Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2011-3193
HistoryJun 15, 2012 - 12:00 a.m.

CVE-2011-3193

2012-06-1500:00:00
ubuntu.com
ubuntu.com
9

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.022 Low

EPSS

Percentile

89.5%

JSON

Heap-based buffer overflow in the Lookup_MarkMarkPos function in the
HarfBuzz module (harfbuzz-gpos.c), as used by Qt before 4.7.4 and Pango,
allows remote attackers to cause a denial of service (crash) and possibly
execute arbitrary code via a crafted font file.

Notes

Author Note
jdstrand Ubuntu 11.10 and higher are not affected
OSVersionArchitecturePackageVersionFilename
ubuntu10.04noarchqt4-x11< 4:4.6.2-0ubuntu5.4UNKNOWN
ubuntu11.04noarchqt4-x11< 4:4.7.2-0ubuntu6.4UNKNOWN

Related

oraclelinux 6
redhat 6
nessus 27
centos 4
veracode 1
cvelist 1
openvas 34
nvd 1
cve 1
debiancve 1
prion 1
osv 1
debian 1
gentoo 1
ubuntu 1
oraclelinux
oraclelinux
frysk security update
2011-09-21 00:00:00
pango security update
2011-09-21 00:00:00
evolution28-pango security update
2011-09-21 00:00:00
redhat
redhat
(RHSA-2011:1325) Moderate: evolution28-pango security update
2011-09-21 00:00:00
(RHSA-2011:1326) Moderate: pango security update
2011-09-21 00:00:00
(RHSA-2011:1327) Moderate: frysk security update
2011-09-21 00:00:00
nessus
nessus
Scientific Linux Security Update : pango on SL5.x i386/x86_64
2012-08-01 00:00:00
RHEL 4 : frysk (RHSA-2011:1327)
2011-09-22 00:00:00
Oracle Linux 5 : pango (ELSA-2011-1326)
2013-07-12 00:00:00
centos
centos
pango security update
2011-09-22 03:15:49
frysk security update
2011-09-22 20:50:51
evolution28 security update
2011-09-22 20:48:41
veracode
veracode
Denial Of Service (DoS)
2020-04-10 01:02:50
cvelist
cvelist
CVE-2011-3193
2012-06-16 00:00:00
openvas
openvas
CentOS Update for evolution28-pango CESA-2011:1325 centos4 i386
2011-09-23 00:00:00
CentOS Update for frysk CESA-2011:1327 centos4 x86_64
2012-07-30 00:00:00
RedHat Update for evolution28-pango RHSA-2011:1325-01
2011-09-23 00:00:00
nvd
nvd
CVE-2011-3193
2012-06-16 00:55:03
cve
cve
CVE-2011-3193
2012-06-16 00:55:03
debiancve
debiancve
CVE-2011-3193
2012-06-16 00:55:03
prion
prion
Heap overflow
2012-06-16 00:55:00
osv
osv
qt4-x11 - security update
2014-12-21 00:00:00
debian
debian
[SECURITY] [DLA 117-1] qt4-x11 security update
2014-12-21 16:26:39
gentoo
gentoo
QtCore, QtGui: Multiple vulnerabilities
2013-11-22 00:00:00
ubuntu
ubuntu
Qt vulnerabilities
2012-07-11 00:00:00

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.022 Low

EPSS

Percentile

89.5%

JSON
Related for UB:CVE-2011-3193
oraclelinux6redhat6nessus27centos4veracode1cvelist1openvas34nvd1cve1debiancve1prion1osv1debian1gentoo1ubuntu1