OpenType Sanitizer Off By One Remote Code Execution Vulnerability

Bugtraq ID: 53222
Class: Boundary Condition Error
CVE: CVE-2011-3062
Remote: Yes
Local: No
Published: Mar 28 2012 12:00AM
Updated: Apr 13 2015 10:25PM
Credit: Mateusz Jurczyk of the Google Security Team
Vulnerable: Ubuntu Ubuntu Linux 12.04 LTS i386
Ubuntu Ubuntu Linux 12.04 LTS amd64
Ubuntu Ubuntu Linux 11.10 i386
Ubuntu Ubuntu Linux 11.10 amd64
Ubuntu Ubuntu Linux 11.04 powerpc
Ubuntu Ubuntu Linux 11.04 i386
Ubuntu Ubuntu Linux 11.04 ARM
Ubuntu Ubuntu Linux 11.04 amd64
Ubuntu Ubuntu Linux 10.04 sparc
Ubuntu Ubuntu Linux 10.04 powerpc
Ubuntu Ubuntu Linux 10.04 i386
Ubuntu Ubuntu Linux 10.04 ARM
Ubuntu Ubuntu Linux 10.04 amd64
SuSE SUSE Linux Enterprise Server for VMware 11 SP1
+ Linux kernel 2.6.5
SuSE SUSE Linux Enterprise Server 11 SP2
+ Linux kernel 2.6.5
SuSE SUSE Linux Enterprise Server 11 SP1
SuSE SUSE Linux Enterprise Server 10 SP4
SuSE SUSE Linux Enterprise SDK 11 SP2
SuSE SUSE Linux Enterprise SDK 11 SP1
SuSE SUSE Linux Enterprise SDK 10 SP4
SuSE Suse Linux Enterprise Desktop 11 SP2
SuSE Suse Linux Enterprise Desktop 11 SP1
+ Linux kernel 2.6.5
SuSE Suse Linux Enterprise Desktop 10 SP4
+ Linux kernel 2.6.5
Sun Solaris 11
Sun Solaris 10
S.u.S.E. openSUSE 11.4
Redhat Enterprise Linux Workstation Optional 6
Redhat Enterprise Linux Workstation 6
Redhat Enterprise Linux Server Optional 6
Redhat Enterprise Linux Server 6
Redhat Enterprise Linux Optional Productivity Application 5 server
Redhat Enterprise Linux HPC Node Optional 6
Redhat Enterprise Linux Desktop Workstation 5 client
Redhat Enterprise Linux Desktop Optional 6
Redhat Enterprise Linux Desktop 6
Redhat Enterprise Linux Desktop 5 client
Redhat Enterprise Linux 5 Server
Oracle Enterprise Linux 6.2
Oracle Enterprise Linux 6
Oracle Enterprise Linux 5
Mozilla Thunderbird ESR 10.0.3
Mozilla Thunderbird ESR 10.0.2
Mozilla Thunderbird 9.0
Mozilla Thunderbird 8.0
Mozilla Thunderbird 7.0.1
Mozilla Thunderbird 7.0
Mozilla Thunderbird 6.0.2
Mozilla Thunderbird 6.0.1
Mozilla Thunderbird 6.0
Mozilla Thunderbird 6
Mozilla Thunderbird 6
Mozilla Thunderbird 5.0
Mozilla Thunderbird 5
Mozilla Thunderbird 11.0
Mozilla Thunderbird 10.0.2
Mozilla Thunderbird 10.0.1
Mozilla Thunderbird 10.0
Mozilla Thunderbird 10.0
Mozilla SeaMonkey 2.0.11
Mozilla SeaMonkey 2.0.9
Mozilla SeaMonkey 2.0.8
Mozilla SeaMonkey 2.0.5
Mozilla SeaMonkey 2.0.4
Mozilla SeaMonkey 2.0.3
Mozilla SeaMonkey 2.0.2
Mozilla SeaMonkey 2.0.1
Mozilla SeaMonkey 2.8
Mozilla SeaMonkey 2.7.2
Mozilla SeaMonkey 2.7.1
Mozilla SeaMonkey 2.7
Mozilla SeaMonkey 2.6
Mozilla SeaMonkey 2.5
Mozilla SeaMonkey 2.4
Mozilla SeaMonkey 2.3
Mozilla SeaMonkey 2.2
Mozilla SeaMonkey 2.1b2
Mozilla SeaMonkey 2.1 Alpha3
Mozilla SeaMonkey 2.1 Alpha2
Mozilla SeaMonkey 2.1 Alpha1
Mozilla SeaMonkey 2.1
Mozilla SeaMonkey 2.0.9
Mozilla SeaMonkey 2.0.7
Mozilla SeaMonkey 2.0.6
Mozilla SeaMonkey 2.0.5
Mozilla SeaMonkey 2.0.4
Mozilla SeaMonkey 2.0.14
Mozilla SeaMonkey 2.0.13
Mozilla SeaMonkey 2.0.12
Mozilla SeaMonkey 2.0.10
Mozilla SeaMonkey 2.0 Rc2
Mozilla SeaMonkey 2.0 Rc1
Mozilla SeaMonkey 2.0 Beta 2
Mozilla SeaMonkey 2.0 Beta 1
Mozilla SeaMonkey 2.0 Alpha 3
Mozilla SeaMonkey 2.0 Alpha 2
Mozilla SeaMonkey 2.0 Alpha 1
Mozilla SeaMonkey 2.0
Mozilla Firefox ESR 10.0.3
Mozilla Firefox ESR 10.0.2
Mozilla Firefox 9.0.1
Mozilla Firefox 9.0
Mozilla Firefox 8.0.1
Mozilla Firefox 8.0
Mozilla Firefox 7.0.1
Mozilla Firefox 7.0
Mozilla Firefox 7
Mozilla Firefox 6.0.2
Mozilla Firefox 6.0.1
Mozilla Firefox 6.0
Mozilla Firefox 6
Mozilla Firefox 5.0.1
Mozilla Firefox 5.0
Mozilla Firefox 11.0
Mozilla Firefox 10.0.2
Mozilla Firefox 10.0.1
Mozilla Firefox 10.0
Mozilla Firefox 10
Moonchild Productions Pale Moon 9.2
Moonchild Productions Pale Moon 9.1
Moonchild Productions Pale Moon 9.0.1
Moonchild Productions Pale Moon 11.0
Mandriva Linux Mandrake 2011 x86_64
Mandriva Linux Mandrake 2011
Mandriva Linux Mandrake 2010.1 x86_64
Mandriva Linux Mandrake 2010.1
MandrakeSoft Enterprise Server 5 x86_64
MandrakeSoft Enterprise Server 5
Google Chrome 17.0.963 79
Google Chrome 17.0.963 65
Google Chrome 16.0.912 75
Google Chrome 15.0.874 102
Google Chrome 17.0.963.83
Google Chrome 17.0.963.78
Google Chrome 17.0.963.60
Google Chrome 17.0.963.56
Google Chrome 17.0.963.46
Google Chrome 16.0.912.77
Google Chrome 16.0.912.75
Google Chrome 16.0.912.63
Google Chrome 16
Google Chrome 15.0.874.121
Google Chrome 15.0.874.120
Google Chrome 14.0.835.202
Google Chrome 14.0.835.186
Google Chrome 14.0.835.163
Google Chrome 14
Google Chrome 13.0.782.215
Google Chrome 13.0.782.112
Google Chrome 13.0.782.107
Google Chrome 13
Google Chrome 12.0.742.91
Google Chrome 12.0.742.112
Google Chrome 12.0.742.100
Google Chrome 12
Google Chrome 11.0.696.77
Google Chrome 11.0.696.71
Google Chrome 11.0.696.68
Google Chrome 11.0.696.65
Google Chrome 11.0.696.57
Google Chrome 11.0.696.43
Google Chrome 11.0.672.2
Google Chrome 11
Google Chrome 10.0.648.205
Google Chrome 10.0.648.205
Google Chrome 10.0.648.204
Google Chrome 10.0.648.133
Google Chrome 10.0.648.128
Google Chrome 10.0.648.127
Google Chrome 10.0.648.127
Google Chrome 10
Gentoo Linux
Not Vulnerable: Mozilla Thunderbird ESR 10.0.4
Mozilla Thunderbird 12.0
Mozilla SeaMonkey 2.9
Mozilla Firefox ESR 10.0.4
Mozilla Firefox 12.0
Moonchild Productions Pale Moon 12.0
Google Chrome 18.0.1025.142


 

Privacy Statement
Copyright 2010, SecurityFocus