Download
| Alert*
oval:org.secpod.oval:def:300710
Integer overflow in the pango_glyph_string_set_size function in pango/glyphstring.c in Pango before 1.24 allows context-dependent attackers to cause a denial of service or possibly execute arbitrary code via a long glyph string that triggers a heap-based buffer overflow. This update corrects the is ... oval:org.secpod.oval:def:500681 Pango is a library used for the layout and rendering of internationalized text. Will Drewry discovered an integer overflow flaw in Pango"s pango_glyph_string_set_size function. If an attacker is able to pass an arbitrarily long string to Pango, it may be possible to execute arbitrary code with the p ... oval:org.mitre.oval:def:7248 Will Drewry discovered that pango, a system for layout and rendering of internationalized text, is prone to an integer overflow via long glyphstrings. This could cause the execution of arbitrary code when displaying crafted data through an application using the pango library. oval:org.secpod.oval:def:200383 Pango is a library used for the layout and rendering of internationalized text. Will Drewry discovered an integer overflow flaw in Pango"s pango_glyph_string_set_size function. If an attacker is able to pass an arbitrarily long string to Pango, it may be possible to execute arbitrary code with the p ... oval:org.secpod.oval:def:201961 Pango is a library used for the layout and rendering of internationalized text. Will Drewry discovered an integer overflow flaw in Pango"s pango_glyph_string_set_size function. If an attacker is able to pass an arbitrarily long string to Pango, it may be possible to execute arbitrary code with the p ... oval:org.secpod.oval:def:200389 Pango is a library used for the layout and rendering of internationalized text. Will Drewry discovered an integer overflow flaw in Pango"s pango_glyph_string_set_size function. If an attacker is able to pass an arbitrarily long string to Pango, it may be possible to execute arbitrary code with the p ... oval:org.secpod.oval:def:200466 Pango is a library used for the layout and rendering of internationalized text. Will Drewry discovered an integer overflow flaw in Pango"s pango_glyph_string_set_size function. If an attacker is able to pass an arbitrarily long string to Pango, it may be possible to execute arbitrary code with the p ... oval:org.secpod.oval:def:202775 Pango is a library used for the layout and rendering of internationalized text. Will Drewry discovered an integer overflow flaw in Pango"s pango_glyph_string_set_size function. If an attacker is able to pass an arbitrarily long string to Pango, it may be possible to execute arbitrary code with the p ... oval:org.secpod.oval:def:202127 Pango is a library used for the layout and rendering of internationalized text. Will Drewry discovered an integer overflow flaw in Pango"s pango_glyph_string_set_size function. If an attacker is able to pass an arbitrarily long string to Pango, it may be possible to execute arbitrary code with the p ... oval:org.secpod.oval:def:202697 Pango is a library used for the layout and rendering of internationalized text. Will Drewry discovered an integer overflow flaw in Pango"s pango_glyph_string_set_size function. If an attacker is able to pass an arbitrarily long string to Pango, it may be possible to execute arbitrary code with the p ... oval:org.secpod.oval:def:200436 Pango is a library used for the layout and rendering of internationalized text. Will Drewry discovered an integer overflow flaw in Pango"s pango_glyph_string_set_size function. If an attacker is able to pass an arbitrarily long string to Pango, it may be possible to execute arbitrary code with the p ... oval:org.secpod.oval:def:600440 Will Drewry discovered that pango, a system for layout and rendering of internationalized text, is prone to an integer overflow via long glyphstrings. This could cause the execution of arbitrary code when displaying crafted data through an application using the pango library. For the stable distribu ... oval:org.secpod.oval:def:700316 Will Drewry discovered that Pango incorrectly handled rendering text with long glyphstrings. If a user were tricked into displaying specially crafted data with applications linked against Pango, such as Firefox, an attacker could cause a denial of service or execute arbitrary code with privileges of ... oval:org.secpod.oval:def:200603 Pango is a library used for the layout and rendering of internationalized text. Will Drewry discovered an integer overflow flaw in Pango"s pango_glyph_string_set_size function. If an attacker is able to pass an arbitrarily long string to Pango, it may be possible to execute arbitrary code with the p ... oval:org.secpod.oval:def:200307 Pango is a library used for the layout and rendering of internationalized text. Will Drewry discovered an integer overflow flaw in Pango"s pango_glyph_string_set_size function. If an attacker is able to pass an arbitrarily long string to Pango, it may be possible to execute arbitrary code with the p ... oval:org.secpod.oval:def:400096 The MozillaFirefox 3.0.12 release fixes various bugs and some critical security issues. CVE-2009-2464 / CVE-2009-2466: Mozilla developers and community members identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes sh ... |