CVE-2011-3193 (retired)

Priority
Description
Heap-based buffer overflow in the Lookup_MarkMarkPos function in the
HarfBuzz module (harfbuzz-gpos.c), as used by Qt before 4.7.4 and Pango,
allows remote attackers to cause a denial of service (crash) and possibly
execute arbitrary code via a crafted font file.
Notes
 jdstrand> Ubuntu 11.10 and higher are not affected
Assigned-to
jdstrand
Package
Upstream:released (4.7.4)
Ubuntu 12.04 ESM (Precise Pangolin):not-affected
Patches:
Other:http://qt.gitorious.org/qt/qt/commit/9ae6f2f9a57f0c3096d5785913e437953fa6775c
More Information

Updated: 2019-03-26 11:58:12 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)