Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.70296
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2011:1326
Summary:NOSUMMARY
Description:Description:
The remote host is missing updates announced in
advisory RHSA-2011:1326.

Pango is a library used for the layout and rendering of internationalized
text.

A buffer overflow flaw was found in HarfBuzz, an OpenType text shaping
engine used in Pango. If a user loaded a specially-crafted font file with
an application that uses Pango, it could cause the application to crash or,
possibly, execute arbitrary code with the privileges of the user running
the application. (CVE-2011-3193)

Users of pango are advised to upgrade to these updated packages, which
contain a backported patch to resolve this issue. After installing this
update, you must restart your system or restart the X server for the update
to take effect.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2011-1326.html

Risk factor : Medium

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2011-3193
BugTraq ID: 49723
http://www.securityfocus.com/bid/49723
http://cgit.freedesktop.org/harfbuzz/commit/src/harfbuzz-gpos.c?id=da2c52abcd75d46929b34cad55c4fb2c8892bc08
http://git.gnome.org/browse/pango/commit/pango/opentype/harfbuzz-gpos.c?id=a7a715480db66148b1f487528887508a7991dcd0
http://www.openwall.com/lists/oss-security/2011/08/22/6
http://www.openwall.com/lists/oss-security/2011/08/24/8
http://www.openwall.com/lists/oss-security/2011/08/25/1
http://www.osvdb.org/75652
RedHat Security Advisories: RHSA-2011:1323
http://rhn.redhat.com/errata/RHSA-2011-1323.html
RedHat Security Advisories: RHSA-2011:1324
http://rhn.redhat.com/errata/RHSA-2011-1324.html
RedHat Security Advisories: RHSA-2011:1325
http://rhn.redhat.com/errata/RHSA-2011-1325.html
RedHat Security Advisories: RHSA-2011:1326
http://rhn.redhat.com/errata/RHSA-2011-1326.html
RedHat Security Advisories: RHSA-2011:1327
http://rhn.redhat.com/errata/RHSA-2011-1327.html
RedHat Security Advisories: RHSA-2011:1328
http://rhn.redhat.com/errata/RHSA-2011-1328.html
http://secunia.com/advisories/41537
http://secunia.com/advisories/46117
http://secunia.com/advisories/46118
http://secunia.com/advisories/46119
http://secunia.com/advisories/46128
http://secunia.com/advisories/46371
http://secunia.com/advisories/46410
http://secunia.com/advisories/49895
SuSE Security Announcement: SUSE-SU-2011:1113 (Google Search)
https://hermes.opensuse.org/messages/12056605
SuSE Security Announcement: openSUSE-SU-2011:1119 (Google Search)
http://lists.opensuse.org/opensuse-updates/2011-10/msg00007.html
SuSE Security Announcement: openSUSE-SU-2011:1120 (Google Search)
http://lists.opensuse.org/opensuse-updates/2011-10/msg00008.html
http://www.ubuntu.com/usn/USN-1504-1
XForce ISS Database: pango-harfbuzz-bo(69991)
https://exchange.xforce.ibmcloud.com/vulnerabilities/69991
CopyrightCopyright (c) 2011 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.