CVE-2011-0020
published 2011-01-24CVE-2011-0020: Heap-based buffer overflow in the pango_ft2_font_render_box_glyph function in pango/pangoft2-render.c in libpango in Pango 1.28.3 and earlier, when the…
PriorityP353high7.6CVSS 2.0
AVNACHAuNCCICAC
EXPLOIT
EPSS
18.94%
96.9th percentile
Heap-based buffer overflow in the pango_ft2_font_render_box_glyph function in pango/pangoft2-render.c in libpango in Pango 1.28.3 and earlier, when the FreeType2 backend is enabled, allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file, related to the glyph box for an FT_Bitmap object.
Affected
40 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | pango1.0 | < pango1.0 1.28.3-1+squeeze1 (bookworm) | pango1.0 1.28.3-1+squeeze1 (bookworm) |
| gnome | pango | <= 1.28.3 | — |
| gnome | pango | — | — |
| gnome | pango | — | — |
| gnome | pango | — | — |
| pango | pango | — | — |
| pango | pango | — | — |
| pango | pango | — | — |
| pango | pango | — | — |
| pango | pango | — | — |
| pango | pango | — | — |
| pango | pango | — | — |
| pango | pango | — | — |
| pango | pango | — | — |
| pango | pango | — | — |
| pango | pango | — | — |
| pango | pango | — | — |
| pango | pango | — | — |
| pango | pango | — | — |
| pango | pango | — | — |
| pango | pango | — | — |
| pango | pango | — | — |
| pango | pango | — | — |
| pango | pango | — | — |
| pango | pango | — | — |
CVSS provenance
nvdv2.07.6HIGHAV:N/AC:H/Au:N/C:C/I:C/A:C
osv7.6HIGH
vendor_debian7.6HIGH
vendor_redhat7.6HIGH
vendor_ubuntu4.3MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Pango vulnerabilities
vendor_ubuntu·2011-03-02·CVSS 4.3
CVE-2010-0421 [MEDIUM] Pango vulnerabilities
Title: Pango vulnerabilities
Marc Schoenefeld discovered that Pango incorrectly handled certain Glyph
Definition (GDEF) tables. If a user were tricked into displaying text with
a specially-crafted font, an attacker could cause Pango to crash, resulting
in a denial of service. This issue only affected Ubuntu 8.04 LTS and 9.10.
(CVE-2010-0421)
Dan Rosenberg discovered that Pango incorrectly handled certain FT_Bitmap
objects. If a user were tricked into displaying text with a specially-
crafted font, an attacker could cause a denial of service or execute
arbitrary code with privileges of the user invoking the program. The
default compiler options for affected releases should reduce the
vulnerability to a denial of service. (CVE-2011-0020)
It was discovered that Pango incorrectly handled ce
Red Hat
pango: Heap-based buffer overflow by rendering glyph box for certain FT_Bitmap objects
vendor_redhat·2011-01-18·CVSS 7.6
CVE-2011-0020 [HIGH] CWE-122 pango: Heap-based buffer overflow by rendering glyph box for certain FT_Bitmap objects
pango: Heap-based buffer overflow by rendering glyph box for certain FT_Bitmap objects
Heap-based buffer overflow in the pango_ft2_font_render_box_glyph function in pango/pangoft2-render.c in libpango in Pango 1.28.3 and earlier, when the FreeType2 backend is enabled, allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file, related to the glyph box for an FT_Bitmap object.
Package: pango (Red Hat Enterprise Linux 4) - Not affected
Debian
CVE-2011-0020: pango1.0 - Heap-based buffer overflow in the pango_ft2_font_render_box_glyph function in pa...
vendor_debian·2011·CVSS 7.6
CVE-2011-0020 [HIGH] CVE-2011-0020: pango1.0 - Heap-based buffer overflow in the pango_ft2_font_render_box_glyph function in pa...
Heap-based buffer overflow in the pango_ft2_font_render_box_glyph function in pango/pangoft2-render.c in libpango in Pango 1.28.3 and earlier, when the FreeType2 backend is enabled, allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file, related to the glyph box for an FT_Bitmap object.
Scope: local
bookworm: resolved (fixed in 1.28.3-1+squeeze1)
bullseye: resolved (fixed in 1.28.3-1+squeeze1)
forky: resolved (fixed in 1.28.3-1+squeeze1)
sid: resolved (fixed in 1.28.3-1+squeeze1)
trixie: resolved (fixed in 1.28.3-1+squeeze1)
GHSA
GHSA-5c8w-jg4w-gcj2: Heap-based buffer overflow in the pango_ft2_font_render_box_glyph function in pango/pangoft2-render
ghsa_unreviewed·2022-05-03
CVE-2011-0020 [HIGH] CWE-119 GHSA-5c8w-jg4w-gcj2: Heap-based buffer overflow in the pango_ft2_font_render_box_glyph function in pango/pangoft2-render
Heap-based buffer overflow in the pango_ft2_font_render_box_glyph function in pango/pangoft2-render.c in libpango in Pango 1.28.3 and earlier, when the FreeType2 backend is enabled, allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file, related to the glyph box for an FT_Bitmap object.
OSV
CVE-2011-0020: Heap-based buffer overflow in the pango_ft2_font_render_box_glyph function in pango/pangoft2-render
osv·2011-01-24·CVSS 7.6
CVE-2011-0020 [HIGH] CVE-2011-0020: Heap-based buffer overflow in the pango_ft2_font_render_box_glyph function in pango/pangoft2-render
Heap-based buffer overflow in the pango_ft2_font_render_box_glyph function in pango/pangoft2-render.c in libpango in Pango 1.28.3 and earlier, when the FreeType2 backend is enabled, allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file, related to the glyph box for an FT_Bitmap object.
No detection rules found.
http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.htmlhttp://openwall.com/lists/oss-security/2011/01/18/6http://openwall.com/lists/oss-security/2011/01/20/2http://osvdb.org/70596http://secunia.com/advisories/42934http://secunia.com/advisories/43100http://www.redhat.com/support/errata/RHSA-2011-0180.htmlhttp://www.securityfocus.com/bid/45842http://www.securitytracker.com/id?1024994http://www.vupen.com/english/advisories/2011/0186http://www.vupen.com/english/advisories/2011/0238https://bugs.launchpad.net/ubuntu/+source/pango1.0/+bug/696616https://bugzilla.gnome.org/show_bug.cgi?id=639882https://bugzilla.redhat.com/show_bug.cgi?id=671122https://exchange.xforce.ibmcloud.com/vulnerabilities/64832http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.htmlhttp://openwall.com/lists/oss-security/2011/01/18/6http://openwall.com/lists/oss-security/2011/01/20/2http://osvdb.org/70596http://secunia.com/advisories/42934http://secunia.com/advisories/43100http://www.redhat.com/support/errata/RHSA-2011-0180.htmlhttp://www.securityfocus.com/bid/45842http://www.securitytracker.com/id?1024994http://www.vupen.com/english/advisories/2011/0186http://www.vupen.com/english/advisories/2011/0238https://bugs.launchpad.net/ubuntu/+source/pango1.0/+bug/696616https://bugzilla.gnome.org/show_bug.cgi?id=639882https://bugzilla.redhat.com/show_bug.cgi?id=671122https://exchange.xforce.ibmcloud.com/vulnerabilities/64832
2011-01-24
Published