Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
centosCentOS ProjectCESA-2011:1326
HistorySep 22, 2011 - 3:15 a.m.

pango security update

2011-09-2203:15:49
CentOS Project
lists.centos.org
50

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.022 Low

EPSS

Percentile

89.5%

JSON

CentOS Errata and Security Advisory CESA-2011:1326

Pango is a library used for the layout and rendering of internationalized
text.

A buffer overflow flaw was found in HarfBuzz, an OpenType text shaping
engine used in Pango. If a user loaded a specially-crafted font file with
an application that uses Pango, it could cause the application to crash or,
possibly, execute arbitrary code with the privileges of the user running
the application. (CVE-2011-3193)

Users of pango are advised to upgrade to these updated packages, which
contain a backported patch to resolve this issue. After installing this
update, you must restart your system or restart the X server for the update
to take effect.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2011-September/079914.html
https://lists.centos.org/pipermail/centos-announce/2011-September/079915.html

Affected packages:
pango
pango-devel

Upstream details at:
https://access.redhat.com/errata/RHSA-2011:1326

Related

cve 1
openvas 34
ubuntucve 1
debiancve 1
prion 1
oraclelinux 6
redhat 6
nessus 27
veracode 1
cvelist 1
nvd 1
centos 3
osv 1
debian 1
gentoo 1
ubuntu 1
cve
cve
CVE-2011-3193
2012-06-16 00:55:03
openvas
openvas
Oracle: Security Advisory (ELSA-2011-1326)
2015-10-06 00:00:00
RedHat Update for frysk RHSA-2011:1327-01
2011-09-23 00:00:00
CentOS Update for pango CESA-2011:1326 centos5 i386
2011-09-23 00:00:00
ubuntucve
ubuntucve
CVE-2011-3193
2012-06-15 00:00:00
debiancve
debiancve
CVE-2011-3193
2012-06-16 00:55:03
prion
prion
Heap overflow
2012-06-16 00:55:00
oraclelinux
oraclelinux
frysk security update
2011-09-21 00:00:00
pango security update
2011-09-21 00:00:00
evolution28-pango security update
2011-09-21 00:00:00
redhat
redhat
(RHSA-2011:1325) Moderate: evolution28-pango security update
2011-09-21 00:00:00
(RHSA-2011:1326) Moderate: pango security update
2011-09-21 00:00:00
(RHSA-2011:1327) Moderate: frysk security update
2011-09-21 00:00:00
nessus
nessus
Scientific Linux Security Update : pango on SL5.x i386/x86_64
2012-08-01 00:00:00
RHEL 4 : frysk (RHSA-2011:1327)
2011-09-22 00:00:00
Oracle Linux 5 : pango (ELSA-2011-1326)
2013-07-12 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 01:02:50
cvelist
cvelist
CVE-2011-3193
2012-06-16 00:00:00
nvd
nvd
CVE-2011-3193
2012-06-16 00:55:03
centos
centos
frysk security update
2011-09-22 20:50:51
evolution28 security update
2011-09-22 20:48:41
qt4 security update
2011-09-22 03:19:27
osv
osv
qt4-x11 - security update
2014-12-21 00:00:00
debian
debian
[SECURITY] [DLA 117-1] qt4-x11 security update
2014-12-21 16:26:39
gentoo
gentoo
QtCore, QtGui: Multiple vulnerabilities
2013-11-22 00:00:00
ubuntu
ubuntu
Qt vulnerabilities
2012-07-11 00:00:00

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.022 Low

EPSS

Percentile

89.5%

JSON
Related for CESA-2011:1326
cve1openvas34ubuntucve1debiancve1prion1oraclelinux6redhat6nessus27veracode1cvelist1nvd1centos3osv1debian1gentoo1ubuntu1