ID CVE-2011-0064
Summary The hb_buffer_ensure function in hb-buffer.c in HarfBuzz, as used in Pango 1.28.3, Firefox, and other products, does not verify that memory reallocations succeed, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly execute arbitrary code via crafted OpenType font data that triggers use of an incorrect index. Per: http://cwe.mitre.org/data/definitions/476.html 'CWE-476: NULL Pointer Dereference'
References
Vulnerable Configurations
  • cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
  • cpe:2.3:a:pango:pango:1.28.3:*:*:*:*:*:*:*
    cpe:2.3:a:pango:pango:1.28.3:*:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 17-08-2017 - 01:33)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
redhat via4
advisories
bugzilla
id 678563
title CVE-2011-0064 pango: missing memory reallocation failure checking in hb_buffer_ensure
oval
AND
  • OR
    • comment Red Hat Enterprise Linux 6 Client is installed
      oval oval:com.redhat.rhba:tst:20111656001
    • comment Red Hat Enterprise Linux 6 Server is installed
      oval oval:com.redhat.rhba:tst:20111656002
    • comment Red Hat Enterprise Linux 6 Workstation is installed
      oval oval:com.redhat.rhba:tst:20111656003
    • comment Red Hat Enterprise Linux 6 ComputeNode is installed
      oval oval:com.redhat.rhba:tst:20111656004
  • OR
    • AND
      • comment pango is earlier than 0:1.28.1-3.el6_0.5
        oval oval:com.redhat.rhsa:tst:20110309005
      • comment pango is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhba:tst:20152116016
    • AND
      • comment pango-devel is earlier than 0:1.28.1-3.el6_0.5
        oval oval:com.redhat.rhsa:tst:20110309007
      • comment pango-devel is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhba:tst:20152116014
rhsa
id RHSA-2011:0309
released 2011-03-01
severity Critical
title RHSA-2011:0309: pango security update (Critical)
rpms
  • pango-0:1.28.1-3.el6_0.5
  • pango-devel-0:1.28.1-3.el6_0.5
refmap via4
bid 46632
confirm
debian DSA-2178
fedora FEDORA-2011-3194
mandriva MDVSA-2011:040
sectrack 1025145
secunia
  • 43559
  • 43572
  • 43578
  • 43800
suse SUSE-SR:2011:005
ubuntu USN-1082-1
vupen
  • ADV-2011-0543
  • ADV-2011-0555
  • ADV-2011-0558
  • ADV-2011-0584
  • ADV-2011-0683
xf pango-hbbufferensure-bo(65770)
Last major update 17-08-2017 - 01:33
Published 07-03-2011 - 21:00
Back to Top