Launchpad.net

CVE 2010-0421

Array index error in the hb_ot_layout_build_glyph_classes function in pango/opentype/hb-ot-layout.cc in Pango before 1.27.1 allows context-dependent attackers to cause a denial of service (application crash) via a crafted font file, related to building a synthetic Glyph Definition (aka GDEF) table by using this font's charmap and the Unicode property database.

Related bugs and status

CVE-2010-0421 (Candidate) is related to these bugs:

Bug #700198: CVE-2009-0793

		In	Importance	Status
700198	CVE-2009-0793	lcms (Ubuntu)	Undecided	Fix Released
700198	CVE-2009-0793	openjdk-6 (Ubuntu)	Low	Fix Released
700198	CVE-2009-0793	openjdk-6b18 (Ubuntu)	Low	Fix Released
700198	CVE-2009-0793	gimp (Ubuntu)	Undecided	Invalid
700198	CVE-2009-0793	ia32-libs (Ubuntu)	Low	Fix Released
700198	CVE-2009-0793	gimp (Ubuntu Hardy)	Undecided	Invalid
700198	CVE-2009-0793	ia32-libs (Ubuntu Hardy)	Low	Fix Released
700198	CVE-2009-0793	lcms (Ubuntu Hardy)	Low	Fix Released
700198	CVE-2009-0793	openjdk-6 (Ubuntu Hardy)	Low	Fix Released
700198	CVE-2009-0793	openjdk-6b18 (Ubuntu Hardy)	Undecided	Invalid
700198	CVE-2009-0793	gimp (Ubuntu Karmic)	Undecided	Invalid
700198	CVE-2009-0793	ia32-libs (Ubuntu Karmic)	Low	Fix Released
700198	CVE-2009-0793	lcms (Ubuntu Karmic)	Low	Fix Released
700198	CVE-2009-0793	openjdk-6 (Ubuntu Karmic)	Undecided	Fix Released
700198	CVE-2009-0793	openjdk-6b18 (Ubuntu Karmic)	Undecided	Invalid
700198	CVE-2009-0793	gimp (Ubuntu Lucid)	Undecided	Invalid
700198	CVE-2009-0793	ia32-libs (Ubuntu Lucid)	Low	Fix Released
700198	CVE-2009-0793	lcms (Ubuntu Lucid)	Low	Fix Released
700198	CVE-2009-0793	openjdk-6 (Ubuntu Lucid)	Undecided	Fix Released
700198	CVE-2009-0793	openjdk-6b18 (Ubuntu Lucid)	Low	Fix Released
700198	CVE-2009-0793	gimp (Ubuntu Maverick)	Undecided	Invalid
700198	CVE-2009-0793	ia32-libs (Ubuntu Maverick)	Low	Fix Released
700198	CVE-2009-0793	lcms (Ubuntu Maverick)	Low	Fix Released
700198	CVE-2009-0793	openjdk-6 (Ubuntu Maverick)	Low	Fix Released
700198	CVE-2009-0793	openjdk-6b18 (Ubuntu Maverick)	Low	Fix Released
700198	CVE-2009-0793	gimp (Ubuntu Natty)	Undecided	Invalid
700198	CVE-2009-0793	ia32-libs (Ubuntu Natty)	Low	Fix Released
700198	CVE-2009-0793	lcms (Ubuntu Natty)	Undecided	Fix Released
700198	CVE-2009-0793	openjdk-6 (Ubuntu Natty)	Low	Fix Released
700198	CVE-2009-0793	openjdk-6b18 (Ubuntu Natty)	Low	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2010-0421

Related bugs and status

Related bugs

References