Gentoo Linux Security Advisory 201405-13 - Multiple vulnerabilities have been found in Pango, the worst of which allow execution of arbitrary code or Denial of Service. Versions less than 1.28.3-r1 are affected.
faf4b69f963cc7630668de445423879ab7dcf832430345ee6548d09a12472865Mandriva Linux Security Advisory 2009-158 - Integer overflow in the pango_glyph_string_set_size function in pango/glyphstring.c in Pango before 1.24 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long glyph string that triggers a heap-based buffer overflow. This update corrects the issue. Packages for 2008.0 are being provided due to extended support for Corporate products.
9de6e25dec3c77462b3e0ae0683adc8dbccca4b96ea7d7314e5f75365c601e66Mandriva Linux Security Advisory 2009-158 - Integer overflow in the pango_glyph_string_set_size function in pango/glyphstring.c in Pango before 1.24 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long glyph string that triggers a heap-based buffer overflow. This update corrects the issue. pango for CS3 broke applications like MandrivaUpdate, mcc and so on. This update corrects this problem.
376767689a770b410a1a4463080312327ed9d33c1b032b67fcb9b94eaadc2488Mandriva Linux Security Advisory 2009-158 - Integer overflow in the pango_glyph_string_set_size function in pango/glyphstring.c in Pango before 1.24 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long glyph string that triggers a heap-based buffer overflow. This update corrects the issue. pango for CS4 broke applications like MandrivaUpdate, mcc and so on. This update corrects this problem.
5bd375625642efd760e980781a7a03778322c3751d4dbc28a85f3385fd6b650eMandriva Linux Security Advisory 2009-175 - Integer overflow in the pango_glyph_string_set_size function in pango/glyphstring.c in Pango before 1.24 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long glyph string that triggers a heap-based buffer overflow. This update corrects the issue.
4e780c1e782e5ecde92c1ce83219f27bf2da9d87929572324bedf3d1cad1b37eMandriva Linux Security Advisory 2009-158 - Integer overflow in the pango_glyph_string_set_size function in pango/glyphstring.c in Pango before 1.24 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long glyph string that triggers a heap-based buffer overflow. This update corrects the issue.
926f6cbd60f94587c34f542a8aea56229882d1cf4fd0af01cb1a7e6b38591198Debian Security Advisory 1798-1 - Will Drewry discovered that pango, a system for layout and rendering of internationalized text, is prone to an integer overflow via long glyphstrings. This could cause the execution of arbitrary code when displaying crafted data through an application using the pango library.
38503a3643b40f727eff48c0569012e131142864fb0f3c0c4e0da4a44b0f50beUbuntu Security Notice USN-773-1 - Will Drewry discovered that Pango incorrectly handled rendering text with long glyphstrings. If a user were tricked into displaying specially crafted data with applications linked against Pango, such as Firefox, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program.
ae3bcada3fcd7503af5748a53372806736392b0a28c7228b3c32b379c4c12986Pango suffers from an integer overflow during heap allocation size calculations.
25824ba2d7dd0a37d1a590740cc4a39088732380d9d9c415e4dc4d4617ab7682
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed