ID:6398 - Exploit for Assertion failure in Pango - CVE-2018-15120

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Exploits ID:6398 - Exploit for Assertion failure in Pango - CVE-2018-15120

ID:6398 - Exploit for Assertion failure in Pango - CVE-2018-15120

Published: June 17, 2021


Vulnerability identifier: #VU14537
Vulnerability risk: Low
CVE-ID: CVE-2018-15120
CWE-ID: CWE-617
Exploitation vector: Remote access
Vulnerable software:
Pango

Link to public exploit:


Vulnerability description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to insufficient validation of user-supplied input processed by the pango/pango-emoji.c source code file. A remote attacker can type a series of invalid Unicode characters in the affected application, trigger an assertion failure and cause the application to crash.


Remediation

Update to version 1.42.4.