Computer Security
[EN] securityvulns.ru no-pyccku


pango / libpango buffer overflow
Published:04.02.2011
Source:
SecurityVulns ID:11403
Type:library
Threat Level:
5/10
Description:Buffer overflow in pango_ft2_font_render_box_glyph()
Affected:PANGO : Pango 1.28
CVE:CVE-2011-0020 (Heap-based buffer overflow in the pango_ft2_font_render_box_glyph function in pango/pangoft2-render.c in libpango in Pango 1.28.3 and earlier, when the FreeType2 backend is enabled, allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file, related to the glyph box for an FT_Bitmap object.)
Original documentdocumentMANDRIVA, [ MDVSA-2011:020 ] pango (04.02.2011)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod