Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

CVE-2009-1194

Disclosure Date: May 11, 2009
CVE-2009-1194
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

Integer overflow in the pango_glyph_string_set_size function in pango/glyphstring.c in Pango before 1.24 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long glyph string that triggers a heap-based buffer overflow, as demonstrated by a long document.location value in Firefox.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics
Base Score:
None
Impact Score:
Unknown
Exploitability Score:
Unknown
Vector:
Unknown
Attack Vector (AV):
Unknown
Attack Complexity (AC):
Unknown
Privileges Required (PR):
Unknown
User Interaction (UI):
Unknown
Scope (S):
Unknown
Confidentiality (C):
Unknown
Integrity (I):
Unknown
Availability (A):
Unknown

General Information

Offensive Application
Unknown
Utility Class
Unknown
Ports
Unknown
OS
Unknown
Vulnerable Versions
n/a
Prerequisites
Unknown
Discovered By
Unknown
PoC Author
Unknown
Metasploit Module
Unknown
Reporter
Unknown

Vendors

  • pango

Products

  • pango,
  • pango 1.10,
  • pango 1.12,
  • pango 1.14,
  • pango 1.16,
  • pango 1.18,
  • pango 1.2,
  • pango 1.20,
  • pango 1.4,
  • pango 1.6,
  • pango 1.8

References

Canonical
CVE-2009-1194 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1194)
BID-34870 (http://www.securityfocus.com/bid/34870)
BID-35758 (http://www.securityfocus.com/bid/35758)
Advisory
SECUNIA-35038 (http://secunia.com/advisories/35038)
DSA-1798 (http://www.debian.org/security/2009/dsa-1798)
http://github.com/bratsche/pango/commit/4de30e5500eaeb49f4bf0b7a07f718e149a2ed5e
http://www.redhat.com/support/errata/RHSA-2009-0476.html
SECUNIA-36145 (http://secunia.com/advisories/36145)
https://bugzilla.mozilla.org/show_bug.cgi?id=480134
SECUNIA-35018 (http://secunia.com/advisories/35018)
SECUNIA-35021 (http://secunia.com/advisories/35021)
SECTRACK-1022196 (http://www.securitytracker.com/id?1022196)
OSVDB-54279 (http://osvdb.org/54279)
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00005.html
[oss-security] 20090507 [oCERT-2009-001] Pango integer overflow in heap allocation size calculations (http://www.openwall.com/lists/oss-security/2009/05/07/1)
ADV-2009-1269 (http://www.vupen.com/english/advisories/2009/1269)
https://bugzilla.redhat.com/show_bug.cgi?id=496887
SECUNIA-36005 (http://secunia.com/advisories/36005)
https://launchpad.net/bugs/cve/2009-1194
SECUNIA-35685 (http://secunia.com/advisories/35685)
http://www.mozilla.org/security/announce/2009/mfsa2009-36.html
USN-773-1 (http://www.ubuntu.com/usn/USN-773-1)
http://lists.opensuse.org/opensuse-security-announce/2009-08/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10137
SECUNIA-35914 (http://secunia.com/advisories/35914)
ADV-2009-1972 (http://www.vupen.com/english/advisories/2009/1972)
SECUNIA-35027 (http://secunia.com/advisories/35027)
20090507 [oCERT-2009-001] Pango integer overflow in heap allocation size calculations (http://www.securityfocus.com/archive/1/503349/100/0/threaded)
XF-pango-pangoglyphstringsetsize-bo(50397) (https://exchange.xforce.ibmcloud.com/vulnerabilities/50397)
SUNALERT-264308 (http://sunsolve.sun.com/search/document.do?assetkey=1-66-264308-1)
Miscellaneous
http://www.ocert.org/advisories/ocert-2009-001.html
https://access.redhat.com/errata/RHSA-2009:0476
https://access.redhat.com/security/cve/CVE-2009-1194

Additional Info

Authenticated
Unknown
Exploitable
Unknown
Reliability
Unknown
Stability
Unknown
Available Mitigations
Unknown
Shelf Life
Unknown
Userbase/Installbase
Unknown
Patch Effectiveness
Unknown
Technical Analysis