:*:*
cpe:2.3:a:pango:pango:1.27:*:*:*:*:*:*:*
cpe:2.3:a:pango:pango:1.28.0:*:*:*:*:*:*:*
cpe:2.3:a:pango:pango:1.28.1:*:*:*:*:*:*:*
cpe:2.3:a:pango:pango:1.28.2:*:*:*:*:*:*:*
cpe:2.3:a:pango:pango:*:*:*:*:*:*:*:* versions up to 1.28.3 (inclusive)
ID | Name | Product | Family | Severity |
---|---|---|---|---|
75599 | openSUSE Security Update : libpango-1_0-0 (openSUSE-SU-2011:0221-1) | Nessus | SuSE Local Security Checks | high |
74056 | GLSA-201405-13 : Pango: Multiple vulnerabilities | Nessus | Gentoo Local Security Checks | critical |
68188 | Oracle Linux 4 / 5 / 6 : pango (ELSA-2011-0180) | Nessus | Oracle Linux Local Security Checks | high |
60944 | Scientific Linux Security Update : pango on SL4.x, SL5.x i386/x86_64 | Nessus | Scientific Linux Local Security Checks | high |
57187 | SuSE 10 Security Update : firefox3-pango (ZYPP Patch Number 7459) | Nessus | SuSE Local Security Checks | high |
54612 | SuSE 10 Security Update : firefox3-pango (ZYPP Patch Number 7460) | Nessus | SuSE Local Security Checks | high |
53753 | openSUSE Security Update : libpango-1_0-0 (openSUSE-SU-2011:0221-1) | Nessus | SuSE Local Security Checks | high |
52960 | SuSE 11.1 Security Update : pango (SAT Patch Number 4065) | Nessus | SuSE Local Security Checks | high |
52529 | Ubuntu 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : pango1.0 vulnerabilities (USN-1082-1) | Nessus | Ubuntu Local Security Checks | high |
51886 | CentOS 4 : pango (CESA-2011:0180) | Nessus | CentOS Local Security Checks | high |
51865 | Mandriva Linux Security Advisory : pango (MDVSA-2011:020) | Nessus | Mandriva Local Security Checks | high |
51811 | RHEL 4 / 5 / 6 : pango (RHSA-2011:0180) | Nessus | Red Hat Local Security Checks | high |