CVE-2011-0064
pango: missing memory reallocation failure checking in hb_buffer_ensure
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The hb_buffer_ensure function in hb-buffer.c in HarfBuzz, as used in Pango 1.28.3, Firefox, and other products, does not verify that memory reallocations succeed, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly execute arbitrary code via crafted OpenType font data that triggers use of an incorrect index.
La función hb_buffer_ensure en hb-buffer.c de HarfBuzz, como el usuado en Pango v1.28.3,Firefox otros productos, no verifica que las reasignaciones de memoria sean exitosas, lo que permite a atacantes remotos provocar una denegación de servicio (desreferenciar el puntero a NULL y bloqueo de la aplicación) o posiblemente ejecutar código arbitrario a través de datos manipulados con fuente OpenType que provoca el uso de un índice incorrecto.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2010-12-21 CVE Reserved
- 2011-03-02 CVE Published
- 2023-12-15 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (24)
| URL | Tag | Source |
|---|---|---|
| http://secunia.com/advisories/43800 | Third Party Advisory | |
| http://securitytracker.com/id?1025145 | Vdb Entry | |
| http://www.securityfocus.com/bid/46632 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2011/0584 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2011/0683 | Vdb Entry | |
| https://bugzilla.mozilla.org/show_bug.cgi?id=606997 | X_refsource_confirm | |
| https://bugzilla.novell.com/show_bug.cgi?id=672502 | X_refsource_confirm | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/65770 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://cgit.freedesktop.org/harfbuzz/commit/?id=a6a79df5fe2ed2cd307e7a991346faee164e70d9 | 2021-07-14 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=678563 | 2011-03-01 | |
| https://build.opensuse.org/request/show/63070 | 2021-07-14 |
| URL | Date | SRC |
|---|---|---|
| http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056065.html | 2021-07-14 | |
| http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html | 2021-07-14 | |
| http://secunia.com/advisories/43559 | 2021-07-14 | |
| http://secunia.com/advisories/43572 | 2021-07-14 | |
| http://secunia.com/advisories/43578 | 2021-07-14 | |
| http://www.debian.org/security/2011/dsa-2178 | 2021-07-14 | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2011:040 | 2021-07-14 | |
| http://www.redhat.com/support/errata/RHSA-2011-0309.html | 2021-07-14 | |
| http://www.ubuntu.com/usn/USN-1082-1 | 2021-07-14 | |
| http://www.vupen.com/english/advisories/2011/0543 | 2021-07-14 | |
| http://www.vupen.com/english/advisories/2011/0555 | 2021-07-14 | |
| http://www.vupen.com/english/advisories/2011/0558 | 2021-07-14 | |
| https://access.redhat.com/security/cve/CVE-2011-0064 | 2011-03-01 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Gnome Search vendor "Gnome" | Pango Search vendor "Gnome" for product "Pango" | 1.28.3 Search vendor "Gnome" for product "Pango" and version "1.28.3" | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | * | - |
Affected
| ||||||