Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2011:0180
HistoryJan 27, 2011 - 12:00 a.m.

(RHSA-2011:0180) Moderate: pango security update

2011-01-2700:00:00
access.redhat.com
12

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.186 Low

EPSS

Percentile

95.7%

JSON

Pango is a library used for the layout and rendering of internationalized
text.

An input sanitization flaw, leading to a heap-based buffer overflow, was
found in the way Pango displayed font files when using the FreeType font
engine back end. If a user loaded a malformed font file with an application
that uses Pango, it could cause the application to crash or, possibly,
execute arbitrary code with the privileges of the user running the
application. (CVE-2011-0020)

Users of pango and evolution28-pango are advised to upgrade to these
updated packages, which contain a backported patch to resolve this issue.
After installing the updated packages, you must restart your system or
restart your X session for the update to take effect.

OSVersionArchitecturePackageVersionFilename
RedHat5i386pango-devel< 1.14.9-8.el5_6.2pango-devel-1.14.9-8.el5_6.2.i386.rpm
RedHat6s390pango< 1.28.1-3.el6_0.3pango-1.28.1-3.el6_0.3.s390.rpm
RedHat6x86_64pango< 1.28.1-3.el6_0.3pango-1.28.1-3.el6_0.3.x86_64.rpm
RedHat5ppcpango-devel< 1.14.9-8.el5_6.2pango-devel-1.14.9-8.el5_6.2.ppc.rpm
RedHat6ppcpango< 1.28.1-3.el6_0.3pango-1.28.1-3.el6_0.3.ppc.rpm
RedHat6srcpango< 1.28.1-3.el6_0.3pango-1.28.1-3.el6_0.3.src.rpm
RedHat4ppcevolution28-pango-devel< 1.14.9-13.el4_10evolution28-pango-devel-1.14.9-13.el4_10.ppc.rpm
RedHat6s390xpango-debuginfo< 1.28.1-3.el6_0.3pango-debuginfo-1.28.1-3.el6_0.3.s390x.rpm
RedHat4ppcevolution28-pango< 1.14.9-13.el4_10evolution28-pango-1.14.9-13.el4_10.ppc.rpm
RedHat6s390xpango-devel< 1.28.1-3.el6_0.3pango-devel-1.28.1-3.el6_0.3.s390x.rpm
Rows per page:
1-10 of 471

Related

openvas 10
nessus 12
debiancve 1
centos 1
prion 1
ubuntucve 1
veracode 1
oraclelinux 1
securityvulns 3
cve 1
cvelist 1
ubuntu 1
gentoo 1
openvas
openvas
RedHat Update for pango RHSA-2011:0180-01
2011-01-31 00:00:00
RedHat Update for pango RHSA-2011:0180-01
2011-01-31 00:00:00
CentOS Update for evolution28-pango CESA-2011:0180 centos4 i386
2011-02-11 00:00:00
nessus
nessus
Oracle Linux 4 / 5 / 6 : pango (ELSA-2011-0180)
2013-07-12 00:00:00
RHEL 4 / 5 / 6 : pango (RHSA-2011:0180)
2011-01-28 00:00:00
Scientific Linux Security Update : pango on SL4.x, SL5.x i386/x86_64
2012-08-01 00:00:00
debiancve
debiancve
CVE-2011-0020
2011-01-24 18:00:00
centos
centos
evolution28 security update
2011-02-04 10:45:23
prion
prion
Heap overflow
2011-01-24 18:00:00
ubuntucve
ubuntucve
CVE-2011-0020
2011-01-24 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:59:27
oraclelinux
oraclelinux
pango security update
2011-01-27 00:00:00
securityvulns
securityvulns
pango / libpango buffer overflow
2011-02-04 00:00:00
[ MDVSA-2011:020 ] pango
2011-02-04 00:00:00
ESA-2015-002: Unisphere Central Security Update for Multiple Vulnerabilities
2015-02-02 00:00:00
cve
cve
CVE-2011-0020
2011-01-24 18:00:00
cvelist
cvelist
CVE-2011-0020
2011-01-24 17:00:00
ubuntu
ubuntu
Pango vulnerabilities
2011-03-02 00:00:00
gentoo
gentoo
Pango: Multiple vulnerabilities
2014-05-17 00:00:00

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.186 Low

EPSS

Percentile

95.7%

JSON
Related for RHSA-2011:0180
openvas10nessus12debiancve1centos1prion1ubuntucve1veracode1oraclelinux1securityvulns3cve1cvelist1ubuntu1gentoo1