CVE-2011-0064

Related Files

Unisphere Central Redirect / Access Bypass / DoS / Updates

Posted Jan 30, 2015

Site emc.com

Unisphere Central versions prior to 4.0 suffer from a large amount of security vulnerabilities and an update has been released that includes a fix for an unvalidated redirect issue along with various embedded component vulnerabilities.

tags | advisory, vulnerability

advisories | CVE-2010-5107, CVE-2010-5298, CVE-2011-0020, CVE-2011-0064, CVE-2011-3389, CVE-2012-2137, CVE-2012-5885, CVE-2012-6085, CVE-2012-6548, CVE-2012-6549, CVE-2013-0160, CVE-2013-0216, CVE-2013-0231, CVE-2013-0268, CVE-2013-0311, CVE-2013-0349, CVE-2013-0913, CVE-2013-0914, CVE-2013-1767, CVE-2013-1772, CVE-2013-1774, CVE-2013-1792, CVE-2013-1796, CVE-2013-1797, CVE-2013-1798, CVE-2013-1848, CVE-2013-1860, CVE-2013-1899

SHA-256 | ce4edb828cb719a743e51aeccc8b869350ac720be7a173f3e3978c205c139f5f

Download | Favorite | View

Gentoo Linux Security Advisory 201405-13

Posted May 19, 2014

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201405-13 - Multiple vulnerabilities have been found in Pango, the worst of which allow execution of arbitrary code or Denial of Service. Versions less than 1.28.3-r1 are affected.

tags | advisory, denial of service, arbitrary, vulnerability

systems | linux, gentoo

advisories | CVE-2009-1194, CVE-2009-2468, CVE-2011-0020, CVE-2011-0064

SHA-256 | faf4b69f963cc7630668de445423879ab7dcf832430345ee6548d09a12472865

Download | Favorite | View

Debian Security Advisory 2178-1

Posted Mar 2, 2011

Authored by Debian | Site debian.org

Debian Linux Security Advisory 2178-1 - It was discovered that pango did not check for memory allocation failures, causing a NULL pointer dereference with an adjustable offset. This can lead to application crashes and potentially arbitrary code execution.

tags | advisory, arbitrary, code execution

systems | linux, debian

advisories | CVE-2011-0064

SHA-256 | 213b3dd282ebde23412fea47ec939c0d2ab2671024435416b3f75f2ef0468a6c

Download | Favorite | View

Ubuntu Security Notice USN-1082-1

Posted Mar 2, 2011

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1082-1 - Marc Schoenefeld discovered that Pango incorrectly handled certain Glyph Definition (GDEF) tables. If a user were tricked into displaying text with a specially-crafted font, an attacker could cause Pango to crash, resulting in a denial of service. This issue only affected Ubuntu 8.04 LTS and 9.10. Dan Rosenberg discovered that Pango incorrectly handled certain FT_Bitmap objects. If a user were tricked into displaying text with a specially- crafted font, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program. The default compiler options for affected releases should reduce the vulnerability to a denial of service. It was discovered that Pango incorrectly handled certain memory reallocation failures. If a user were tricked into displaying text in a way that would cause a reallocation failure, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program. This issue only affected Ubuntu 9.10, 10.04 LTS and 10.10.

tags | advisory, denial of service, arbitrary

systems | linux, ubuntu

advisories | CVE-2010-0421, CVE-2011-0020, CVE-2011-0064

SHA-256 | 55ec43235e341978a77e9e35929be0aa8b8a56a7665d47badc484fada019b94d

Download | Favorite | View