CVE-2010-0421

EPSS 1.7%

pango1.0 - denial of service

發布日:2010/3/18修改日:2026/4/28

也稱為:DEBIAN-CVE-2010-0421

描述

Array index error in the hb_ot_layout_build_glyph_classes function in pango/opentype/hb-ot-layout.cc in Pango before 1.27.1 allows context-dependent attackers to cause a denial of service (application crash) via a crafted font file, related to building a synthetic Glyph Definition (aka GDEF) table by using this font's charmap and the Unicode property database.

受影響套件(2)

Debian/pango1.0from 0, < 1.26.2-1
Debian/pango1.0from 0, < 1.20.5-5+lenny1

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2010-0421