CVE-2009-1194

2009-05-11 17:30:00 2018-10-10 21:34:58

Integer overflow in the pango_glyph_string_set_size function in pango/glyphstring.c in Pango before 1.24 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long glyph string that triggers a heap-based buffer overflow, as demonstrated by a long document.location value in Firefox.

Vector

NETWORK

Complexity

MEDIUM

Authentication

NONE

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Pango Pango 1.20 (not an official CPE) Pango Pango 1.18 (not an official CPE) Pango Pango 1.16 (not an official CPE) Pango Pango 1.14 (not an official CPE) Pango Pango 1.12 (not an official CPE) Pango Pango 1.10 (not an official CPE) Pango Pango 1.8 (not an official CPE) Pango Pango 1.6 (not an official CPE) Pango Pango 1.4 (not an official CPE) Pango Pango 1.2 (not an official CPE) Pango Pango 1.22 (not an official CPE)

Pango - Pango

Advisory	Patch	Confirmed	Link
			https://launchpad.net/bugs/cve/2009-1194
			pango-pangoglyphstringsetsize-bo(50397)
			https://bugzilla.mozilla.org/show_bug.cgi?id=480134
			https://bugzilla.redhat.com/show_bug.cgi?id=496887
			USN-773-1
			ADV-2009-1269
			ADV-2009-1972
			1022196
			34870
			20090507 [oCERT-2009-001] Pango integer overflow in heap...
			RHSA-2009:0476
			35758
			[oss-security] 20090507 [oCERT-2009-001] Pango integer o...
			DSA-1798
			http://www.mozilla.org/security/announce/2009/mfsa2009-3...
			http://www.ocert.org/advisories/ocert-2009-001.html
			264308
			SUSE-SA:2009:042
			SUSE-SA:2009:039
			SUSE-SR:2009:012
			http://github.com/bratsche/pango/commit/4de30e5500eaeb49...

CVE-2009-1194

2009-05-11 17:30:00 2018-10-10 21:34:58

Vector

Complexity

Authentication

Confidentiality

Integrity

Availability

Numeric Errors (ID 189)