Executive Summary
Summary | |
---|---|
Title | New pango1.0 packages fix denial of service |
Informations | |||
---|---|---|---|
Name | DSA-2019 | First vendor Publication | 2010-03-20 |
Vendor | Debian | Last vendor Modification | 2010-03-20 |
Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Marc Schoenefeld discovered an improper input sanitization in Pango, a library for layout and rendering of text, leading to array indexing error. If a local user was tricked into loading a specially-crafted font file in an application, using the Pango font rendering library, it could lead to denial of service (application crash). For the stable distribution (lenny), this problem has been fixed in version 1.20.5-5+lenny1. For the testing distribution (squeeze), and the unstable distribution (sid), this problem will be fixed soon. We recommend that you upgrade your pango1.0 package. |
Original Source
Url : http://www.debian.org/security/2010/dsa-2019 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
14 % | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25) |
9 % | CWE-611 | Information Leak Through XML External Entity File Disclosure |
9 % | CWE-532 | Information Leak Through Log Files |
9 % | CWE-295 | Certificate Issues |
6 % | CWE-732 | Incorrect Permission Assignment for Critical Resource (CWE/SANS Top 25) |
6 % | CWE-307 | Improper Restriction of Excessive Authentication Attempts (CWE/SANS Top 25) |
6 % | CWE-78 | Improper Sanitization of Special Elements used in an OS Command ('OS Command Injection') (CWE/SANS Top 25) |
3 % | CWE-787 | Out-of-bounds Write (CWE/SANS Top 25) |
3 % | CWE-770 | Allocation of Resources Without Limits or Throttling |
3 % | CWE-693 | Protection Mechanism Failure |
3 % | CWE-502 | Deserialization of Untrusted Data |
3 % | CWE-427 | Uncontrolled Search Path Element |
3 % | CWE-352 | Cross-Site Request Forgery (CSRF) (CWE/SANS Top 25) |
3 % | CWE-327 | Use of a Broken or Risky Cryptographic Algorithm (CWE/SANS Top 25) |
3 % | CWE-325 | Missing Required Cryptographic Step |
3 % | CWE-312 | Cleartext Storage of Sensitive Information |
3 % | CWE-310 | Cryptographic Issues |
3 % | CWE-203 | Information Exposure Through Discrepancy |
3 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
3 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
3 % | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE/SANS Top 25) |
3 % | CWE-20 | Improper Input Validation |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:20119 | |||
Oval ID: | oval:org.mitre.oval:def:20119 | ||
Title: | DSA-2019-1 pango1.0 - denial of service | ||
Description: | Marc Schoenefeld discovered an improper input sanitisation in Pango, a library for layout and rendering of text, leading to array indexing error. If a local user was tricked into loading a specially-crafted font file in an application, using the Pango font rendering library, it could lead to denial of service (application crash). | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2019-1 CVE-2010-0421 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | pango1.0 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:21202 | |||
Oval ID: | oval:org.mitre.oval:def:21202 | ||
Title: | RHSA-2010:0140: pango security update (Moderate) | ||
Description: | Array index error in the hb_ot_layout_build_glyph_classes function in pango/opentype/hb-ot-layout.cc in Pango before 1.27.1 allows context-dependent attackers to cause a denial of service (application crash) via a crafted font file, related to building a synthetic Glyph Definition (aka GDEF) table by using this font's charmap and the Unicode property database. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2010:0140-01 CESA-2010:0140 CVE-2010-0421 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 3 Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | pango evolution28-pango |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22827 | |||
Oval ID: | oval:org.mitre.oval:def:22827 | ||
Title: | ELSA-2010:0140: pango security update (Moderate) | ||
Description: | Array index error in the hb_ot_layout_build_glyph_classes function in pango/opentype/hb-ot-layout.cc in Pango before 1.27.1 allows context-dependent attackers to cause a denial of service (application crash) via a crafted font file, related to building a synthetic Glyph Definition (aka GDEF) table by using this font's charmap and the Unicode property database. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2010:0140-01 CVE-2010-0421 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | pango evolution28-pango |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:7607 | |||
Oval ID: | oval:org.mitre.oval:def:7607 | ||
Title: | DSA-2019 pango1.0 -- missing input sanitisation | ||
Description: | Marc Schoenefeld discovered an improper input sanitisation in Pango, a library for layout and rendering of text, leading to array indexing error. If a local user was tricked into loading a specially-crafted font file in an application, using the Pango font rendering library, it could lead to denial of service . | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2019 CVE-2010-0421 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | pango1.0 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9417 | |||
Oval ID: | oval:org.mitre.oval:def:9417 | ||
Title: | Array index error in the hb_ot_layout_build_glyph_classes function in pango/opentype/hb-ot-layout.cc in Pango before 1.27.1 allows context-dependent attackers to cause a denial of service (application crash) via a crafted font file, related to building a synthetic Glyph Definition (aka GDEF) table by using this font's charmap and the Unicode property database. | ||
Description: | Array index error in the hb_ot_layout_build_glyph_classes function in pango/opentype/hb-ot-layout.cc in Pango before 1.27.1 allows context-dependent attackers to cause a denial of service (application crash) via a crafted font file, related to building a synthetic Glyph Definition (aka GDEF) table by using this font's charmap and the Unicode property database. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-0421 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2011-08-09 | Name : CentOS Update for pango CESA-2010:0140 centos5 i386 File : nvt/gb_CESA-2010_0140_pango_centos5_i386.nasl |
2011-03-07 | Name : Ubuntu Update for pango1.0 vulnerabilities USN-1082-1 File : nvt/gb_ubuntu_USN_1082_1.nasl |
2010-06-25 | Name : Mandriva Update for pango MDVSA-2010:121 (pango) File : nvt/gb_mandriva_MDVSA_2010_121.nasl |
2010-03-22 | Name : CentOS Update for evolution28-pango CESA-2010:0140 centos4 i386 File : nvt/gb_CESA-2010_0140_evolution28-pango_centos4_i386.nasl |
2010-03-22 | Name : CentOS Update for pango CESA-2010:0140 centos3 i386 File : nvt/gb_CESA-2010_0140_pango_centos3_i386.nasl |
2010-03-22 | Name : RedHat Update for pango RHSA-2010:0140-01 File : nvt/gb_RHSA-2010_0140-01_pango.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
63090 | Pango pango/opentype/hb-ot-layout.cc hb_ot_layout_build_glyph_classes Functio... |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0140.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100315_pango_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2011-03-03 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1082-1.nasl - Type : ACT_GATHER_INFO |
2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_pango-6895.nasl - Type : ACT_GATHER_INFO |
2010-06-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-121.nasl - Type : ACT_GATHER_INFO |
2010-05-19 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12614.nasl - Type : ACT_GATHER_INFO |
2010-05-11 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0140.nasl - Type : ACT_GATHER_INFO |
2010-04-15 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_pango-6894.nasl - Type : ACT_GATHER_INFO |
2010-03-22 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2019.nasl - Type : ACT_GATHER_INFO |
2010-03-17 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0140.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2019-04-30 00:21:16 |
|
2019-04-22 21:21:41 |
|
2019-02-12 12:07:15 |
|
2014-02-17 11:29:19 |
|