CVE-2010-0421

libpangoft2 segfaults on forged font files

Severity Score

4.3

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Array index error in the hb_ot_layout_build_glyph_classes function in pango/opentype/hb-ot-layout.cc in Pango before 1.27.1 allows context-dependent attackers to cause a denial of service (application crash) via a crafted font file, related to building a synthetic Glyph Definition (aka GDEF) table by using this font's charmap and the Unicode property database.

Error de índice de un Array en la anteriores a v1.27.1 permite a atacantes , dependiendo del contexto, provocar una denegación de servicio (caída de la aplicación) a través de un fichero de fuentes modificado, relativo a la construcción de de una tabla sintética Glyph Definition (también conocida como GDEF) mediante el uso del mapa de caracteres de esta fuente y las propiedades de la abse de datos UNICODE.

*Credits: N/A

CVSS Scores

NISTv2 4.3

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2010-01-27 CVE Reserved
2010-03-18 CVE Published
2023-03-08 EPSS Updated
2024-08-07 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer

CAPEC

References (16)

URL	Tag	Source
http://secunia.com/advisories/39041	Third Party Advisory
http://securitytracker.com/id?1023711	Vdb Entry
http://www.securityfocus.com/bid/38760	Vdb Entry
http://www.vupen.com/english/advisories/2010/0627	Vdb Entry
http://www.vupen.com/english/advisories/2010/0661	Vdb Entry
http://www.vupen.com/english/advisories/2010/1552	Vdb Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9417	Signature

URL	Date	SRC

URL	Date	SRC
http://ftp.gnome.org/pub/GNOME/sources/pango/1.27/pango-1.27.1.tar.bz2	2021-07-14

URL	Date	SRC
http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00002.html	2021-07-14
http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html	2021-07-14
http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html	2021-07-14
http://www.debian.org/security/2010/dsa-2019	2021-07-14
http://www.mandriva.com/security/advisories?name=MDVSA-2010:121	2021-07-14
http://www.redhat.com/support/errata/RHSA-2010-0140.html	2021-07-14
https://bugzilla.redhat.com/show_bug.cgi?id=555831	2010-03-15
https://access.redhat.com/security/cve/CVE-2010-0421	2010-03-15

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Gnome Search vendor "Gnome"		Pango Search vendor "Gnome" for product "Pango"				<= 1.27 Search vendor "Gnome" for product "Pango" and version " <= 1.27"		-		Affected