ID |
CVE-2011-0064
|
Summary |
The hb_buffer_ensure function in hb-buffer.c in HarfBuzz, as used in Pango 1.28.3, Firefox, and other products, does not verify that memory reallocations succeed, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly execute arbitrary code via crafted OpenType font data that triggers use of an incorrect index. |
References |
|
Vulnerable Configurations |
|
CVSS |
Base: | 6.8 (as of 14-07-2021 - 15:41) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
MEDIUM |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
PARTIAL |
PARTIAL |
PARTIAL |
|
cvss-vector
via4
|
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
redhat
via4
|
advisories | bugzilla | id | 678563 | title | CVE-2011-0064 pango: missing memory reallocation failure checking in hb_buffer_ensure |
| oval | OR | comment | Red Hat Enterprise Linux must be installed | oval | oval:com.redhat.rhba:tst:20070304026 |
AND | comment | Red Hat Enterprise Linux 6 is installed | oval | oval:com.redhat.rhba:tst:20111656003 |
OR | AND | comment | pango is earlier than 0:1.28.1-3.el6_0.5 | oval | oval:com.redhat.rhsa:tst:20110309001 |
comment | pango is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhba:tst:20152116008 |
|
AND | comment | pango-devel is earlier than 0:1.28.1-3.el6_0.5 | oval | oval:com.redhat.rhsa:tst:20110309003 |
comment | pango-devel is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhba:tst:20152116010 |
|
|
|
|
| rhsa | id | RHSA-2011:0309 | released | 2011-03-01 | severity | Critical | title | RHSA-2011:0309: pango security update (Critical) |
|
| rpms | - pango-0:1.28.1-3.el6_0.5
- pango-debuginfo-0:1.28.1-3.el6_0.5
- pango-devel-0:1.28.1-3.el6_0.5
|
|
refmap
via4
|
bid | 46632 | confirm | | debian | DSA-2178 | fedora | FEDORA-2011-3194 | mandriva | MDVSA-2011:040 | sectrack | 1025145 | secunia | | suse | SUSE-SR:2011:005 | ubuntu | USN-1082-1 | vupen | - ADV-2011-0543
- ADV-2011-0555
- ADV-2011-0558
- ADV-2011-0584
- ADV-2011-0683
| xf | pango-hbbufferensure-bo(65770) |
|
Last major update |
14-07-2021 - 15:41 |
Published |
07-03-2011 - 21:00 |
Last modified |
14-07-2021 - 15:41 |