GNOME Pango 1.7.0

CPE Details

GNOME Pango 1.7.0
gnome
pango
1.7.0
2021-07-14
13h33 +00:00
2021-07-14
13h39 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:gnome:pango:1.7.0:*:*:*:*:*:*:*

Informations

Vendor

gnome

Product

pango

Version

1.7.0

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2011-3193 2012-06-15 22h00 +00:00 Heap-based buffer overflow in the Lookup_MarkMarkPos function in the HarfBuzz module (harfbuzz-gpos.c), as used by Qt before 4.7.4 and Pango, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted font file.
9.3
CVE-2011-0020 2011-01-24 16h00 +00:00 Heap-based buffer overflow in the pango_ft2_font_render_box_glyph function in pango/pangoft2-render.c in libpango in Pango 1.28.3 and earlier, when the FreeType2 backend is enabled, allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file, related to the glyph box for an FT_Bitmap object.
7.6
CVE-2010-0421 2010-03-18 16h12 +00:00 Array index error in the hb_ot_layout_build_glyph_classes function in pango/opentype/hb-ot-layout.cc in Pango before 1.27.1 allows context-dependent attackers to cause a denial of service (application crash) via a crafted font file, related to building a synthetic Glyph Definition (aka GDEF) table by using this font's charmap and the Unicode property database.
4.3