CVE-2018-15120

Published: Aug 24, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

libpango in Pango 1.40.8 through 1.42.3, as used in hexchat and other products, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted text with invalid Unicode sequences.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

45263

exploit

x_refsource_EXPLOIT-DB

https://github.com/GNOME/pango/blob/1.42.4/NEWS

x_refsource_CONFIRM

USN-3750-1

vendor-advisory

x_refsource_UBUNTU

https://github.com/GNOME/pango/commit/71aaeaf020340412b8d012fe23a556c0420eda5f

x_refsource_CONFIRM

GLSA-201811-07

vendor-advisory

x_refsource_GENTOO

[distributor-list] 20180820 A critical pango fix

mailing-list

x_refsource_MLIST

http://52.117.224.77/xfce4-pdos.webm

x_refsource_MISC

https://www.ign.com/articles/2018/10/16/ps4s-are-reportedly-being-bricked-and-sony-is-working-on-a-fix

x_refsource_MISC

https://www.reddit.com/r/PS4/comments/9o5efg/message_bricking_console_megathread/

x_refsource_MISC

https://www.exploit-db.com/exploits/45263

x_refsource_MISC

https://i.redd.it/v7p4n2ptu0s11.jpg

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2018-15120

Description

Affected Products

References