Vulnerability fixed in Pango rendering library
According to oCERT (Open Source Computer Emergency Response Team), an integer overflow in layout and rendering library Pango may allow code injection and execution through an exploit induced, heap overflow. The cause of the problem is an error when calculating the memory to be reserved for glyphs.
According to the report, the bug can be remotely exploited using crafted HTML files to at least crash Firefox. In addition to Firefox, many other applications (especially Linux applications) utilise the Pango library (under Ubuntu 8.10 a list can be viewed using apt-cache rdepends libpango1.0-0).
Official versions of Pango prior to, but not including version 1.24, are affected. The Linux distributors have already released bug fixed packages. The oCERT report also notes that other rendering subsystems contain similar vulnerabilities and should be checked by their developers, however, it does not give any specific details.
- Pango integer overflow in heap allocation size calculations, advisory from oCERT.
- pango1.0 vulnerability, advisory from Ubuntu.