CVE - CVE-2009-1194

CVE-ID
CVE-2009-1194	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Integer overflow in the pango_glyph_string_set_size function in pango/glyphstring.c in Pango before 1.24 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long glyph string that triggers a heap-based buffer overflow, as demonstrated by a long document.location value in Firefox.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:1022196 URL:http://www.securitytracker.com/id?1022196 MISC:20090507 [oCERT-2009-001] Pango integer overflow in heap allocation size calculations URL:http://www.securityfocus.com/archive/1/503349/100/0/threaded MISC:264308 URL:~~http://sunsolve.sun.com/search/document.do?assetkey=1-66-264308-1~~ (Obsolete source) MISC:34870 URL:http://www.securityfocus.com/bid/34870 MISC:35018 URL:http://secunia.com/advisories/35018 MISC:35021 URL:http://secunia.com/advisories/35021 MISC:35027 URL:http://secunia.com/advisories/35027 MISC:35038 URL:http://secunia.com/advisories/35038 MISC:35685 URL:http://secunia.com/advisories/35685 MISC:35758 URL:http://www.securityfocus.com/bid/35758 MISC:35914 URL:http://secunia.com/advisories/35914 MISC:36005 URL:http://secunia.com/advisories/36005 MISC:36145 URL:http://secunia.com/advisories/36145 MISC:54279 URL:~~http://osvdb.org/54279~~ (Obsolete source) MISC:ADV-2009-1269 URL:~~http://www.vupen.com/english/advisories/2009/1269~~ (Obsolete source) MISC:ADV-2009-1972 URL:~~http://www.vupen.com/english/advisories/2009/1972~~ (Obsolete source) MISC:DSA-1798 URL:http://www.debian.org/security/2009/dsa-1798 MISC:RHSA-2009:0476 URL:http://www.redhat.com/support/errata/RHSA-2009-0476.html MISC:SUSE-SA:2009:039 URL:http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00005.html MISC:SUSE-SA:2009:042 URL:http://lists.opensuse.org/opensuse-security-announce/2009-08/msg00002.html MISC:SUSE-SR:2009:012 URL:http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html MISC:USN-773-1 URL:http://www.ubuntu.com/usn/USN-773-1 MISC:[oss-security] 20090507 [oCERT-2009-001] Pango integer overflow in heap allocation size calculations URL:http://www.openwall.com/lists/oss-security/2009/05/07/1 MISC:http://github.com/bratsche/pango/commit/4de30e5500eaeb49f4bf0b7a07f718e149a2ed5e URL:http://github.com/bratsche/pango/commit/4de30e5500eaeb49f4bf0b7a07f718e149a2ed5e MISC:http://www.mozilla.org/security/announce/2009/mfsa2009-36.html URL:http://www.mozilla.org/security/announce/2009/mfsa2009-36.html MISC:http://www.ocert.org/advisories/ocert-2009-001.html URL:http://www.ocert.org/advisories/ocert-2009-001.html MISC:https://bugzilla.mozilla.org/show_bug.cgi?id=480134 URL:https://bugzilla.mozilla.org/show_bug.cgi?id=480134 MISC:https://bugzilla.redhat.com/show_bug.cgi?id=496887 URL:https://bugzilla.redhat.com/show_bug.cgi?id=496887 MISC:https://launchpad.net/bugs/cve/2009-1194 URL:https://launchpad.net/bugs/cve/2009-1194 MISC:oval:org.mitre.oval:def:10137 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10137 MISC:pango-pangoglyphstringsetsize-bo(50397) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/50397
Assigning CNA
Red Hat, Inc.
Date Record Created
20090331	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20090331)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)