what you don't know can hurt you
Showing 1 - 7 of 7 RSS Feed

CVE-2019-1010238

Status Candidate

Overview

Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pango_log2vis_get_embedding_levels, assignment of nchars and the loop condition. The attack vector is: Bug can be used when application pass invalid utf-8 strings to functions like pango_itemize.

Related Files

Red Hat Security Advisory 2019-3234-01
Posted Oct 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3234-01 - Pango is a library for laying out and rendering of text, with an emphasis on internationalization. Pango forms the core of text and font handling for the GTK+ widget toolkit. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2019-1010238
MD5 | c913a3d6da61144cb9646b6a9ddb9177
Red Hat Security Advisory 2019-2594-01
Posted Sep 10, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2594-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.1.14. All container images have been rebuilt with updated versions of golang. Unbounded memory growth issues were addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-1010238, CVE-2019-10206, CVE-2019-10355, CVE-2019-10356, CVE-2019-10357, CVE-2019-14811, CVE-2019-14812, CVE-2019-14813, CVE-2019-14817, CVE-2019-9512, CVE-2019-9514
MD5 | c58273d98cd84ce0cb62cdb447375981
Gentoo Linux Security Advisory 201909-03
Posted Sep 6, 2019
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201909-3 - A buffer overflow in Pango might allow an attacker to execute arbitrary code. Versions less than 1.42.4-r2 are affected.

tags | advisory, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2019-1010238
MD5 | 3fc4435140e88dc165e8f2f1e76b9a7b
Red Hat Security Advisory 2019-2582-01
Posted Aug 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2582-01 - Pango is a library for laying out and rendering of text, with an emphasis on internationalization. Pango forms the core of text and font handling for the GTK+ widget toolkit. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2019-1010238
MD5 | e15fb77543f162bb1afbc16aab891bd1
Red Hat Security Advisory 2019-2571-01
Posted Aug 28, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2571-01 - Pango is a library for laying out and rendering of text, with an emphasis on internationalization. Pango forms the core of text and font handling for the GTK+ widget toolkit. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2019-1010238
MD5 | 5978264f8851b0c6c554eade84f81023
Debian Security Advisory 4496-1
Posted Aug 12, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4496-1 - Benno Fuenfstueck discovered that Pango, a library for layout and rendering of text with an emphasis on internationalization, is prone to a heap-based buffer overflow flaw in the pango_log2vis_get_embedding_levels function. An attacker can take advantage of this flaw for denial of service or potentially the execution of arbitrary code.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, debian
advisories | CVE-2019-1010238
MD5 | 2e627acdcf6a1822096135fb2a5e4739
Ubuntu Security Notice USN-4081-1
Posted Jul 31, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4081-1 - It was discovered that Pango incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-1010238
MD5 | 6bbc4b36b89866ac3f3a67a044799669
Page 1 of 1
Back1Next

File Archive:

June 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    10 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    0 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    0 Files
  • 7
    Jun 7th
    0 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    0 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close