Computer Security
[EN] securityvulns.ru no-pyccku


Pango library NULL pointer dereference
Published:03.03.2011
Source:
SecurityVulns ID:11480
Type:library
Threat Level:
5/10
Description:Memory allocations are not controlled.
Affected:PANGO : Pango 1.28
CVE:CVE-2011-0064 (The hb_buffer_ensure function in hb-buffer.c in HarfBuzz, as used in Pango 1.28.3, Firefox, and other products, does not verify that memory reallocations succeed, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly execute arbitrary code via crafted OpenType font data that triggers use of an incorrect index.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 2178-1] pango1.0 security update (03.03.2011)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod