CVE-2011-3193 — Out-of-bounds Write in Pango

CWE-787 — Out-of-bounds Write9 documents8 sources

Severity

9.3CRITICALNVD

EPSS

4.6%

top 10.70%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Gnome Pango QT Canonical Ubuntu Linux +5 more

Timeline

PublishedJun 16

Latest updateMay 13

Description

Heap-based buffer overflow in the Lookup_MarkMarkPos function in the HarfBuzz module (harfbuzz-gpos.c), as used by Qt before 4.7.4 and Pango, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted font file.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages6 packages

▶NVDgnome/pango< 1.25.1

▶NVDqt/qt< 4.7.4

▶NVDopensuse/opensuse11.3, 11.4+1

▶NVDredhat/enterprise_linux_server4.0, 5.0, 6.0+2

▶NVDredhat/enterprise_linux_desktop4.0, 5.0, 6.0+2

Also affects: Ubuntu Linux 10.04, 11.04, Enterprise Linux 6.1

Patches

Patch: cgit.freedesktop.org ↗Patch: cgit.freedesktop.org ↗Patch: git.gnome.org ↗

🔴Vulnerability Details

GHSA

GHSA-gw56-35qp-gch8: Heap-based buffer overflow in the Lookup_MarkMarkPos function in the HarfBuzz module (harfbuzz-gpos↗2022-05-13

▶

CVEList

CVE-2011-3193: Heap-based buffer overflow in the Lookup_MarkMarkPos function in the HarfBuzz module (harfbuzz-gpos↗2012-06-16

▶

OSV

CVE-2011-3193: Heap-based buffer overflow in the Lookup_MarkMarkPos function in the HarfBuzz module (harfbuzz-gpos↗2012-06-16

▶

📋Vendor Advisories

Ubuntu

Qt vulnerabilities↗2012-07-11

▶

Red Hat

qt/harfbuzz buffer overflow↗2011-07-19

▶

Debian

CVE-2011-3193: pango1.0 - Heap-based buffer overflow in the Lookup_MarkMarkPos function in the HarfBuzz mo...↗2011

▶

💬Community

Bugzilla

CVE-2011-3193 qt/harfbuzz buffer overflow [fedora-all]↗2011-09-22

▶

Bugzilla

CVE-2011-3193 qt/harfbuzz buffer overflow↗2011-08-24

▶