CVE-2011-0020 in GNOME and Pango Products
Published on January 24, 2011

Heap-based buffer overflow in the pango_ft2_font_render_box_glyph function in pango/pangoft2-render.c in libpango in Pango 1.28.3 and earlier, when the FreeType2 backend is enabled, allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file, related to the glyph box for an FT_Bitmap object.

Vendor Advisory Vendor Advisory NVD

Products Associated with CVE-2011-0020

stack.watch emails you whenever new vulnerabilities are published in GNOME Pango or Pango. Just hit a watch button to start following.

GNOME Pango

Pango

Exploit Probability

EPSS

5.69%

Percentile

90.32%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2011-0020 in GNOME and Pango ProductsPublished on January 24, 2011

Products Associated with CVE-2011-0020

Exploit Probability

CVE-2011-0020 in GNOME and Pango Products
Published on January 24, 2011