CVE-2010-0421

Currently unrated

Key Information:

Vendor: Gnome
Status: Pango
Vendor: CVE Published:; 18 March 2010

Summary

Array index error in the hb_ot_layout_build_glyph_classes function in pango/opentype/hb-ot-layout.cc in Pango before 1.27.1 allows context-dependent attackers to cause a denial of service (application crash) via a crafted font file, related to building a synthetic Glyph Definition (aka GDEF) table by using this font's charmap and the Unicode property database.

References

http://www.mandriva.com/security/advisories?name=MDVSA-20...

vendor-advisoryx_refsource_MANDRIVA

http://www.vupen.com/english/advisories/2010/1552

vdb-entryx_refsource_VUPEN

https://bugzilla.redhat.com/show_bug.cgi?id=555831

x_refsource_CONFIRM

Timeline

Vulnerability published
Mar 18, 2010
Vulnerability Reserved
Jan 27, 2010