Unknown
CVE-2011-0020
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
Add References:
Unknown
(0 users assessed)
Unknown
(0 users assessed)Unknown
Unknown
Unknown
MITRE ATT&CK
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Topic Tags
Description
Heap-based buffer overflow in the pango_ft2_font_render_box_glyph function in pango/pangoft2-render.c in libpango in Pango 1.28.3 and earlier, when the FreeType2 backend is enabled, allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file, related to the glyph box for an FT_Bitmap object.
Add Assessment
No one has assessed this topic. Be the first to add your voice to the community.
CVSS V3 Severity and Metrics
General Information
Products
- pango,
- pango 0.20,
- pango 0.21,
- pango 0.22,
- pango 0.23,
- pango 0.24,
- pango 0.25,
- pango 0.26,
- pango 1.0,
- pango 1.1,
- pango 1.10,
- pango 1.11,
- pango 1.12,
- pango 1.13,
- pango 1.14,
- pango 1.15,
- pango 1.16,
- pango 1.17,
- pango 1.18,
- pango 1.19,
- pango 1.2,
- pango 1.20,
- pango 1.21,
- pango 1.22,
- pango 1.23,
- pango 1.24,
- pango 1.25,
- pango 1.26,
- pango 1.27,
- pango 1.28.0,
- pango 1.28.1,
- pango 1.28.2,
- pango 1.3,
- pango 1.4,
- pango 1.5,
- pango 1.6,
- pango 1.7,
- pango 1.8,
- pango 1.9
References
Advisory
Additional Info
Technical Analysis
Report as Emergent Threat Response
Report as Zero-day Exploit
Report as Exploited in the Wild
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
