Executive Summary
Summary | |
---|---|
Title | pango1.0 security update |
Informations | |||
---|---|---|---|
Name | DSA-2178 | First vendor Publication | 2011-03-02 |
Vendor | Debian | Last vendor Modification | 2011-03-02 |
Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 6.8 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
It was discovered that pango did not check for memory allocation failures, causing a NULL pointer dereference with an adjustable offset. This can lead to application crashes and potentially arbitrary code execution. The oldstable distribution (lenny) is not affected by this problem. For the stable distribution (squeeze), this problem has been fixed in version 1.28.3-1+squeeze2. For the testing distribution (wheezy) and the unstable distribution (sid), this problem will be fixed soon. We recommend that you upgrade your pango1.0 packages. |
Original Source
Url : http://www.debian.org/security/2011/dsa-2178 |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:12975 | |||
Oval ID: | oval:org.mitre.oval:def:12975 | ||
Title: | DSA-2178-1 pango1.0 -- NULL pointer dereference | ||
Description: | It was discovered that pango did not check for memory allocation failures, causing a NULL pointer dereference with an adjustable offset. This can lead to application crashes and potentially arbitrary code execution. The oldstable distribution is not affected by this problem. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2178-1 CVE-2011-0064 | Version: | 5 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | pango1.0 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:13691 | |||
Oval ID: | oval:org.mitre.oval:def:13691 | ||
Title: | USN-1082-1 -- pango1.0 vulnerabilities | ||
Description: | Marc Schoenefeld discovered that Pango incorrectly handled certain Glyph Definition tables. If a user were tricked into displaying text with a specially-crafted font, an attacker could cause Pango to crash, resulting in a denial of service. This issue only affected Ubuntu 8.04 LTS and 9.10. Dan Rosenberg discovered that Pango incorrectly handled certain FT_Bitmap objects. If a user were tricked into displaying text with a specially- crafted font, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program. The default compiler options for affected releases should reduce the vulnerability to a denial of service. It was discovered that Pango incorrectly handled certain memory reallocation failures. If a user were tricked into displaying text in a way that would cause a reallocation failure, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program. This issue only affected Ubuntu 9.10, 10.04 LTS and 10.10 | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1082-1 CVE-2010-0421 CVE-2011-0020 CVE-2011-0064 | Version: | 5 |
Platform(s): | Ubuntu 8.04 Ubuntu 10.10 Ubuntu 9.10 Ubuntu 10.04 | Product(s): | pango1.0 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21584 | |||
Oval ID: | oval:org.mitre.oval:def:21584 | ||
Title: | RHSA-2011:0309: pango security update (Critical) | ||
Description: | The hb_buffer_ensure function in hb-buffer.c in HarfBuzz, as used in Pango 1.28.3, Firefox, and other products, does not verify that memory reallocations succeed, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly execute arbitrary code via crafted OpenType font data that triggers use of an incorrect index. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2011:0309-01 CVE-2011-0064 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 6 | Product(s): | pango |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23405 | |||
Oval ID: | oval:org.mitre.oval:def:23405 | ||
Title: | ELSA-2011:0309: pango security update (Critical) | ||
Description: | The hb_buffer_ensure function in hb-buffer.c in HarfBuzz, as used in Pango 1.28.3, Firefox, and other products, does not verify that memory reallocations succeed, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly execute arbitrary code via crafted OpenType font data that triggers use of an incorrect index. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011:0309-01 CVE-2011-0064 | Version: | 6 |
Platform(s): | Oracle Linux 6 | Product(s): | pango |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27988 | |||
Oval ID: | oval:org.mitre.oval:def:27988 | ||
Title: | DEPRECATED: ELSA-2011-0309 -- pango security update (critical) | ||
Description: | [1.28.1-3.el6_0.5] - Prevent an integer overflow in hb_buffer_ensure() Related: #679693 [1.28.1-3.el6_0.4] - Check for realloc failures in hb_buffer_ensure() (CVE-2011-0064) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2011-0309 CVE-2011-0064 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | pango |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 | |
Application | 1 |
OpenVAS Exploits
Date | Description |
---|---|
2012-07-09 | Name : RedHat Update for pango RHSA-2011:0309-01 File : nvt/gb_RHSA-2011_0309-01_pango.nasl |
2011-03-24 | Name : Fedora Update for pango FEDORA-2011-3194 File : nvt/gb_fedora_2011_3194_pango_fc14.nasl |
2011-03-09 | Name : Debian Security Advisory DSA 2178-1 (pango1.0) File : nvt/deb_2178_1.nasl |
2011-03-07 | Name : Ubuntu Update for pango1.0 vulnerabilities USN-1082-1 File : nvt/gb_ubuntu_USN_1082_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
71247 | Pango pango/opentype/hb-buffer.c hb_buffer_ensure() Memory Corruption A memory corruption flaw exists in Pango. The 'hb_buffer_ensure()' function in 'pango/opentype/hb-buffer.c' fails to properly check the return value of memory reallocation operations, resulting in memory corruption. With specially crafted OpenType font data, a context-dependent attacker can execute arbitrary code. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_libpango-1_0-0-110301.nasl - Type : ACT_GATHER_INFO |
2014-05-19 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201405-13.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0309.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110301_pango_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2011-05-05 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_libpango-1_0-0-110301.nasl - Type : ACT_GATHER_INFO |
2011-03-24 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_pango-110301.nasl - Type : ACT_GATHER_INFO |
2011-03-17 | Name : The remote Fedora host is missing a security update. File : fedora_2011-3194.nasl - Type : ACT_GATHER_INFO |
2011-03-04 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-040.nasl - Type : ACT_GATHER_INFO |
2011-03-03 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2178.nasl - Type : ACT_GATHER_INFO |
2011-03-03 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1082-1.nasl - Type : ACT_GATHER_INFO |
2011-03-02 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0309.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:29:55 |
|