CVE-2019-1010238 – pango: pango_log2vis_get_embedding_levels() heap-based buffer overflow
https://notcve.org/view.php?id=CVE-2019-1010238
Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pango_log2vis_get_embedding_levels, assignment of nchars and the loop condition. The attack vector is: Bug can be used when application pass invalid utf-8 strings to functions like pango_itemize. Pango versión 1.42 y posterior de Gnome, está afectada por: Desbordamiento de Búfer. • https://access.redhat.com/errata/RHBA-2019:2824 https://access.redhat.com/errata/RHSA-2019:2571 https://access.redhat.com/errata/RHSA-2019:2582 https://access.redhat.com/errata/RHSA-2019:2594 https://access.redhat.com/errata/RHSA-2019:3234 https://gitlab.gnome.org/GNOME/pango/-/commits/main/pango/pango-bidi-type.c https://gitlab.gnome.org/GNOME/pango/-/issues/342 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D6HWAHXJ2ZXINYMANHPFDD • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVE-2018-15120 – Libpango 1.40.8 - Denial of Service (PoC)
https://notcve.org/view.php?id=CVE-2018-15120
libpango in Pango 1.40.8 through 1.42.3, as used in hexchat and other products, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted text with invalid Unicode sequences. libpango en Pango, desde la versión 1.40.8 hasta la 1.42.3, tal y como se emplea en hexcat y otros productos, permite que atacantes remotos provoquen una denegación de servicio (cierre inesperado de la aplicación) o, posiblemente, cualquier otro tipo de problema mediante texto manipulado con secuencias Unicode inválidas. Libpango version 1.40.8 suffers from a denial of service vulnerability. • https://www.exploit-db.com/exploits/45263 http://52.117.224.77/xfce4-pdos.webm https://github.com/GNOME/pango/blob/1.42.4/NEWS https://github.com/GNOME/pango/commit/71aaeaf020340412b8d012fe23a556c0420eda5f https://i.redd.it/v7p4n2ptu0s11.jpg https://mail.gnome.org/archives/distributor-list/2018-August/msg00001.html https://security.gentoo.org/glsa/201811-07 https://usn.ubuntu.com/3750-1 https://www.ign.com/articles/2018/10/16/ps4s-are-reportedly-being-bricked-and-sony-is • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •