CVE-2011-0064 (retired)

Priority
Description
The hb_buffer_ensure function in hb-buffer.c in HarfBuzz, as used in Pango
1.28.3, Firefox, and other products, does not verify that memory
reallocations succeed, which allows remote attackers to cause a denial of
service (NULL pointer dereference and application crash) or possibly
execute arbitrary code via crafted OpenType font data that triggers use of
an incorrect index.
Notes
 mdeslaur> hardy's pango seems to check reallocs correctly in equivalent code
Package
Upstream:needs-triage
More Information

Updated: 2019-03-26 11:54:44 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)