MidnightBSD

Advisories for kobi_zamir

CVE-2010-3444 HIGH

Buffer overflow in the log2vis_utf8 function in pyfribidi.c in GNU FriBidi 0.19.1, 0.19.2, and possibly other versions, as used in PyFriBidi 0.10.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted Arabic UTF-8 string that causes original 2-byte UTF-8 sequences to be transformed into 3-byte sequences.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
kobi_zamir pyfribidi 0.10.1
fribidi gnu_fribidi 0.19.2
fribidi gnu_fribidi 0.19.1