National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

CVE-2009-1194 Detail

Description

Integer overflow in the pango_glyph_string_set_size function in pango/glyphstring.c in Pango before 1.24 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long glyph string that triggers a heap-based buffer overflow, as demonstrated by a long document.location value in Firefox.

Source:  MITRE      Last Modified:  05/11/2009

Quick Info

CVE Dictionary Entry:
CVE-2009-1194
Original release date:
05/11/2009
Last revised:
09/28/2017
Source:
US-CERT/NIST

Impact

CVSS Severity (version 2.0):
CVSS v2 Base Score:
6.8 MEDIUM
Vector:
(AV:N/AC:M/Au:N/C:P/I:P/A:P) (legend)
Impact Subscore:
6.4
Exploitability Subscore:
8.6
CVSS Version 2 Metrics:
Access Vector:
Network exploitable - Victim must voluntarily interact with attack mechanism
Access Complexity:
Medium
Authentication:
Not required to exploit
Impact Type:
Allows unauthorized disclosure of information; Allows unauthorized modification; Allows disruption of service

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Hyperlink Resource Type Source Name
http://github.com/bratsche/pango/commit/4de30e5500eaeb49f4bf0b7a07f718e149a2ed5e External Source CONFIRM http://github.com/bratsche/pango/commit/4de30e5500eaeb49f4bf0b7a07f718e149a2ed5e
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html External Source SUSE SUSE-SR:2009:012
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00005.html External Source SUSE SUSE-SA:2009:039
http://lists.opensuse.org/opensuse-security-announce/2009-08/msg00002.html External Source SUSE SUSE-SA:2009:042
http://sunsolve.sun.com/search/document.do?assetkey=1-66-264308-1 External Source SUNALERT 264308
http://www.debian.org/security/2009/dsa-1798 External Source DEBIAN DSA-1798
http://www.mozilla.org/security/announce/2009/mfsa2009-36.html External Source CONFIRM http://www.mozilla.org/security/announce/2009/mfsa2009-36.html
http://www.ocert.org/advisories/ocert-2009-001.html Patch External Source MISC http://www.ocert.org/advisories/ocert-2009-001.html
http://www.openwall.com/lists/oss-security/2009/05/07/1 External Source MLIST [oss-security] 20090507 [oCERT-2009-001] Pango integer overflow in heap allocation size calculations
http://www.redhat.com/support/errata/RHSA-2009-0476.html External Source REDHAT RHSA-2009:0476
http://www.securityfocus.com/archive/1/archive/1/503349/100/0/threaded External Source BUGTRAQ 20090507 [oCERT-2009-001] Pango integer overflow in heap allocation size calculations
http://www.securityfocus.com/bid/34870 External Source BID 34870
http://www.securityfocus.com/bid/35758 External Source BID 35758
http://www.securitytracker.com/id?1022196 External Source SECTRACK 1022196
http://www.ubuntu.com/usn/USN-773-1 External Source UBUNTU USN-773-1
http://www.vupen.com/english/advisories/2009/1269 External Source VUPEN ADV-2009-1269
http://www.vupen.com/english/advisories/2009/1972 External Source VUPEN ADV-2009-1972
https://bugzilla.mozilla.org/show_bug.cgi?id=480134 External Source CONFIRM https://bugzilla.mozilla.org/show_bug.cgi?id=480134
https://bugzilla.redhat.com/show_bug.cgi?id=496887 Exploit External Source CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=496887
https://exchange.xforce.ibmcloud.com/vulnerabilities/50397 External Source XF pango-pangoglyphstringsetsize-bo(50397)
https://launchpad.net/bugs/cve/2009-1194 External Source CONFIRM https://launchpad.net/bugs/cve/2009-1194
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10137 External Source OVAL oval:org.mitre.oval:def:10137

References to Check Content

Identifier:
oval:org.mitre.oval:def:10137
Check System:
http://oval.mitre.org/XMLSchema/oval-definitions-5
Hyperlink:
http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:10137

Technical Details

Vulnerability Type (View All)

Change History 3 change records found - show changes