Vulnerability CVE-2010-0421: Information

Description

Array index error in the hb_ot_layout_build_glyph_classes function in pango/opentype/hb-ot-layout.cc in Pango before 1.27.1 allows context-dependent attackers to cause a denial of service (application crash) via a crafted font file, related to building a synthetic Glyph Definition (aka GDEF) table by using this font's charmap and the Unicode property database.

Severity: MEDIUM (4.3)

URL: https://nvd.nist.gov/vuln/detail/CVE-2010-0421
Published: March 18, 2010
Modified: July 14, 2021
Error type identifier: CWE-119

References to Advisories, Solutions, and Tools

Hyperlink
Resource
38760
    https://bugzilla.redhat.com/show_bug.cgi?id=555831
      1023711
        http://ftp.gnome.org/pub/GNOME/sources/pango/1.27/pango-1.27.1.tar.bz2
        • Patch
        RHSA-2010:0140
          ADV-2010-0627
            39041
              ADV-2010-0661
                DSA-2019
                  SUSE-SR:2010:009
                    SUSE-SR:2010:012
                      SUSE-SR:2010:013
                        MDVSA-2010:121
                          ADV-2010-1552
                            oval:org.mitre.oval:def:9417

                                1. Configuration 1

                                  cpe:2.3:a:gnome:pango:*:*:*:*:*:*:*:*
                                  End including
                                  1.27
                              VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
                              Version: v24.5.3
                              Back to top