mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-09 19:17:37 +02:00
0xMarcio
904 B
904 B
CVE-2011-0064
Description
The hb_buffer_ensure function in hb-buffer.c in HarfBuzz, as used in Pango 1.28.3, Firefox, and other products, does not verify that memory reallocations succeed, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly execute arbitrary code via crafted OpenType font data that triggers use of an incorrect index.
POC
Reference
- https://bugzilla.mozilla.org/show_bug.cgi?id=606997
- https://bugzilla.mozilla.org/show_bug.cgi?id=606997
Github
No PoCs found on GitHub currently.