Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2011-0064HistoryMar 07, 2011 - 9:00 p.m.
CVE-2011-0064
2011-03-0721:00:00
Debian Security Bug Tracker
security-tracker.debian.org
12
0.136 Low
EPSS
Percentile
95.6%
The hb_buffer_ensure function in hb-buffer.c in HarfBuzz, as used in Pango 1.28.3, Firefox, and other products, does not verify that memory reallocations succeed, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly execute arbitrary code via crafted OpenType font data that triggers use of an incorrect index.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | pango1.0 | < 1.28.3-2~sid1 | pango1.0_1.28.3-2~sid1_all.deb |
| Debian | 11 | all | pango1.0 | < 1.28.3-2~sid1 | pango1.0_1.28.3-2~sid1_all.deb |
| Debian | 10 | all | pango1.0 | < 1.28.3-2~sid1 | pango1.0_1.28.3-2~sid1_all.deb |
| Debian | 999 | all | pango1.0 | < 1.28.3-2~sid1 | pango1.0_1.28.3-2~sid1_all.deb |
| Debian | 13 | all | pango1.0 | < 1.28.3-2~sid1 | pango1.0_1.28.3-2~sid1_all.deb |
Related
openvas
openvas
Fedora Update for pango FEDORA-2011-3194
2011-03-24 00:00:00
Debian Security Advisory DSA 2178-1 (pango1.0)
2011-03-09 00:00:00
Debian: Security Advisory (DSA-2178-1)
2011-03-09 00:00:00
debian
debian
[SECURITY] [DSA 2178-1] pango1.0 security update
2011-03-02 20:11:06
fedora
fedora
[SECURITY] Fedora 14 Update: pango-1.28.1-5.fc14
2011-03-16 19:54:59
nessus
nessus
Debian DSA-2178-1 : pango1.0 - NULL pointer dereference
2011-03-03 00:00:00
Fedora 14 : pango-1.28.1-5.fc14 (2011-3194)
2011-03-17 00:00:00
Scientific Linux Security Update : pango on SL6.x i386/x86_64
2012-08-01 00:00:00
redhat
redhat
(RHSA-2011:0309) Critical: pango security update
2011-03-01 00:00:00
ubuntucve
ubuntucve
CVE-2011-0064
2011-03-01 00:00:00
oraclelinux
oraclelinux
pango security update
2011-03-01 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 2178-1] pango1.0 security update
2011-03-03 00:00:00
Pango library NULL pointer dereference
2011-03-03 00:00:00
ESA-2015-002: Unisphere Central Security Update for Multiple Vulnerabilities
2015-02-02 00:00:00
cvelist
cvelist
CVE-2011-0064
2011-03-07 20:00:00
cve
cve
CVE-2011-0064
2011-03-07 21:00:00
prion
prion
Null pointer dereference
2011-03-07 21:00:00
ubuntu
ubuntu
Pango vulnerabilities
2011-03-02 00:00:00
gentoo
gentoo
Pango: Multiple vulnerabilities
2014-05-17 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2024-2371
2024-03-12 12:37:38