363 matches found
RHEL 3 / 4 / 5 : pango (RHSA-2009:0476)
Updated pango and evolution28-pango packages that fix an integer overflow flaw are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Pango is a library used for the layout and rendering of...
RedHat Security Advisory RHSA-2009:0476
The remote host is missing updates announced in advisory RHSA-2009:0476. Pango is a library used for the layout and rendering of internationalized text. Will Drewry discovered an integer overflow flaw in Pango SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from...
CentOS Security Advisory CESA-2009:0476 (pango)
The remote host is missing updates to pango announced in advisory CESA-2009:0476. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-onl...
CentOS 3 / 4 / 5 : pango (CESA-2009:0476)
Updated pango and evolution28-pango packages that fix an integer overflow flaw are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Pango is a library used for the layout and rendering of...
[SECURITY] [DSA 1798-1] New pango1.0 packages fix arbitrary code execution
------------------------------------------------------------------------ Debian Security Advisory DSA-1798-1 [email protected] http://www.debian.org/security/ Steffen Joeris May 10, 2009 http://www.debian.org/security/faq -...
DSA-1798-1 pango1.0 - arbitrary code execution
Bulletin has no description...
evolution28, pango security update
CentOS Errata and Security Advisory CESA-2009:0476 Updated pango and evolution28-pango packages that fix an integer overflow flaw are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Pango...
Important: Red Hat Security Advisory: pango security update
Updated pango and evolution28-pango packages that fix an integer overflow flaw are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Pango is a library used for the layout and rendering of...
pango: pango_glyph_string_set_size integer overflow
Integer overflow in the pangoglyphstringsetsize function in pango/glyphstring.c in Pango before 1.24 allows context-dependent attackers to cause a denial of service application crash or possibly execute arbitrary code via a long glyph string that triggers a heap-based buffer overflow, as...
pango security update
1.14.9-4 - Add pango-glyphstring.patch - Resolves: 497361...
PT-2009-3742 · Mozilla +1 · Firefox +1
Name of the Vulnerable Software and Affected Versions: Pango versions prior to 1.24 Description: The issue is related to an integer overflow in the pango glyph string set size function, which can be triggered by a long glyph string. This can cause a denial of service, resulting in an application...
USN-773-1: Pango vulnerability
Will Drewry discovered that Pango incorrectly handled rendering text with long glyphstrings. If a user were tricked into displaying specially crafted data with applications linked against Pango, such as Firefox, an attacker could cause a denial of service or execute arbitrary code with privileges...
Pango library integer overflow
Integer overflow leading to heap buffer overflow...
[oCERT-2009-001] Pango integer overflow in heap allocation size calculations
2009-001 Pango integer overflow in heap allocation size calculations Description: Pango is a library for laying out and rendering text, with an emphasis on internationalization. Pango suffers from a multiplicative integer overflow which may lead to a potentially exploitable, heap overflow dependi...
pango -- integer overflow
oCERT reports: Pango suffers from a multiplicative integer overflow which may lead to a potentially exploitable, heap overflow depending on the calling conditions. For example, this vulnerability is remotely reachable in Firefox by creating an overly large document.location value but only results...
Fedora 7 : seamonkey-1.1.7-1.fc7 (2007-4106)
Sun Dec 2 2007 Kai Engert - 1.1.7-1 - SeaMonkey 1.1.7 - Mon Nov 5 2007 Kai Engert - 1.1.6-1 - SeaMonkey 1.1.6 - Fri Oct 19 2007 Kai Engert - 1.1.5-1 - SeaMonkey 1.1.5 - Fri Jul 27 2007 Martin Stransky - 1.1.3-2 - added pango patches - Fri Jul 20 2007 Kai Engert - 1.1.3-1 - SeaMonkey 1.1.3 - Thu...
Fedora Core 5 : thunderbird-1.5.0.10-1.fc5 (2007-309)
Thu Mar 1 2007 Martin Stransky 1.5.0.10-1 - Update to 1.5.0.10 - Tue Dec 19 2006 Matthias Clasen 1.5.0.9-2 - Add a Requires: launchmail 219884 - Tue Dec 19 2006 Christopher Aillon 1.5.0.9-1 - Update to 1.5.0.9 - Take firefox's pango fixes - Don't offer to import...nothing. - Tue Nov 7 2006...
Fedora Core 3 : firefox-1.0.1-1.3.1 (2005-182)
This update fixes several security vulnerabilities in Firefox 1.0. It is recommended that all users update to Firefox 1.0.1. Additionally, this update backports several fixes from rawhide. This update enables pango font rendering by default. This update enables smooth scrolling by default. On...
Fedora Core 3 : thunderbird-1.0.2-1.3.1 (2005-247)
A buffer overflow bug was found in the way Thunderbird processes GIF images. It is possible for an attacker to create a specially crafted GIF image, which when viewed by a victim will execute arbitrary code as the victim. The Common Vulnerabilities and Exposures project cve.mitre.org has assigned...
CVE-2005-0966
The IRC protocol plugin in Gaim 1.2.0, and possibly earlier versions, allows 1 remote attackers to inject arbitrary Gaim markup via ircmsgkick, ircmsgmode, ircmsgpart, ircmsgquit, 2 remote attackers to inject arbitrary Pango markup and pop up empty dialog boxes via ircmsginvite, or 3 malicious IR...