Oval Definition:oval:com.ubuntu.cosmic:def:201046530000000
Revision Date:2012-01-12Version:1
Title:CVE-2010-4653 on Ubuntu 18.10 (cosmic) - low.
Description:Due to an integer overflow when parsing CharCodes for fonts and a failure to check the return value of a memory allocation, it is possible to trigger writes to a narrow range of offsets from a NULL pointer. The chance of being able to exploit this for anything other than a crash is very remote: on x86 32-bit, there's no chance (since the write occurs between 0xffffffc4 and 0xfffffffc). At least the write lands in valid userspace on x86-64, but in my testing this memory is never mapped.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2010-4653
Platform(s):Ubuntu 18.10
Product(s):
Definition Synopsis
  • Ubuntu 18.10 (cosmic) is installed.
  • AND Package Information
  • ipe: while related to the CVE in some way, a decision has been made to ignore this issue (note: 'reached end-of-life').
  • OR libextractor: while related to the CVE in some way, a decision has been made to ignore this issue (note: 'reached end-of-life').
  • OR xpdf: while related to the CVE in some way, a decision has been made to ignore this issue (note: 'reached end-of-life').
  • BACK