Description
The hb_buffer_ensure function in hb-buffer.c in HarfBuzz, as used in Pango 1.28.3, Firefox, and other products, does not verify that memory reallocations succeed, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly execute arbitrary code via crafted OpenType font data that triggers use of an incorrect index.
References (23)
Core 23
Core References
Vendor Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1082-1
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/43578
Patch x_refsource_confirm
http://cgit.freedesktop.org/harfbuzz/commit/?id=a6a79df5fe2ed2cd307e7a991346faee164e70d9
Issue Tracking x_refsource_confirm
https://bugzilla.novell.com/show_bug.cgi?id=672502
Vendor Advisory vendor-advisory
x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2011:040
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2011/0543
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2011/0555
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html
Patch x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=678563
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2011/0558
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/43800
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/65770
Patch x_refsource_confirm
https://build.opensuse.org/request/show/63070
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2011/0683
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1025145
Issue Tracking x_refsource_confirm
https://bugzilla.mozilla.org/show_bug.cgi?id=606997
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056065.html
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/43559
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/43572
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2011/0584
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/46632
Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2011-0309.html
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2011/dsa-2178
Scores
EPSS
0.0309
EPSS Percentile
87.0%
Details
Status
published
Products (2)
gnome/pango
1.28.3
mozilla/firefox
Published
Mar 07, 2011
Tracked Since
Feb 18, 2026