exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

CVE-2019-1010238

Status Candidate

Overview

Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pango_log2vis_get_embedding_levels, assignment of nchars and the loop condition. The attack vector is: Bug can be used when application pass invalid utf-8 strings to functions like pango_itemize.

Related Files

Red Hat Security Advisory 2019-3234-01
Posted Oct 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3234-01 - Pango is a library for laying out and rendering of text, with an emphasis on internationalization. Pango forms the core of text and font handling for the GTK+ widget toolkit. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2019-1010238
SHA-256 | ac7a20f11a20a1798eee870151f6baf04fd5bbfdfb5e9e678f2d475ee11dc027
Red Hat Security Advisory 2019-2594-01
Posted Sep 10, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2594-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.1.14. All container images have been rebuilt with updated versions of golang. Unbounded memory growth issues were addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-1010238, CVE-2019-10206, CVE-2019-10355, CVE-2019-10356, CVE-2019-10357, CVE-2019-14811, CVE-2019-14812, CVE-2019-14813, CVE-2019-14817, CVE-2019-9512, CVE-2019-9514
SHA-256 | 0f78c866f2cccf1d34878651460f331f9a542ce9235dad746ddef66269c099db
Gentoo Linux Security Advisory 201909-03
Posted Sep 6, 2019
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201909-3 - A buffer overflow in Pango might allow an attacker to execute arbitrary code. Versions less than 1.42.4-r2 are affected.

tags | advisory, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2019-1010238
SHA-256 | 7c1940fc30503650593e22655f582b0c7543b6481f2817d42681f9abe568f699
Red Hat Security Advisory 2019-2582-01
Posted Aug 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2582-01 - Pango is a library for laying out and rendering of text, with an emphasis on internationalization. Pango forms the core of text and font handling for the GTK+ widget toolkit. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2019-1010238
SHA-256 | 33c998429349460bae19a84051c87330740bd0e090eb14a23238b5ffc6016149
Red Hat Security Advisory 2019-2571-01
Posted Aug 28, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2571-01 - Pango is a library for laying out and rendering of text, with an emphasis on internationalization. Pango forms the core of text and font handling for the GTK+ widget toolkit. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2019-1010238
SHA-256 | 0faa131337ca5e32a57d48ec0ac89a3416c733ab208d593f8a65826cae68d0b0
Debian Security Advisory 4496-1
Posted Aug 12, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4496-1 - Benno Fuenfstueck discovered that Pango, a library for layout and rendering of text with an emphasis on internationalization, is prone to a heap-based buffer overflow flaw in the pango_log2vis_get_embedding_levels function. An attacker can take advantage of this flaw for denial of service or potentially the execution of arbitrary code.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, debian
advisories | CVE-2019-1010238
SHA-256 | 08873062b1ae654980aee26f9f341f243ba2372412e9e64efa7a44e4eea86c3e
Ubuntu Security Notice USN-4081-1
Posted Jul 31, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4081-1 - It was discovered that Pango incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-1010238
SHA-256 | 6662946c18846080bdcfe5c514dc4625a2ec3b2e1b340561f7c4394f3ba068a1
Page 1 of 1
Back1Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    16 Files
  • 12
    Aug 12th
    5 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close