MiracleLinux 3 : pango-1.14.9-8.AXS3.3 (AXSA:2011-317:02)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2011-317:02 advisory. Pango is a system for layout and rendering of internationalized text. Security issues fixed with this release: CVE-2011-3193 No information available at the...

Debian: Security Advisory (DLA-117-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle: Security Advisory (ELSA-2011-1326)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle: Security Advisory (ELSA-2011-1323)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Gentoo Security Advisory GLSA 201311-14

Gentoo Linux Local Security Checks GLSA 201311-14 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

Debian DLA-117-1 : qt4-x11 security update

CVE-2011-3193 Check for buffer overflow in LookupMarkMarkPos that may cause crash in this function with certain fonts. CVE-2011-3194 Fix tiff reader to handle TIFFTAGSAMPLESPERPIXEL for grayscale images. The reader uses QImage::FormatIndexed8, but since the samples per pixel value this should be...

openSUSE Security Update : libQtWebKit-devel (openSUSE-SU-2011:1120-1)

Specially crafted font files could cause a single byte heap based buffer overflow CVE-2011-3193. Specially crafted grey scale images could cause a heap based buffer overflow CVE-2011-3194. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...

openSUSE Security Update : libQtWebKit-devel (openSUSE-SU-2011:1119-1)

Specially crafted font files could cause a single byte heap based buffer overflow CVE-2011-3193. Specially crafted grey scale images could cause a heap based buffer overflow CVE-2011-3194. The update also fixes the following non-security bugs : - fix QFileDialog not showing system files bnc669604...

Oracle Linux 4 : frysk (ELSA-2011-1327)

From Red Hat Security Advisory 2011:1327 : An updated frysk package that fixes one security issue is now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score,...

Oracle Linux 6 : qt (ELSA-2011-1323)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2011-1323 advisory. 1:4.6.2-17.1 - Resolves: rhbz737812 fix multiple flaws in Qt CVE-2011-3193, CVE-2011-3194 Tenable has extracted the preceding description block directl...

Oracle Linux 4 : evolution28-pango (ELSA-2011-1325)

From Red Hat Security Advisory 2011:1325 : Updated evolution28-pango packages that fix one security issue are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base...

Scientific Linux Security Update : qt4 on SL5.x i386/x86_64

Qt 4 is a software toolkit that simplifies the task of writing and maintaining GUI Graphical User Interface applications for the X Window System. HarfBuzz is an OpenType text shaping engine. A flaw in the way Qt 4 expanded certain UTF-8 characters could be used to prevent a Qt 4 based application...

Scientific Linux Security Update : evolution28-pango on SL4.x i386/x86_64

Pango is a library used for the layout and rendering of internationalized text. A buffer overflow flaw was found in HarfBuzz, an OpenType text shaping engine used in Pango. If a user loaded a specially crafted font file with an application that uses Pango, it could cause the application to crash...

Scientific Linux Security Update : frysk on SL4.x i386/x86_64

frysk is an execution-analysis technology implemented using native Java and C++. It provides developers and system administrators with the ability to examine and analyze multi-host, multi-process, and multithreaded systems while they are running. frysk is released as a Technology Preview for...

CentOS Update for frysk CESA-2011:1327 centos4 x86_64

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS Update for qt4 CESA-2011:1324 centos5 x86_64

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS Update for evolution28-pango CESA-2011:1325 centos4 x86_64

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CVE-2011-3193

Heap-based buffer overflow in the LookupMarkMarkPos function in the HarfBuzz module harfbuzz-gpos.c, as used by Qt before 4.7.4 and Pango, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted font file...

CVE-2011-3193

CVE-2011-3193 is a heap-based buffer overflow in HarfBuzz’s Lookup_MarkMarkPos (harfbuzz-gpos.c) as used by Qt before 4.7.4 and Pango, allowing remote crashes and potential code execution via a crafted font. Remediation cited in advisories: upgrade to Qt 4.7.4+ and updated Pango/Harfbuzz where fi...

qt security update

4.6.2-20 - Resolves: rhbz737813 fix multiple flaws in Qt CVE-2011-3193, CVE-2011-3194 4.6.2-19 - Resolves: rhbz679759, missing executable bit in qt-examples binaries - Resolves: rhbz716694, move macros.qt4 to -devel - Resolves: rhbz680088, rpmdiff failure 4.6.2-18 - Resolves: rhbz562132, Malayala...