26 matches found
pango / libpango buffer overflow
Buffer overflow in pangoft2fontrenderboxglyph...
CVE-2011-0020
Heap-based buffer overflow in the pangoft2fontrenderboxglyph function in pango/pangoft2-render.c in libpango in Pango 1.28.3 and earlier, when the FreeType2 backend is enabled, allows user-assisted remote attackers to cause a denial of service application crash or possibly execute arbitrary code...
CVE-2011-0020
CVE-2011-0020: Heap-based buffer overflow in Pango’s FreeType2 path (pango_ft2_font_render_box_glyph in libpango, older than or equal to 1.28.3) can crash the target application or allow arbitrary code execution via a crafted font. Affected products include libpango packages built with the FreeTy...
openSUSE Security Update : MozillaFirefox (MozillaFirefox-1135)
The MozillaFirefox 3.0.12 release fixes various bugs and some critical security issues. MFSA 2009-34 / CVE-2009-2462 / CVE-2009-2463 / CVE-2009-2464 / CVE-2009-2465 / CVE-2009-2466: Mozilla developers and community members identified and fixed several stability bugs in the browser engine used in...
openSUSE Security Update : pango (pango-824)
This update of pango fixes a segfault in libpango that can be triggered by visiting websites. CVE-2009-1194 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update pango-824. The text description of...
Heap/integer overflows in font glyph rendering libraries — Mozilla
oCERT security researcher Will Drewry reported a series of heap and integer overflow vulnerabilities which independently affected multiple font glyph rendering libraries. On Linux platforms libpango was susceptible to the vulnerabilities while on OS X CoreGraphics was similarly vulnerable. An...