Lucene search
K

363 matches found

Tenable Nessus
Tenable Nessus
added 2009/05/11 12:0 a.m.28 views

RHEL 3 / 4 / 5 : pango (RHSA-2009:0476)

Updated pango and evolution28-pango packages that fix an integer overflow flaw are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Pango is a library used for the layout and rendering of...

6.8CVSS5.2AI score0.0413EPSS
Exploits2References3
OpenVAS
OpenVAS
added 2009/05/11 12:0 a.m.23 views

RedHat Security Advisory RHSA-2009:0476

The remote host is missing updates announced in advisory RHSA-2009:0476. Pango is a library used for the layout and rendering of internationalized text. Will Drewry discovered an integer overflow flaw in Pango SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from...

6.8CVSS7.8AI score0.0413EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2009/05/11 12:0 a.m.25 views

CentOS Security Advisory CESA-2009:0476 (pango)

The remote host is missing updates to pango announced in advisory CESA-2009:0476. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-onl...

6.8CVSS7.6AI score0.0413EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2009/05/11 12:0 a.m.30 views

CentOS 3 / 4 / 5 : pango (CESA-2009:0476)

Updated pango and evolution28-pango packages that fix an integer overflow flaw are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Pango is a library used for the layout and rendering of...

6.8CVSS5.2AI score0.0413EPSS
Exploits2References9
Debian
Debian
added 2009/05/10 9:29 a.m.19 views

[SECURITY] [DSA 1798-1] New pango1.0 packages fix arbitrary code execution

------------------------------------------------------------------------ Debian Security Advisory DSA-1798-1 [email protected] http://www.debian.org/security/ Steffen Joeris May 10, 2009 http://www.debian.org/security/faq -...

6.8CVSS6.8AI score0.0413EPSS
Exploits2
OSV
OSV
added 2009/05/10 12:0 a.m.12 views

DSA-1798-1 pango1.0 - arbitrary code execution

Bulletin has no description...

6.8CVSS6.3AI score0.0413EPSS
Exploits2
Cent OS
Cent OS
added 2009/05/08 9:6 p.m.58 views

evolution28, pango security update

CentOS Errata and Security Advisory CESA-2009:0476 Updated pango and evolution28-pango packages that fix an integer overflow flaw are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Pango...

6.8CVSS5.9AI score0.0413EPSS
Exploits2References9
RedHat Linux
RedHat Linux
added 2009/05/08 9:20 a.m.35 views

Important: Red Hat Security Advisory: pango security update

Updated pango and evolution28-pango packages that fix an integer overflow flaw are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Pango is a library used for the layout and rendering of...

6.8CVSS5.9AI score0.0413EPSS
Exploits2References2
RedHat Linux
RedHat Linux
added 2009/05/08 9:20 a.m.4 views

pango: pango_glyph_string_set_size integer overflow

Integer overflow in the pangoglyphstringsetsize function in pango/glyphstring.c in Pango before 1.24 allows context-dependent attackers to cause a denial of service application crash or possibly execute arbitrary code via a long glyph string that triggers a heap-based buffer overflow, as...

6.8CVSS6.4AI score0.0413EPSS
Exploits2References4
Oracle linux
Oracle linux
added 2009/05/08 12:0 a.m.31 views

pango security update

1.14.9-4 - Add pango-glyphstring.patch - Resolves: 497361...

6.8CVSS1.9AI score0.0413EPSS
Exploits2
Positive Technologies
Positive Technologies
added 2009/05/08 12:0 a.m.3 views

PT-2009-3742 · Mozilla +1 · Firefox +1

Name of the Vulnerable Software and Affected Versions: Pango versions prior to 1.24 Description: The issue is related to an integer overflow in the pango glyph string set size function, which can be triggered by a long glyph string. This can cause a denial of service, resulting in an application...

6.8CVSS5.2AI score0.0413EPSS
Exploits2References36
Ubuntu
Ubuntu
added 2009/05/07 5:57 p.m.71 views

USN-773-1: Pango vulnerability

Will Drewry discovered that Pango incorrectly handled rendering text with long glyphstrings. If a user were tricked into displaying specially crafted data with applications linked against Pango, such as Firefox, an attacker could cause a denial of service or execute arbitrary code with privileges...

6.8CVSS5.5AI score0.0413EPSS
Exploits2
securityvulns
securityvulns
added 2009/05/07 12:0 a.m.45 views

Pango library integer overflow

Integer overflow leading to heap buffer overflow...

6.8CVSS3.2AI score0.0413EPSS
Exploits2References1Affected Software1
securityvulns
securityvulns
added 2009/05/07 12:0 a.m.45 views

[oCERT-2009-001] Pango integer overflow in heap allocation size calculations

2009-001 Pango integer overflow in heap allocation size calculations Description: Pango is a library for laying out and rendering text, with an emphasis on internationalization. Pango suffers from a multiplicative integer overflow which may lead to a potentially exploitable, heap overflow dependi...

6.8CVSS0.7AI score0.0413EPSS
Exploits2
FreeBSD
FreeBSD
added 2009/02/22 12:0 a.m.28 views

pango -- integer overflow

oCERT reports: Pango suffers from a multiplicative integer overflow which may lead to a potentially exploitable, heap overflow depending on the calling conditions. For example, this vulnerability is remotely reachable in Firefox by creating an overly large document.location value but only results...

6.8CVSS6.6AI score0.0413EPSS
Exploits2References1
Tenable Nessus
Tenable Nessus
added 2007/12/11 12:0 a.m.30 views

Fedora 7 : seamonkey-1.1.7-1.fc7 (2007-4106)

Sun Dec 2 2007 Kai Engert - 1.1.7-1 - SeaMonkey 1.1.7 - Mon Nov 5 2007 Kai Engert - 1.1.6-1 - SeaMonkey 1.1.6 - Fri Oct 19 2007 Kai Engert - 1.1.5-1 - SeaMonkey 1.1.5 - Fri Jul 27 2007 Martin Stransky - 1.1.3-2 - added pango patches - Fri Jul 20 2007 Kai Engert - 1.1.3-1 - SeaMonkey 1.1.3 - Thu...

9.3CVSS8.2AI score0.05443EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2007/03/06 12:0 a.m.32 views

Fedora Core 5 : thunderbird-1.5.0.10-1.fc5 (2007-309)

Thu Mar 1 2007 Martin Stransky 1.5.0.10-1 - Update to 1.5.0.10 - Tue Dec 19 2006 Matthias Clasen 1.5.0.9-2 - Add a Requires: launchmail 219884 - Tue Dec 19 2006 Christopher Aillon 1.5.0.9-1 - Update to 1.5.0.9 - Take firefox's pango fixes - Don't offer to import...nothing. - Tue Nov 7 2006...

9.3CVSS8.2AI score0.5036EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2005/09/12 12:0 a.m.9 views

Fedora Core 3 : firefox-1.0.1-1.3.1 (2005-182)

This update fixes several security vulnerabilities in Firefox 1.0. It is recommended that all users update to Firefox 1.0.1. Additionally, this update backports several fixes from rawhide. This update enables pango font rendering by default. This update enables smooth scrolling by default. On...

5.5AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2005/09/12 12:0 a.m.45 views

Fedora Core 3 : thunderbird-1.0.2-1.3.1 (2005-247)

A buffer overflow bug was found in the way Thunderbird processes GIF images. It is possible for an attacker to create a specially crafted GIF image, which when viewed by a victim will execute arbitrary code as the victim. The Common Vulnerabilities and Exposures project cve.mitre.org has assigned...

5.1CVSS6.2AI score0.15116EPSS
Exploits4References2
UbuntuCve
UbuntuCve
added 2005/05/02 4:0 a.m.23 views

CVE-2005-0966

The IRC protocol plugin in Gaim 1.2.0, and possibly earlier versions, allows 1 remote attackers to inject arbitrary Gaim markup via ircmsgkick, ircmsgmode, ircmsgpart, ircmsgquit, 2 remote attackers to inject arbitrary Pango markup and pop up empty dialog boxes via ircmsginvite, or 3 malicious IR...

6.4CVSS6.1AI score0.02477EPSS
Exploits0References2
Rows per page
Query Builder