UbuntuUSN-773-1Pango vulnerability
7.3 High
AI Score
Confidence
Low
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
72.3%
Releases
- Ubuntu 8.10
- Ubuntu 8.04
- Ubuntu 6.06
Packages
- pango1.0 -
Details
Will Drewry discovered that Pango incorrectly handled rendering text with
long glyphstrings. If a user were tricked into displaying specially crafted
data with applications linked against Pango, such as Firefox, an attacker
could cause a denial of service or execute arbitrary code with privileges
of the user invoking the program.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 8.10 | noarch | libpango1.0-0 | < 1.22.2-0ubuntu1.1 | UNKNOWN |
| Ubuntu | 8.10 | noarch | libpango1.0-0-dbg | < 1.22.2-0ubuntu1.1 | UNKNOWN |
| Ubuntu | 8.10 | noarch | libpango1.0-dev | < 1.22.2-0ubuntu1.1 | UNKNOWN |
| Ubuntu | 8.10 | noarch | libpango1.0-udeb | < 1.22.2-0ubuntu1.1 | UNKNOWN |
| Ubuntu | 8.04 | noarch | libpango1.0-0 | < 1.20.5-0ubuntu1.1 | UNKNOWN |
| Ubuntu | 8.04 | noarch | libpango1.0-0-dbg | < 1.20.5-0ubuntu1.1 | UNKNOWN |
| Ubuntu | 8.04 | noarch | libpango1.0-dev | < 1.20.5-0ubuntu1.1 | UNKNOWN |
| Ubuntu | 8.04 | noarch | libpango1.0-udeb | < 1.20.5-0ubuntu1.1 | UNKNOWN |
| Ubuntu | 6.06 | noarch | libpango1.0-0 | < 1.12.3-0ubuntu3.1 | UNKNOWN |
| Ubuntu | 6.06 | noarch | libpango1.0-0-dbg | < 1.12.3-0ubuntu3.1 | UNKNOWN |
References
Related
7.3 High
AI Score
Confidence
Low
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
72.3%