CVE-2011-0020

Related Files

Unisphere Central Redirect / Access Bypass / DoS / Updates

Posted Jan 30, 2015

Site emc.com

Unisphere Central versions prior to 4.0 suffer from a large amount of security vulnerabilities and an update has been released that includes a fix for an unvalidated redirect issue along with various embedded component vulnerabilities.

tags | advisory, vulnerability

advisories | CVE-2010-5107, CVE-2010-5298, CVE-2011-0020, CVE-2011-0064, CVE-2011-3389, CVE-2012-2137, CVE-2012-5885, CVE-2012-6085, CVE-2012-6548, CVE-2012-6549, CVE-2013-0160, CVE-2013-0216, CVE-2013-0231, CVE-2013-0268, CVE-2013-0311, CVE-2013-0349, CVE-2013-0913, CVE-2013-0914, CVE-2013-1767, CVE-2013-1772, CVE-2013-1774, CVE-2013-1792, CVE-2013-1796, CVE-2013-1797, CVE-2013-1798, CVE-2013-1848, CVE-2013-1860, CVE-2013-1899

SHA-256 | ce4edb828cb719a743e51aeccc8b869350ac720be7a173f3e3978c205c139f5f

Download | Favorite | View

Gentoo Linux Security Advisory 201405-13

Posted May 19, 2014

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201405-13 - Multiple vulnerabilities have been found in Pango, the worst of which allow execution of arbitrary code or Denial of Service. Versions less than 1.28.3-r1 are affected.

tags | advisory, denial of service, arbitrary, vulnerability

systems | linux, gentoo

advisories | CVE-2009-1194, CVE-2009-2468, CVE-2011-0020, CVE-2011-0064

SHA-256 | faf4b69f963cc7630668de445423879ab7dcf832430345ee6548d09a12472865

Download | Favorite | View

Ubuntu Security Notice USN-1082-1

Posted Mar 2, 2011

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1082-1 - Marc Schoenefeld discovered that Pango incorrectly handled certain Glyph Definition (GDEF) tables. If a user were tricked into displaying text with a specially-crafted font, an attacker could cause Pango to crash, resulting in a denial of service. This issue only affected Ubuntu 8.04 LTS and 9.10. Dan Rosenberg discovered that Pango incorrectly handled certain FT_Bitmap objects. If a user were tricked into displaying text with a specially- crafted font, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program. The default compiler options for affected releases should reduce the vulnerability to a denial of service. It was discovered that Pango incorrectly handled certain memory reallocation failures. If a user were tricked into displaying text in a way that would cause a reallocation failure, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program. This issue only affected Ubuntu 9.10, 10.04 LTS and 10.10.

tags | advisory, denial of service, arbitrary

systems | linux, ubuntu

advisories | CVE-2010-0421, CVE-2011-0020, CVE-2011-0064

SHA-256 | 55ec43235e341978a77e9e35929be0aa8b8a56a7665d47badc484fada019b94d

Download | Favorite | View

Mandriva Linux Security Advisory 2011-020

Posted Feb 4, 2011

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-020 - Heap-based buffer overflow in the pango_ft2_font_render_box_glyph function in pango/pangoft2-render.c in libpango in Pango 1.28.3 and earlier, when the FreeType2 backend is enabled, allows user-assisted remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted font file, related to the glyph box for an FT_Bitmap object.

tags | advisory, remote, denial of service, overflow, arbitrary

systems | linux, mandriva

advisories | CVE-2011-0020

SHA-256 | 547327952f428a6f8dc055831561535a3f2070163a0f177dc4fec33a8c279c56

Download | Favorite | View