CVSS: 9.8EPSS: 2%CPEs: 28EXPL: 1CVE-2019-1010238 – pango: pango_log2vis_get_embedding_levels() heap-based buffer overflow
https://notcve.org/view.php?id=CVE-2019-1010238
19 Jul 2019 — Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pango_log2vis_get_embedding_levels, assignment of nchars and the loop condition. The attack vector is: Bug can be used when application pass invalid utf-8 strings to functions like pango_itemize. Pango versión 1.42 y posterior de Gnome, está afectada por: Desbordamiento de Búfer. • https://access.redhat.com/errata/RHBA-2019:2824 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 6%CPEs: 2EXPL: 4CVE-2018-15120 – Libpango 1.40.8 - Denial of Service (PoC)
https://notcve.org/view.php?id=CVE-2018-15120
22 Aug 2018 — libpango in Pango 1.40.8 through 1.42.3, as used in hexchat and other products, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted text with invalid Unicode sequences. libpango en Pango, desde la versión 1.40.8 hasta la 1.42.3, tal y como se emplea en hexcat y otros productos, permite que atacantes remotos provoquen una denegación de servicio (cierre inesperado de la aplicación) o, posiblemente, cualquier otro tipo de problema media... • https://packetstorm.news/files/id/149093 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 4%CPEs: 16EXPL: 0CVE-2011-3193 – qt/harfbuzz buffer overflow
https://notcve.org/view.php?id=CVE-2011-3193
16 Jun 2012 — Heap-based buffer overflow in the Lookup_MarkMarkPos function in the HarfBuzz module (harfbuzz-gpos.c), as used by Qt before 4.7.4 and Pango, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted font file. Desbordamiento de buffer de memoria dinámica en la función Lookup_MarkMarkPos del módulo HarfBuzz (harfbuzz-gpos.c), tal como se usa en Qt anteriores a 4.7.4 y Pango. Permite a atacantes remotos provocar una denegación de servicio (caída) y posible... • http://cgit.freedesktop.org/harfbuzz.old/commit/?id=81c8ef785b079980ad5b46be4fe7c7bf156dbf65 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 2%CPEs: 2EXPL: 0CVE-2011-0064 – pango: missing memory reallocation failure checking in hb_buffer_ensure
https://notcve.org/view.php?id=CVE-2011-0064
07 Mar 2011 — The hb_buffer_ensure function in hb-buffer.c in HarfBuzz, as used in Pango 1.28.3, Firefox, and other products, does not verify that memory reallocations succeed, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly execute arbitrary code via crafted OpenType font data that triggers use of an incorrect index. La función hb_buffer_ensure en hb-buffer.c de HarfBuzz, como el usuado en Pango v1.28.3,Firefox otros productos, no verifica que las r... • http://cgit.freedesktop.org/harfbuzz/commit/?id=a6a79df5fe2ed2cd307e7a991346faee164e70d9 •
CVSS: 9.8EPSS: 11%CPEs: 39EXPL: 5CVE-2011-0020 – Pango Font Parsing - 'pangoft2-render.c' Heap Corruption
https://notcve.org/view.php?id=CVE-2011-0020
24 Jan 2011 — Heap-based buffer overflow in the pango_ft2_font_render_box_glyph function in pango/pangoft2-render.c in libpango in Pango 1.28.3 and earlier, when the FreeType2 backend is enabled, allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file, related to the glyph box for an FT_Bitmap object. Desbordamiento de búfer basado en memoria dinámica en la función pango_ft2_font_render_box_glyph en pango/pangoft2-render.c de libpan... • https://www.exploit-db.com/exploits/35232 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 5.5EPSS: 1%CPEs: 1EXPL: 0CVE-2010-0421 – libpangoft2 segfaults on forged font files
https://notcve.org/view.php?id=CVE-2010-0421
18 Mar 2010 — Array index error in the hb_ot_layout_build_glyph_classes function in pango/opentype/hb-ot-layout.cc in Pango before 1.27.1 allows context-dependent attackers to cause a denial of service (application crash) via a crafted font file, related to building a synthetic Glyph Definition (aka GDEF) table by using this font's charmap and the Unicode property database. Error de índice de un Array en la anteriores a v1.27.1 permite a atacantes , dependiendo del contexto, provocar una denegación de servicio (caída de ... • http://ftp.gnome.org/pub/GNOME/sources/pango/1.27/pango-1.27.1.tar.bz2 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •