Pango HarfBuzz Engine Buffer Overflow Vulnerability

Bugtraq ID: 49723
Class: Boundary Condition Error
CVE: CVE-2011-3193
Remote: Yes
Local: No
Published: Sep 21 2011 12:00AM
Updated: Nov 25 2013 12:04AM
Credit: Josh Bressers
Vulnerable: Ubuntu Ubuntu Linux 11.04 powerpc
Ubuntu Ubuntu Linux 11.04 i386
Ubuntu Ubuntu Linux 11.04 ARM
Ubuntu Ubuntu Linux 11.04 amd64
Ubuntu Ubuntu Linux 10.04 sparc
Ubuntu Ubuntu Linux 10.04 powerpc
Ubuntu Ubuntu Linux 10.04 i386
Ubuntu Ubuntu Linux 10.04 ARM
Ubuntu Ubuntu Linux 10.04 amd64
RedHat Enterprise Linux WS 4
RedHat Enterprise Linux ES 4
RedHat Enterprise Linux Desktop Workstation 5 client
RedHat Enterprise Linux Desktop version 4
Red Hat Enterprise Linux Workstation Optional 6
Red Hat Enterprise Linux Workstation 6
Red Hat Enterprise Linux Server Optional 6
Red Hat Enterprise Linux Server 6
Red Hat Enterprise Linux HPC Node Optional 6
Red Hat Enterprise Linux HPC Node 6
Red Hat Enterprise Linux Desktop Optional 6
Red Hat Enterprise Linux Desktop 6
Red Hat Enterprise Linux Desktop 5 client
Red Hat Enterprise Linux AS 4
Red Hat Enterprise Linux 5 Server
Pango Pango 1.2.5
Pango Pango 1.2.4
Pango Pango 1.2.3
Pango Pango 1.28.3
Gentoo Linux
Avaya Proactive Contact 5.0
Avaya Message Networking 3.1
Avaya IQ 5.2
Avaya IQ 5.1.1
Avaya IQ 5.1
Avaya IQ 5
Avaya Communication Server 1000M Signaling Server 7.5
Avaya Communication Server 1000M Signaling Server 7.0
Avaya Communication Server 1000M Signaling Server 6.0
Avaya Communication Server 1000M 7.5
Avaya Communication Server 1000M 7.0
Avaya Communication Server 1000M 6.0
Avaya Communication Server 1000E Signaling Server 7.5
Avaya Communication Server 1000E Signaling Server 7.0
Avaya Communication Server 1000E Signaling Server 6.0
Avaya Communication Server 1000E 7.5
Avaya Communication Server 1000E 7.0
Avaya Communication Server 1000E 6.0
Avaya Aura System Platform 6.0.2
Avaya Aura System Platform 6.0.1
Avaya Aura System Platform 6.0 SP3
Avaya Aura System Platform 6.0 SP2
Avaya Aura System Platform 6.0
Avaya Aura System Platform 1.1
Avaya Aura System Manager 6.2
Avaya Aura System Manager 6.1.3
Avaya Aura System Manager 6.1.2
Avaya Aura System Manager 6.1.1
Avaya Aura System Manager 6.1 SP2
Avaya Aura System Manager 6.1 Sp1
Avaya Aura System Manager 6.1
Avaya Aura System Manager 6.0 SP1
Avaya Aura System Manager 6.0
Avaya Aura System Manager 5.2
Avaya Aura Session Manager 6.1.3
Avaya Aura Session Manager 6.1.2
Avaya Aura Session Manager 6.1.1
Avaya Aura Session Manager 6.1 SP2
Avaya Aura Session Manager 6.1 Sp1
Avaya Aura Session Manager 6.1
Avaya Aura Session Manager 6.0 SP1
Avaya Aura Session Manager 6.0
Avaya Aura Session Manager 5.2 SP2
Avaya Aura Session Manager 5.2 SP1
Avaya Aura Session Manager 5.2
Avaya Aura Session Manager 1.1
Avaya Aura Session Manager 1.0
Avaya Aura Presence Services 6.1.1
Avaya Aura Presence Services 6.1
Avaya Aura Presence Services 6.0
Avaya Aura Communication Manager Utility Services 6.1
+ Avaya Communication Manager Server DEFINITY Server SI/CS
+ Avaya Communication Manager Server S8100
+ Avaya Communication Manager Server S8300
+ Avaya Communication Manager Server S8500
+ Avaya Communication Manager Server S8700
Avaya Aura Communication Manager Utility Services 6.0
+ Avaya Communication Manager Server DEFINITY Server SI/CS
+ Avaya Communication Manager Server S8100
+ Avaya Communication Manager Server S8300
+ Avaya Communication Manager Server S8500
+ Avaya Communication Manager Server S8700
Not Vulnerable: Avaya Message Networking 5.2
Avaya Aura Communication Manager Utility Services 6.2
+ Avaya Communication Manager Server DEFINITY Server SI/CS
+ Avaya Communication Manager Server S8100
+ Avaya Communication Manager Server S8300
+ Avaya Communication Manager Server S8500
+ Avaya Communication Manager Server S8700


 

Privacy Statement
Copyright 2010, SecurityFocus