RSS   Podatności dla 'Fribidi'   RSS

2019-11-13
 
CVE-2019-18397

CWE-120
 

 
A buffer overflow in the fribidi_get_par_embedding_levels_ex() function in lib/fribidi-bidi.c of GNU FriBidi through 1.0.7 allows an attacker to cause a denial of service or possibly execute arbitrary code by delivering crafted text content to a user, when this content is then rendered by an application that uses FriBidi for text layout calculations. Examples include any GNOME or GTK+ based application that uses Pango for text layout, as this internally uses FriBidi for bidirectional text layout. For example, the attacker can construct a crafted text file to be opened in GEdit, or a crafted IRC message to be viewed in HexChat.

 

 >>> Vendor: GNU 108 Produkty
INET
LIBC
Fingerd
Radius
WGET
BASH
Finger service
Gnumeric
GCC
MAKE
Emacs
Glibc
CVS
Mailman
Userv
Groff
Cfengine
Global
Privacy guard
ED
G++
Findutils
GZIP
TAR
Xemacs
Enscript
ZLIB
Sharutils
Chess
Fileutils
Flash player
GV
Screen
Data display debugger
Zebra
LSH
Libtool
Anubis
Libtasn1
FLIM
Aspell
Queue
Ksymoops
Gnats
Gettext
Mailutils
A2PS
Realtime linux security module
LESS
Gnubiff
Gnutls
Punbb
GIMP
Coreutils
CPIO
GDB
Phpbook
Texinfo
Gnump3d
Libextractor
Binutils
Libtool-ltdl
Gpgme
Gnumail
Iceweasel
Tramp
Libcdio
M4
SCCS
Grub legacy
ADNS
Ibackup
Escript
Classpath
Gnu screen
Automake
Grub 2
NANO
Gnash
Gnu patch
Eglibc
Libiberty
GREP
Libmicrohttpd
RUSH
GRUB
Readline
Patch
Parallel
Libidn
Grub2
Guile
OSIP
Gnutls libtasn1
Libssp
Ncurses
PSPP
Guixsd
Recutils
Libredwg
Zobacz wszystkie produkty dla producenta GNU


Copyright 2024, cxsecurity.com

 

Back to Top