Integer overflow in the pango_glyph_string_set_size function in pango/glyphstring.c in Pango before 1.24 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long glyph string that triggers a heap-based buffer overflow, as demonstrated by a long document.location value in Firefox.
References
Configurations
Configuration 1 (hide)
|
History
13 Feb 2023, 01:17
Type | Values Removed | Values Added |
---|---|---|
Summary | Integer overflow in the pango_glyph_string_set_size function in pango/glyphstring.c in Pango before 1.24 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long glyph string that triggers a heap-based buffer overflow, as demonstrated by a long document.location value in Firefox. | |
References |
|
02 Feb 2023, 15:15
Type | Values Removed | Values Added |
---|---|---|
Summary | CVE-2009-1194 pango: pango_glyph_string_set_size integer overflow | |
References |
|
Information
Published : 2009-05-11 15:30
Updated : 2023-12-10 10:51
NVD link : CVE-2009-1194
Mitre link : CVE-2009-1194
CVE.ORG link : CVE-2009-1194
JSON object : View
Products Affected
pango
- pango
CWE
CWE-189
Numeric Errors