fkie_cve-2019-18397
Vulnerability from fkie_nvd
Published
2019-11-13 14:15
Modified
2024-11-21 04:33
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
A buffer overflow in the fribidi_get_par_embedding_levels_ex() function in lib/fribidi-bidi.c of GNU FriBidi through 1.0.7 allows an attacker to cause a denial of service or possibly execute arbitrary code by delivering crafted text content to a user, when this content is then rendered by an application that uses FriBidi for text layout calculations. Examples include any GNOME or GTK+ based application that uses Pango for text layout, as this internally uses FriBidi for bidirectional text layout. For example, the attacker can construct a crafted text file to be opened in GEdit, or a crafted IRC message to be viewed in HexChat.
References
cve@mitre.orghttps://access.redhat.com/errata/RHSA-2019:4326
cve@mitre.orghttps://access.redhat.com/errata/RHSA-2019:4361
cve@mitre.orghttps://access.redhat.com/errata/RHSA-2020:0291
cve@mitre.orghttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=944327Issue Tracking, Third Party Advisory
cve@mitre.orghttps://github.com/fribidi/fribidi/commit/034c6e9a1d296286305f4cfd1e0072b879f52568Patch
cve@mitre.orghttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TFS3N6KKXPI6ATDNEUFRSLX7R6BOBNIP/
cve@mitre.orghttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5UJRTG32FDNI7T637Q6PZYL3UCRR5HR/
cve@mitre.orghttps://marc.info/?l=oss-security&m=157322128105807&w=2Third Party Advisory
cve@mitre.orghttps://security-tracker.debian.org/tracker/CVE-2019-18397Third Party Advisory
cve@mitre.orghttps://security.gentoo.org/glsa/202003-41
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2019:4326
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2019:4361
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2020:0291
af854a3a-2127-422b-91ae-364da2661108https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=944327Issue Tracking, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/fribidi/fribidi/commit/034c6e9a1d296286305f4cfd1e0072b879f52568Patch
af854a3a-2127-422b-91ae-364da2661108https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TFS3N6KKXPI6ATDNEUFRSLX7R6BOBNIP/
af854a3a-2127-422b-91ae-364da2661108https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5UJRTG32FDNI7T637Q6PZYL3UCRR5HR/
af854a3a-2127-422b-91ae-364da2661108https://marc.info/?l=oss-security&m=157322128105807&w=2Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security-tracker.debian.org/tracker/CVE-2019-18397Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.gentoo.org/glsa/202003-41
Impacted products
Vendor Product Version
gnu fribidi *
debian debian_linux 10.0
debian debian_linux 8.0
debian debian_linux 9.0
debian debian_linux 10.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:gnu:fribidi:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A44D7FB1-D10A-4EE2-A822-2143C8FDD733",
              "versionEndIncluding": "1.0.7",
              "versionStartIncluding": "1.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A buffer overflow in the fribidi_get_par_embedding_levels_ex() function in lib/fribidi-bidi.c of GNU FriBidi through 1.0.7 allows an attacker to cause a denial of service or possibly execute arbitrary code by delivering crafted text content to a user, when this content is then rendered by an application that uses FriBidi for text layout calculations. Examples include any GNOME or GTK+ based application that uses Pango for text layout, as this internally uses FriBidi for bidirectional text layout. For example, the attacker can construct a crafted text file to be opened in GEdit, or a crafted IRC message to be viewed in HexChat."
    },
    {
      "lang": "es",
      "value": "Un desbordamiento de b\u00fafer en la funci\u00f3n fribidi_get_par_embedding_levels_ex() en la biblioteca lib/fribidi-bidi.c de GNU FriBidi versiones hasta 1.0.7, permite a un atacante causar una denegaci\u00f3n de servicio o posiblemente ejecutar c\u00f3digo arbitrario al entregar contenido de texto dise\u00f1ado a un usuario, cuando este contenido es entonces renderizado mediante una aplicaci\u00f3n que utiliza FriBidi para los c\u00e1lculos de dise\u00f1o de texto. Los ejemplos incluyen cualquier aplicaci\u00f3n basada en GNOME o GTK+ que use Pango para el dise\u00f1o de texto, ya que esto utiliza internamente FriBidi para el dise\u00f1o de texto bidireccional. Por ejemplo, el atacante puede construir un archivo de texto dise\u00f1ado para abrirse en GEdit, o un mensaje IRC dise\u00f1ado para ser visualizado en HexChat."
    }
  ],
  "id": "CVE-2019-18397",
  "lastModified": "2024-11-21T04:33:12.027",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-11-13T14:15:10.287",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "https://access.redhat.com/errata/RHSA-2019:4326"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://access.redhat.com/errata/RHSA-2019:4361"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://access.redhat.com/errata/RHSA-2020:0291"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking",
        "Third Party Advisory"
      ],
      "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=944327"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/fribidi/fribidi/commit/034c6e9a1d296286305f4cfd1e0072b879f52568"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TFS3N6KKXPI6ATDNEUFRSLX7R6BOBNIP/"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5UJRTG32FDNI7T637Q6PZYL3UCRR5HR/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://marc.info/?l=oss-security\u0026m=157322128105807\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security-tracker.debian.org/tracker/CVE-2019-18397"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://security.gentoo.org/glsa/202003-41"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2019:4326"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2019:4361"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2020:0291"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Third Party Advisory"
      ],
      "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=944327"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/fribidi/fribidi/commit/034c6e9a1d296286305f4cfd1e0072b879f52568"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TFS3N6KKXPI6ATDNEUFRSLX7R6BOBNIP/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W5UJRTG32FDNI7T637Q6PZYL3UCRR5HR/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://marc.info/?l=oss-security\u0026m=157322128105807\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security-tracker.debian.org/tracker/CVE-2019-18397"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://security.gentoo.org/glsa/202003-41"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-120"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.