CVE-2011-0064

Priority
Description
The hb_buffer_ensure function in hb-buffer.c in HarfBuzz, as used in Pango
1.28.3, Firefox, and other products, does not verify that memory
reallocations succeed, which allows remote attackers to cause a denial of
service (NULL pointer dereference and application crash) or possibly
execute arbitrary code via crafted OpenType font data that triggers use of
an incorrect index.
Notes
mdeslaurhardy's pango seems to check reallocs correctly in equivalent code
Package
Upstream:needs-triage
More Information

Updated: 2019-12-05 20:56:17 UTC (commit 0aa5e7c87c8b55d2ec5c7f4ca1179cf75de91961)