FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

pango -- remote DoS vulnerability

Affected packages
pango < 1.42.4

Details

VuXML ID 5a757a31-f98e-4bd4-8a85-f1c0f3409769
Discovery 2018-08-06
Entry 2018-10-01

libpango in Pango 1.40.8 through 1.42.3, as used in hexchat and other products, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted text with invalid Unicode sequences.

[source]

References

CVE Name CVE-2018-15120
URL https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15120
URL https://github.com/GNOME/pango/commit/71aaeaf020340412b8d012fe23a556c0420eda5f
URL https://mail.gnome.org/archives/distributor-list/2018-August/msg00001.html
URL https://www.exploit-db.com/exploits/45263/

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.