Computer Security
[EN] securityvulns.ru no-pyccku


Pango library array index overflow
Published:23.03.2010
Source:
SecurityVulns ID:10708
Type:library
Threat Level:
5/10
Description:Array index overflow on font file parsing.
Affected:PANGO : Pango 1.27
CVE:CVE-2010-0421 (Array index error in the hb_ot_layout_build_glyph_classes function in pango/opentype/hb-ot-layout.cc in Pango before 1.27.1 allows context-dependent attackers to cause a denial of service (application crash) via a crafted font file, related to building a synthetic Glyph Definition (aka GDEF) table by using this font's charmap and the Unicode property database.)
Original documentdocumentDEBIAN, [SECURITY] [DSA-2019-1] New pango1.0 packages fix denial of service (23.03.2010)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod