1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
|
Candidate: CVE-2010-3444
PublicDate: 2011-01-10
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3444
Description:
Buffer overflow in the log2vis_utf8 function in pyfribidi.c in GNU FriBidi
0.19.1, 0.19.2, and possibly other versions, as used in PyFriBidi 0.10.1,
allows remote attackers to cause a denial of service (crash) and possibly
execute arbitrary code via a crafted Arabic UTF-8 string that causes
original 2-byte UTF-8 sequences to be transformed into 3-byte sequences.
Ubuntu-Description:
Notes:
Bugs:
Priority: low
Discovered-by:
Assigned-to:
Patches_pyfribidi:
upstream_pyfribidi: released (0.6.0-4.1, 0.10.0-2)
dapper_pyfribidi: ignored (reached end of life)
hardy_pyfribidi: ignored (reached end-of-life)
karmic_pyfribidi: not-affected (0.6.0-4.1build1)
lucid_pyfribidi: not-affected (0.10.0-2)
maverick_pyfribidi: not-affected
natty_pyfribidi: not-affected
oneiric_pyfribidi: not-affected
devel_pyfribidi: not-affected
|