Vulnerabilites related to mozilla - firefox_mobile
CVE-2012-1126 (GCVE-0-2012-1126)
Vulnerability from cvelistv5
Published
2012-04-25 10:00
Modified
2024-08-06 18:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted property data in a BDF font.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:45:27.421Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48508"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800581"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted property data in a BDF font."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-17T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48508"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800581"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1126",
"datePublished": "2012-04-25T10:00:00",
"dateReserved": "2012-02-14T00:00:00",
"dateUpdated": "2024-08-06T18:45:27.421Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1130 (GCVE-0-2012-1130)
Vulnerability from cvelistv5
Published
2012-04-25 10:00
Modified
2024-08-06 18:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted property data in a PCF font.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:45:27.402Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48951"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800587"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted property data in a PCF font."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-17T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48951"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800587"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1130",
"datePublished": "2012-04-25T10:00:00",
"dateReserved": "2012-02-14T00:00:00",
"dateUpdated": "2024-08-06T18:45:27.402Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1139 (GCVE-0-2012-1139)
Vulnerability from cvelistv5
Published
2012-04-25 10:00
Modified
2024-08-06 18:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Array index error in FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid stack read operation and memory corruption) or possibly execute arbitrary code via crafted glyph data in a BDF font.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:45:27.501Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48951"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800598"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Array index error in FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid stack read operation and memory corruption) or possibly execute arbitrary code via crafted glyph data in a BDF font."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-17T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48951"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800598"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1139",
"datePublished": "2012-04-25T10:00:00",
"dateReserved": "2012-02-14T00:00:00",
"dateUpdated": "2024-08-06T18:45:27.501Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1140 (GCVE-0-2012-1140)
Vulnerability from cvelistv5
Published
2012-04-25 10:00
Modified
2024-08-06 18:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted PostScript font object.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:45:27.476Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800600"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted PostScript font object."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-17T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800600"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1140",
"datePublished": "2012-04-25T10:00:00",
"dateReserved": "2012-02-14T00:00:00",
"dateUpdated": "2024-08-06T18:45:27.476Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1129 (GCVE-0-2012-1129)
Vulnerability from cvelistv5
Published
2012-04-25 10:00
Modified
2024-08-06 18:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted SFNT string in a Type 42 font.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:45:27.510Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800585"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted SFNT string in a Type 42 font."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-17T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800585"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1129",
"datePublished": "2012-04-25T10:00:00",
"dateReserved": "2012-02-14T00:00:00",
"dateUpdated": "2024-08-06T18:45:27.510Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1135 (GCVE-0-2012-1135)
Vulnerability from cvelistv5
Published
2012-04-25 10:00
Modified
2024-08-06 18:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors involving the NPUSHB and NPUSHW instructions in a TrueType font.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:45:27.368Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48951"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800593"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors involving the NPUSHB and NPUSHW instructions in a TrueType font."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-17T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48951"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800593"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1135",
"datePublished": "2012-04-25T10:00:00",
"dateReserved": "2012-02-14T00:00:00",
"dateUpdated": "2024-08-06T18:45:27.368Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1131 (GCVE-0-2012-1131)
Vulnerability from cvelistv5
Published
2012-04-25 10:00
Modified
2024-08-06 18:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, on 64-bit platforms allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors related to the cell table of a font.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:45:27.430Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48508"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800589"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, on 64-bit platforms allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors related to the cell table of a font."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-17T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48508"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800589"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1131",
"datePublished": "2012-04-25T10:00:00",
"dateReserved": "2012-02-14T00:00:00",
"dateUpdated": "2024-08-06T18:45:27.430Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1144 (GCVE-0-2012-1144)
Vulnerability from cvelistv5
Published
2012-04-25 10:00
Modified
2024-08-06 18:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via a crafted TrueType font.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:45:27.490Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "48300",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48300"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"name": "DSA-2428",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2428"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800607"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via a crafted TrueType font."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-17T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "48300",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48300"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"name": "DSA-2428",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2428"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800607"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1144",
"datePublished": "2012-04-25T10:00:00",
"dateReserved": "2012-02-14T00:00:00",
"dateUpdated": "2024-08-06T18:45:27.490Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-3979 (GCVE-0-2012-3979)
Vulnerability from cvelistv5
Published
2012-08-29 10:00
Modified
2024-08-06 20:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Mozilla Firefox before 15.0 on Android does not properly implement unspecified callers of the __android_log_print function, which allows remote attackers to execute arbitrary code via a crafted web page that calls the JavaScript dump function.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:21:04.209Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-71.html"
},
{
"name": "55344",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/55344"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=769265"
},
{
"name": "SUSE-SU-2012:1167",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00014.html"
},
{
"name": "SUSE-SU-2012:1157",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00011.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-08-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Mozilla Firefox before 15.0 on Android does not properly implement unspecified callers of the __android_log_print function, which allows remote attackers to execute arbitrary code via a crafted web page that calls the JavaScript dump function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-10-30T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-71.html"
},
{
"name": "55344",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/55344"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=769265"
},
{
"name": "SUSE-SU-2012:1167",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00014.html"
},
{
"name": "SUSE-SU-2012:1157",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00011.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-3979",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Mozilla Firefox before 15.0 on Android does not properly implement unspecified callers of the __android_log_print function, which allows remote attackers to execute arbitrary code via a crafted web page that calls the JavaScript dump function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.mozilla.org/security/announce/2012/mfsa2012-71.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-71.html"
},
{
"name": "55344",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55344"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=769265",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=769265"
},
{
"name": "SUSE-SU-2012:1167",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00014.html"
},
{
"name": "SUSE-SU-2012:1157",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00011.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-3979",
"datePublished": "2012-08-29T10:00:00",
"dateReserved": "2012-07-11T00:00:00",
"dateUpdated": "2024-08-06T20:21:04.209Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1133 (GCVE-0-2012-1133)
Vulnerability from cvelistv5
Published
2012-04-25 10:00
Modified
2024-08-06 18:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:45:27.519Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48300",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48300"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800591"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"name": "DSA-2428",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2428"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-17T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48300",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48300"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800591"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"name": "DSA-2428",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2428"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1133",
"datePublished": "2012-04-25T10:00:00",
"dateReserved": "2012-02-14T00:00:00",
"dateUpdated": "2024-08-06T18:45:27.519Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1142 (GCVE-0-2012-1142)
Vulnerability from cvelistv5
Published
2012-04-25 10:00
Modified
2024-08-06 18:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph-outline data in a font.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:45:27.375Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48300",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48300"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800604"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"name": "DSA-2428",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2428"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph-outline data in a font."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-17T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48300",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48300"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800604"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"name": "DSA-2428",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2428"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1142",
"datePublished": "2012-04-25T10:00:00",
"dateReserved": "2012-02-14T00:00:00",
"dateUpdated": "2024-08-06T18:45:27.375Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1136 (GCVE-0-2012-1136)
Vulnerability from cvelistv5
Published
2012-04-25 10:00
Modified
2024-08-06 18:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font that lacks an ENCODING field.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:45:27.474Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48300",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48300"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800594"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"name": "DSA-2428",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2428"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font that lacks an ENCODING field."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-17T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48300",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48300"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800594"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"name": "DSA-2428",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2428"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1136",
"datePublished": "2012-04-25T10:00:00",
"dateReserved": "2012-02-14T00:00:00",
"dateUpdated": "2024-08-06T18:45:27.474Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1128 (GCVE-0-2012-1128)
Vulnerability from cvelistv5
Published
2012-04-25 10:00
Modified
2024-08-06 18:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and memory corruption) or possibly execute arbitrary code via a crafted TrueType font.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:45:27.403Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800584"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and memory corruption) or possibly execute arbitrary code via a crafted TrueType font."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-17T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800584"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1128",
"datePublished": "2012-04-25T10:00:00",
"dateReserved": "2012-02-14T00:00:00",
"dateUpdated": "2024-08-06T18:45:27.403Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1138 (GCVE-0-2012-1138)
Vulnerability from cvelistv5
Published
2012-04-25 10:00
Modified
2024-08-06 18:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors involving the MIRP instruction in a TrueType font.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:45:27.576Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48951"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800597"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors involving the MIRP instruction in a TrueType font."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-17T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48951"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800597"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1138",
"datePublished": "2012-04-25T10:00:00",
"dateReserved": "2012-02-14T00:00:00",
"dateUpdated": "2024-08-06T18:45:27.576Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1134 (GCVE-0-2012-1134)
Vulnerability from cvelistv5
Published
2012-04-25 10:00
Modified
2024-08-06 18:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted private-dictionary data in a Type 1 font.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:45:27.472Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48300",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48300"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800592"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"name": "DSA-2428",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2428"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted private-dictionary data in a Type 1 font."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-17T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48300",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48300"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800592"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"name": "DSA-2428",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2428"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1134",
"datePublished": "2012-04-25T10:00:00",
"dateReserved": "2012-02-14T00:00:00",
"dateUpdated": "2024-08-06T18:45:27.472Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1141 (GCVE-0-2012-1141)
Vulnerability from cvelistv5
Published
2012-04-25 10:00
Modified
2024-08-06 18:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted ASCII string in a BDF font.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:45:27.470Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800602"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted ASCII string in a BDF font."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-17T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800602"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1141",
"datePublished": "2012-04-25T10:00:00",
"dateReserved": "2012-02-14T00:00:00",
"dateUpdated": "2024-08-06T18:45:27.470Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1127 (GCVE-0-2012-1127)
Vulnerability from cvelistv5
Published
2012-04-25 10:00
Modified
2024-08-06 18:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:45:27.509Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800583"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-17T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800583"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1127",
"datePublished": "2012-04-25T10:00:00",
"dateReserved": "2012-02-14T00:00:00",
"dateUpdated": "2024-08-06T18:45:27.509Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1143 (GCVE-0-2012-1143)
Vulnerability from cvelistv5
Published
2012-04-25 10:00
Modified
2024-08-06 18:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted font.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:45:27.489Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800606"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted font."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-17T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800606"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1143",
"datePublished": "2012-04-25T10:00:00",
"dateReserved": "2012-02-14T00:00:00",
"dateUpdated": "2024-08-06T18:45:27.489Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1132 (GCVE-0-2012-1132)
Vulnerability from cvelistv5
Published
2012-04-25 10:00
Modified
2024-08-06 18:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted dictionary data in a Type 1 font.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:45:27.380Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800590"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted dictionary data in a Type 1 font."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-17T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "48918",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48918"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "SUSE-SU-2012:0521",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800590"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1132",
"datePublished": "2012-04-25T10:00:00",
"dateReserved": "2012-02-14T00:00:00",
"dateUpdated": "2024-08-06T18:45:27.380Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1137 (GCVE-0-2012-1137)
Vulnerability from cvelistv5
Published
2012-04-25 10:00
Modified
2024-08-06 18:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted header in a BDF font.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:45:27.481Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800595"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted header in a BDF font."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-17T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "48797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48797"
},
{
"name": "48508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48508"
},
{
"name": "48822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48822"
},
{
"name": "MDVSA-2012:057",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"name": "APPLE-SA-2012-09-19-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"name": "48758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48758"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5503"
},
{
"name": "52318",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52318"
},
{
"name": "USN-1403-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"name": "SUSE-SU-2012:0484",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"name": "48973",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48973"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"name": "RHSA-2012:0467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"name": "SUSE-SU-2012:0483",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800595"
},
{
"name": "1026765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026765"
},
{
"name": "openSUSE-SU-2012:0489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"name": "48951",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48951"
},
{
"name": "GLSA-201204-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1137",
"datePublished": "2012-04-25T10:00:00",
"dateReserved": "2012-02-14T00:00:00",
"dateUpdated": "2024-08-06T18:45:27.481Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2012-04-25 10:10
Modified
2025-04-11 00:51
Severity ?
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted property data in a PCF font.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| secalert@redhat.com | http://secunia.com/advisories/48508 | ||
| secalert@redhat.com | http://secunia.com/advisories/48758 | ||
| secalert@redhat.com | http://secunia.com/advisories/48797 | ||
| secalert@redhat.com | http://secunia.com/advisories/48822 | ||
| secalert@redhat.com | http://secunia.com/advisories/48918 | ||
| secalert@redhat.com | http://secunia.com/advisories/48951 | ||
| secalert@redhat.com | http://secunia.com/advisories/48973 | ||
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| secalert@redhat.com | http://support.apple.com/kb/HT5503 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| secalert@redhat.com | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/52318 | ||
| secalert@redhat.com | http://www.securitytracker.com/id?1026765 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1403-1 | ||
| secalert@redhat.com | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=800587 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48508 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48758 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48797 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48822 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48918 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48951 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48973 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT5503 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/52318 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1026765 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1403-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=800587 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| freetype | freetype | 1.3.1 | |
| freetype | freetype | 2.0.0 | |
| freetype | freetype | 2.0.1 | |
| freetype | freetype | 2.0.2 | |
| freetype | freetype | 2.0.3 | |
| freetype | freetype | 2.0.4 | |
| freetype | freetype | 2.0.5 | |
| freetype | freetype | 2.0.6 | |
| freetype | freetype | 2.0.7 | |
| freetype | freetype | 2.0.8 | |
| freetype | freetype | 2.0.9 | |
| freetype | freetype | 2.1 | |
| freetype | freetype | 2.1.3 | |
| freetype | freetype | 2.1.4 | |
| freetype | freetype | 2.1.5 | |
| freetype | freetype | 2.1.6 | |
| freetype | freetype | 2.1.7 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.9 | |
| freetype | freetype | 2.1.10 | |
| freetype | freetype | 2.2.0 | |
| freetype | freetype | 2.2.1 | |
| freetype | freetype | 2.3.0 | |
| freetype | freetype | 2.3.1 | |
| freetype | freetype | 2.3.2 | |
| freetype | freetype | 2.3.3 | |
| freetype | freetype | 2.3.4 | |
| freetype | freetype | 2.3.5 | |
| freetype | freetype | 2.3.6 | |
| freetype | freetype | 2.3.7 | |
| freetype | freetype | 2.3.8 | |
| freetype | freetype | 2.3.9 | |
| freetype | freetype | 2.3.10 | |
| freetype | freetype | 2.3.11 | |
| freetype | freetype | 2.3.12 | |
| freetype | freetype | 2.4.0 | |
| freetype | freetype | 2.4.1 | |
| freetype | freetype | 2.4.2 | |
| freetype | freetype | 2.4.3 | |
| freetype | freetype | 2.4.4 | |
| freetype | freetype | 2.4.5 | |
| freetype | freetype | 2.4.6 | |
| freetype | freetype | 2.4.7 | |
| mozilla | firefox_mobile | * | |
| mozilla | firefox_mobile | 1.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 5.0 | |
| mozilla | firefox_mobile | 6.0 | |
| mozilla | firefox_mobile | 6.0.1 | |
| mozilla | firefox_mobile | 6.0.2 | |
| mozilla | firefox_mobile | 7.0 | |
| mozilla | firefox_mobile | 8.0 | |
| mozilla | firefox_mobile | 9.0 | |
| mozilla | firefox_mobile | 10.0 | |
| mozilla | firefox_mobile | 10.0.1 | |
| mozilla | firefox_mobile | 10.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AE5852E-FBD0-4F23-82C0-4E8FBDDF558B",
"versionEndIncluding": "2.4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "888C3BB8-510B-4FBE-BA5D-0D488583C7DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B67236B-7DEF-40AE-BC6F-12CB39329C4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7EEC5D17-9141-4CA5-9D4C-76C15BAE4FBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F1019F69-8E42-43C9-926C-B948659666F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AA678E5E-9380-4D31-973F-018349F7F346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5E06AD6E-8B77-4E57-AA07-507CD1F809F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB69925-10FB-4DFD-8764-B6640B88FCEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B126D1A0-6B54-4C56-8CEC-B395D54A5C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "98D0D1A3-886D-4EE3-AC1A-3B36D192E8B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DB0B0E33-0D7D-45E9-ADFD-20C6DCB5ED64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "28CA4C7D-D70A-44CF-8E3D-F2612CCA0799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4E76672-7216-443E-BBD8-120DA96F7E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "369D87D8-E4A7-4EC4-B508-2940EE174F95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "288FDB59-7FE4-4351-8822-554ADF07C79A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B681257A-F8D8-46D5-995D-BC44F54DD5C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "56E0DEB6-4414-49AB-88E9-988CE5D8EF67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "56A90D08-2CAF-422F-8587-7D88EC7632A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9B944FEB-F69D-4F6C-9485-26F95A5874B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9B9B1DE-89F6-463D-A3F4-6366D5D30077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F73474B9-6853-4C5C-9CB9-5F4D3080D1C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5283E910-D512-481C-804E-8717A83B24CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A28C0F7A-F1F3-4F3B-81B9-228DA8FCCCD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7252819-BA8A-4BD1-BAAA-179A8777C994",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11575E3C-2BEA-4264-AE41-4A962BD17035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D333A965-EAD2-40DB-8FBE-C4C7DF44C35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA37666-D2E6-47EF-BFFE-A9449D6A72CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B49505-C973-4673-A9BC-34ACA25059D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8ECCA-58F2-4A05-8DF2-79C09A5FB275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8697D11D-BBDF-4722-85F7-5144A5D26E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "50E3EDA8-04D1-4DF1-80BB-72C6003E8F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AB06CA25-BB25-43B8-9FC2-62C399CC52EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6AF7414E-33A7-40E2-AEF0-1AE9D7D1B077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC0BD12-E065-4CC9-8AEE-E4C34A58EC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "214DC64B-BA35-486B-AE30-F2D9381E4D26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B7CDE19A-473A-4BC5-AA7B-3D08FEEEE82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8401A8-A328-49F6-BAE8-337F5F36C906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3FBF5BAA-8027-478F-BE06-3D3F4F823C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31358B5D-4087-4207-9730-297BA47DAA83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3A73E016-A4B0-416D-B9B6-786A787DAD3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0588BCE1-059B-4602-B274-E9D268720B55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D19BE9CC-6B1C-4AC8-9740-2ABDF40C4FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F3E33C-95E0-4EEF-8E26-F7044D8C3892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0871F88D-3D36-4EAA-B2B4-39D844FF8874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B3396203-9BDF-4E7D-85CC-0B6AA7DC55C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C25B56F0-B244-4D64-BC8F-341214080A90",
"versionEndIncluding": "10.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B00C6411-5566-4060-B68B-8F1674B9E280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C4A1A-E3C7-40DD-AF51-AFFA0D904722",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "B6A0EDF9-2260-439F-9CF0-A66CBE35ACF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "6E55723B-B7B8-4EBF-8767-55988D26E82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "761B33B6-4FFD-4E6C-92B4-2186F8D195C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8E4E272B-27F1-41CE-8B60-B1C098105A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "907FA1DF-E3D3-4E46-B353-753E70C292CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "97DE5B71-865A-4DB0-A31A-1CA75A5AB7AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B64C7CE2-6BA7-4294-80CF-3AE25EE9529B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "640595E6-3E39-4112-887E-174C86D18630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E26E8D7-334C-4260-A8EE-82DF067CC081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "643623BB-29E4-4138-AFC6-252368FC9495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CEA838D-5FE6-47A7-8367-F040FF01B681",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF547E94-BEC4-4D32-A2AF-AFEBFE11782A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB1307C-64E4-4EC2-BB07-012107CA5DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "91C9D50D-9450-489C-8336-4332F8FD6806",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted property data in a PCF font."
},
{
"lang": "es",
"value": "FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegaci\u00f3n de servicio (operaci\u00f3n no v\u00e1lida de escritura y corrupci\u00f3n de memoria) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de datos de las propiedades modificadas en una fuente PCF.."
}
],
"id": "CVE-2012-1130",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-04-25T10:10:18.137",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800587"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800587"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-04-25 10:10
Modified
2025-04-11 00:51
Severity ?
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted SFNT string in a Type 42 font.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| secalert@redhat.com | http://secunia.com/advisories/48508 | ||
| secalert@redhat.com | http://secunia.com/advisories/48797 | ||
| secalert@redhat.com | http://secunia.com/advisories/48822 | ||
| secalert@redhat.com | http://secunia.com/advisories/48918 | ||
| secalert@redhat.com | http://secunia.com/advisories/48951 | ||
| secalert@redhat.com | http://secunia.com/advisories/48973 | ||
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| secalert@redhat.com | http://support.apple.com/kb/HT5503 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| secalert@redhat.com | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/52318 | ||
| secalert@redhat.com | http://www.securitytracker.com/id?1026765 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1403-1 | ||
| secalert@redhat.com | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=800585 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48508 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48797 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48822 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48918 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48951 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48973 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT5503 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/52318 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1026765 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1403-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=800585 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| freetype | freetype | 1.3.1 | |
| freetype | freetype | 2.0.0 | |
| freetype | freetype | 2.0.1 | |
| freetype | freetype | 2.0.2 | |
| freetype | freetype | 2.0.3 | |
| freetype | freetype | 2.0.4 | |
| freetype | freetype | 2.0.5 | |
| freetype | freetype | 2.0.6 | |
| freetype | freetype | 2.0.7 | |
| freetype | freetype | 2.0.8 | |
| freetype | freetype | 2.0.9 | |
| freetype | freetype | 2.1 | |
| freetype | freetype | 2.1.3 | |
| freetype | freetype | 2.1.4 | |
| freetype | freetype | 2.1.5 | |
| freetype | freetype | 2.1.6 | |
| freetype | freetype | 2.1.7 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.9 | |
| freetype | freetype | 2.1.10 | |
| freetype | freetype | 2.2.0 | |
| freetype | freetype | 2.2.1 | |
| freetype | freetype | 2.3.0 | |
| freetype | freetype | 2.3.1 | |
| freetype | freetype | 2.3.2 | |
| freetype | freetype | 2.3.3 | |
| freetype | freetype | 2.3.4 | |
| freetype | freetype | 2.3.5 | |
| freetype | freetype | 2.3.6 | |
| freetype | freetype | 2.3.7 | |
| freetype | freetype | 2.3.8 | |
| freetype | freetype | 2.3.9 | |
| freetype | freetype | 2.3.10 | |
| freetype | freetype | 2.3.11 | |
| freetype | freetype | 2.3.12 | |
| freetype | freetype | 2.4.0 | |
| freetype | freetype | 2.4.1 | |
| freetype | freetype | 2.4.2 | |
| freetype | freetype | 2.4.3 | |
| freetype | freetype | 2.4.4 | |
| freetype | freetype | 2.4.5 | |
| freetype | freetype | 2.4.6 | |
| freetype | freetype | 2.4.7 | |
| mozilla | firefox_mobile | * | |
| mozilla | firefox_mobile | 1.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 5.0 | |
| mozilla | firefox_mobile | 6.0 | |
| mozilla | firefox_mobile | 6.0.1 | |
| mozilla | firefox_mobile | 6.0.2 | |
| mozilla | firefox_mobile | 7.0 | |
| mozilla | firefox_mobile | 8.0 | |
| mozilla | firefox_mobile | 9.0 | |
| mozilla | firefox_mobile | 10.0 | |
| mozilla | firefox_mobile | 10.0.1 | |
| mozilla | firefox_mobile | 10.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AE5852E-FBD0-4F23-82C0-4E8FBDDF558B",
"versionEndIncluding": "2.4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "888C3BB8-510B-4FBE-BA5D-0D488583C7DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B67236B-7DEF-40AE-BC6F-12CB39329C4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7EEC5D17-9141-4CA5-9D4C-76C15BAE4FBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F1019F69-8E42-43C9-926C-B948659666F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AA678E5E-9380-4D31-973F-018349F7F346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5E06AD6E-8B77-4E57-AA07-507CD1F809F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB69925-10FB-4DFD-8764-B6640B88FCEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B126D1A0-6B54-4C56-8CEC-B395D54A5C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "98D0D1A3-886D-4EE3-AC1A-3B36D192E8B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DB0B0E33-0D7D-45E9-ADFD-20C6DCB5ED64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "28CA4C7D-D70A-44CF-8E3D-F2612CCA0799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4E76672-7216-443E-BBD8-120DA96F7E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "369D87D8-E4A7-4EC4-B508-2940EE174F95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "288FDB59-7FE4-4351-8822-554ADF07C79A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B681257A-F8D8-46D5-995D-BC44F54DD5C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "56E0DEB6-4414-49AB-88E9-988CE5D8EF67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "56A90D08-2CAF-422F-8587-7D88EC7632A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9B944FEB-F69D-4F6C-9485-26F95A5874B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9B9B1DE-89F6-463D-A3F4-6366D5D30077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F73474B9-6853-4C5C-9CB9-5F4D3080D1C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5283E910-D512-481C-804E-8717A83B24CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A28C0F7A-F1F3-4F3B-81B9-228DA8FCCCD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7252819-BA8A-4BD1-BAAA-179A8777C994",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11575E3C-2BEA-4264-AE41-4A962BD17035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D333A965-EAD2-40DB-8FBE-C4C7DF44C35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA37666-D2E6-47EF-BFFE-A9449D6A72CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B49505-C973-4673-A9BC-34ACA25059D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8ECCA-58F2-4A05-8DF2-79C09A5FB275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8697D11D-BBDF-4722-85F7-5144A5D26E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "50E3EDA8-04D1-4DF1-80BB-72C6003E8F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AB06CA25-BB25-43B8-9FC2-62C399CC52EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6AF7414E-33A7-40E2-AEF0-1AE9D7D1B077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC0BD12-E065-4CC9-8AEE-E4C34A58EC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "214DC64B-BA35-486B-AE30-F2D9381E4D26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B7CDE19A-473A-4BC5-AA7B-3D08FEEEE82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8401A8-A328-49F6-BAE8-337F5F36C906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3FBF5BAA-8027-478F-BE06-3D3F4F823C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31358B5D-4087-4207-9730-297BA47DAA83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3A73E016-A4B0-416D-B9B6-786A787DAD3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0588BCE1-059B-4602-B274-E9D268720B55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D19BE9CC-6B1C-4AC8-9740-2ABDF40C4FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F3E33C-95E0-4EEF-8E26-F7044D8C3892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0871F88D-3D36-4EAA-B2B4-39D844FF8874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B3396203-9BDF-4E7D-85CC-0B6AA7DC55C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C25B56F0-B244-4D64-BC8F-341214080A90",
"versionEndIncluding": "10.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B00C6411-5566-4060-B68B-8F1674B9E280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C4A1A-E3C7-40DD-AF51-AFFA0D904722",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "B6A0EDF9-2260-439F-9CF0-A66CBE35ACF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "6E55723B-B7B8-4EBF-8767-55988D26E82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "761B33B6-4FFD-4E6C-92B4-2186F8D195C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8E4E272B-27F1-41CE-8B60-B1C098105A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "907FA1DF-E3D3-4E46-B353-753E70C292CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "97DE5B71-865A-4DB0-A31A-1CA75A5AB7AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B64C7CE2-6BA7-4294-80CF-3AE25EE9529B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "640595E6-3E39-4112-887E-174C86D18630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E26E8D7-334C-4260-A8EE-82DF067CC081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "643623BB-29E4-4138-AFC6-252368FC9495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CEA838D-5FE6-47A7-8367-F040FF01B681",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF547E94-BEC4-4D32-A2AF-AFEBFE11782A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB1307C-64E4-4EC2-BB07-012107CA5DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "91C9D50D-9450-489C-8336-4332F8FD6806",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted SFNT string in a Type 42 font."
},
{
"lang": "es",
"value": "FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegaci\u00f3n de servicio (operaci\u00f3n no v\u00e1lida de escritura y corrupci\u00f3n de memoria) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de una cadena SFNT modificada en una fuente Type 42."
}
],
"id": "CVE-2012-1129",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-04-25T10:10:18.090",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800585"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800585"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-04-25 10:10
Modified
2025-04-11 00:51
Severity ?
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted font.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| secalert@redhat.com | http://secunia.com/advisories/48508 | ||
| secalert@redhat.com | http://secunia.com/advisories/48758 | ||
| secalert@redhat.com | http://secunia.com/advisories/48797 | ||
| secalert@redhat.com | http://secunia.com/advisories/48822 | ||
| secalert@redhat.com | http://secunia.com/advisories/48918 | ||
| secalert@redhat.com | http://secunia.com/advisories/48951 | ||
| secalert@redhat.com | http://secunia.com/advisories/48973 | ||
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| secalert@redhat.com | http://support.apple.com/kb/HT5503 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| secalert@redhat.com | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/52318 | ||
| secalert@redhat.com | http://www.securitytracker.com/id?1026765 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1403-1 | ||
| secalert@redhat.com | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=800606 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48508 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48758 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48797 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48822 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48918 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48951 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48973 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT5503 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/52318 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1026765 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1403-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=800606 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| freetype | freetype | 1.3.1 | |
| freetype | freetype | 2.0.0 | |
| freetype | freetype | 2.0.1 | |
| freetype | freetype | 2.0.2 | |
| freetype | freetype | 2.0.3 | |
| freetype | freetype | 2.0.4 | |
| freetype | freetype | 2.0.5 | |
| freetype | freetype | 2.0.6 | |
| freetype | freetype | 2.0.7 | |
| freetype | freetype | 2.0.8 | |
| freetype | freetype | 2.0.9 | |
| freetype | freetype | 2.1 | |
| freetype | freetype | 2.1.3 | |
| freetype | freetype | 2.1.4 | |
| freetype | freetype | 2.1.5 | |
| freetype | freetype | 2.1.6 | |
| freetype | freetype | 2.1.7 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.9 | |
| freetype | freetype | 2.1.10 | |
| freetype | freetype | 2.2.0 | |
| freetype | freetype | 2.2.1 | |
| freetype | freetype | 2.3.0 | |
| freetype | freetype | 2.3.1 | |
| freetype | freetype | 2.3.2 | |
| freetype | freetype | 2.3.3 | |
| freetype | freetype | 2.3.4 | |
| freetype | freetype | 2.3.5 | |
| freetype | freetype | 2.3.6 | |
| freetype | freetype | 2.3.7 | |
| freetype | freetype | 2.3.8 | |
| freetype | freetype | 2.3.9 | |
| freetype | freetype | 2.3.10 | |
| freetype | freetype | 2.3.11 | |
| freetype | freetype | 2.3.12 | |
| freetype | freetype | 2.4.0 | |
| freetype | freetype | 2.4.1 | |
| freetype | freetype | 2.4.2 | |
| freetype | freetype | 2.4.3 | |
| freetype | freetype | 2.4.4 | |
| freetype | freetype | 2.4.5 | |
| freetype | freetype | 2.4.6 | |
| freetype | freetype | 2.4.7 | |
| mozilla | firefox_mobile | * | |
| mozilla | firefox_mobile | 1.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 5.0 | |
| mozilla | firefox_mobile | 6.0 | |
| mozilla | firefox_mobile | 6.0.1 | |
| mozilla | firefox_mobile | 6.0.2 | |
| mozilla | firefox_mobile | 7.0 | |
| mozilla | firefox_mobile | 8.0 | |
| mozilla | firefox_mobile | 9.0 | |
| mozilla | firefox_mobile | 10.0 | |
| mozilla | firefox_mobile | 10.0.1 | |
| mozilla | firefox_mobile | 10.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AE5852E-FBD0-4F23-82C0-4E8FBDDF558B",
"versionEndIncluding": "2.4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "888C3BB8-510B-4FBE-BA5D-0D488583C7DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B67236B-7DEF-40AE-BC6F-12CB39329C4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7EEC5D17-9141-4CA5-9D4C-76C15BAE4FBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F1019F69-8E42-43C9-926C-B948659666F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AA678E5E-9380-4D31-973F-018349F7F346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5E06AD6E-8B77-4E57-AA07-507CD1F809F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB69925-10FB-4DFD-8764-B6640B88FCEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B126D1A0-6B54-4C56-8CEC-B395D54A5C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "98D0D1A3-886D-4EE3-AC1A-3B36D192E8B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DB0B0E33-0D7D-45E9-ADFD-20C6DCB5ED64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "28CA4C7D-D70A-44CF-8E3D-F2612CCA0799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4E76672-7216-443E-BBD8-120DA96F7E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "369D87D8-E4A7-4EC4-B508-2940EE174F95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "288FDB59-7FE4-4351-8822-554ADF07C79A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B681257A-F8D8-46D5-995D-BC44F54DD5C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "56E0DEB6-4414-49AB-88E9-988CE5D8EF67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "56A90D08-2CAF-422F-8587-7D88EC7632A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9B944FEB-F69D-4F6C-9485-26F95A5874B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9B9B1DE-89F6-463D-A3F4-6366D5D30077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F73474B9-6853-4C5C-9CB9-5F4D3080D1C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5283E910-D512-481C-804E-8717A83B24CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A28C0F7A-F1F3-4F3B-81B9-228DA8FCCCD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7252819-BA8A-4BD1-BAAA-179A8777C994",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11575E3C-2BEA-4264-AE41-4A962BD17035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D333A965-EAD2-40DB-8FBE-C4C7DF44C35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA37666-D2E6-47EF-BFFE-A9449D6A72CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B49505-C973-4673-A9BC-34ACA25059D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8ECCA-58F2-4A05-8DF2-79C09A5FB275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8697D11D-BBDF-4722-85F7-5144A5D26E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "50E3EDA8-04D1-4DF1-80BB-72C6003E8F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AB06CA25-BB25-43B8-9FC2-62C399CC52EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6AF7414E-33A7-40E2-AEF0-1AE9D7D1B077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC0BD12-E065-4CC9-8AEE-E4C34A58EC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "214DC64B-BA35-486B-AE30-F2D9381E4D26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B7CDE19A-473A-4BC5-AA7B-3D08FEEEE82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8401A8-A328-49F6-BAE8-337F5F36C906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3FBF5BAA-8027-478F-BE06-3D3F4F823C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31358B5D-4087-4207-9730-297BA47DAA83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3A73E016-A4B0-416D-B9B6-786A787DAD3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0588BCE1-059B-4602-B274-E9D268720B55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D19BE9CC-6B1C-4AC8-9740-2ABDF40C4FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F3E33C-95E0-4EEF-8E26-F7044D8C3892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0871F88D-3D36-4EAA-B2B4-39D844FF8874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B3396203-9BDF-4E7D-85CC-0B6AA7DC55C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C25B56F0-B244-4D64-BC8F-341214080A90",
"versionEndIncluding": "10.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B00C6411-5566-4060-B68B-8F1674B9E280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C4A1A-E3C7-40DD-AF51-AFFA0D904722",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "B6A0EDF9-2260-439F-9CF0-A66CBE35ACF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "6E55723B-B7B8-4EBF-8767-55988D26E82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "761B33B6-4FFD-4E6C-92B4-2186F8D195C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8E4E272B-27F1-41CE-8B60-B1C098105A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "907FA1DF-E3D3-4E46-B353-753E70C292CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "97DE5B71-865A-4DB0-A31A-1CA75A5AB7AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B64C7CE2-6BA7-4294-80CF-3AE25EE9529B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "640595E6-3E39-4112-887E-174C86D18630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E26E8D7-334C-4260-A8EE-82DF067CC081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "643623BB-29E4-4138-AFC6-252368FC9495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CEA838D-5FE6-47A7-8367-F040FF01B681",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF547E94-BEC4-4D32-A2AF-AFEBFE11782A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB1307C-64E4-4EC2-BB07-012107CA5DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "91C9D50D-9450-489C-8336-4332F8FD6806",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted font."
},
{
"lang": "es",
"value": "FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegaci\u00f3n de servicio (error de divisi\u00f3n por cero) a trav\u00e9s de una fuente TrueType modificada."
}
],
"id": "CVE-2012-1143",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-04-25T10:10:18.730",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800606"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800606"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-04-25 10:10
Modified
2025-04-11 00:51
Severity ?
Summary
Array index error in FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid stack read operation and memory corruption) or possibly execute arbitrary code via crafted glyph data in a BDF font.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| secalert@redhat.com | http://secunia.com/advisories/48508 | ||
| secalert@redhat.com | http://secunia.com/advisories/48758 | ||
| secalert@redhat.com | http://secunia.com/advisories/48797 | ||
| secalert@redhat.com | http://secunia.com/advisories/48822 | ||
| secalert@redhat.com | http://secunia.com/advisories/48918 | ||
| secalert@redhat.com | http://secunia.com/advisories/48951 | ||
| secalert@redhat.com | http://secunia.com/advisories/48973 | ||
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| secalert@redhat.com | http://support.apple.com/kb/HT5503 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| secalert@redhat.com | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/52318 | ||
| secalert@redhat.com | http://www.securitytracker.com/id?1026765 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1403-1 | ||
| secalert@redhat.com | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=800598 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48508 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48758 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48797 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48822 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48918 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48951 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48973 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT5503 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/52318 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1026765 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1403-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=800598 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| freetype | freetype | 1.3.1 | |
| freetype | freetype | 2.0.0 | |
| freetype | freetype | 2.0.1 | |
| freetype | freetype | 2.0.2 | |
| freetype | freetype | 2.0.3 | |
| freetype | freetype | 2.0.4 | |
| freetype | freetype | 2.0.5 | |
| freetype | freetype | 2.0.6 | |
| freetype | freetype | 2.0.7 | |
| freetype | freetype | 2.0.8 | |
| freetype | freetype | 2.0.9 | |
| freetype | freetype | 2.1 | |
| freetype | freetype | 2.1.3 | |
| freetype | freetype | 2.1.4 | |
| freetype | freetype | 2.1.5 | |
| freetype | freetype | 2.1.6 | |
| freetype | freetype | 2.1.7 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.9 | |
| freetype | freetype | 2.1.10 | |
| freetype | freetype | 2.2.0 | |
| freetype | freetype | 2.2.1 | |
| freetype | freetype | 2.3.0 | |
| freetype | freetype | 2.3.1 | |
| freetype | freetype | 2.3.2 | |
| freetype | freetype | 2.3.3 | |
| freetype | freetype | 2.3.4 | |
| freetype | freetype | 2.3.5 | |
| freetype | freetype | 2.3.6 | |
| freetype | freetype | 2.3.7 | |
| freetype | freetype | 2.3.8 | |
| freetype | freetype | 2.3.9 | |
| freetype | freetype | 2.3.10 | |
| freetype | freetype | 2.3.11 | |
| freetype | freetype | 2.3.12 | |
| freetype | freetype | 2.4.0 | |
| freetype | freetype | 2.4.1 | |
| freetype | freetype | 2.4.2 | |
| freetype | freetype | 2.4.3 | |
| freetype | freetype | 2.4.4 | |
| freetype | freetype | 2.4.5 | |
| freetype | freetype | 2.4.6 | |
| freetype | freetype | 2.4.7 | |
| mozilla | firefox_mobile | * | |
| mozilla | firefox_mobile | 1.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 5.0 | |
| mozilla | firefox_mobile | 6.0 | |
| mozilla | firefox_mobile | 6.0.1 | |
| mozilla | firefox_mobile | 6.0.2 | |
| mozilla | firefox_mobile | 7.0 | |
| mozilla | firefox_mobile | 8.0 | |
| mozilla | firefox_mobile | 9.0 | |
| mozilla | firefox_mobile | 10.0 | |
| mozilla | firefox_mobile | 10.0.1 | |
| mozilla | firefox_mobile | 10.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AE5852E-FBD0-4F23-82C0-4E8FBDDF558B",
"versionEndIncluding": "2.4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "888C3BB8-510B-4FBE-BA5D-0D488583C7DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B67236B-7DEF-40AE-BC6F-12CB39329C4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7EEC5D17-9141-4CA5-9D4C-76C15BAE4FBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F1019F69-8E42-43C9-926C-B948659666F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AA678E5E-9380-4D31-973F-018349F7F346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5E06AD6E-8B77-4E57-AA07-507CD1F809F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB69925-10FB-4DFD-8764-B6640B88FCEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B126D1A0-6B54-4C56-8CEC-B395D54A5C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "98D0D1A3-886D-4EE3-AC1A-3B36D192E8B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DB0B0E33-0D7D-45E9-ADFD-20C6DCB5ED64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "28CA4C7D-D70A-44CF-8E3D-F2612CCA0799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4E76672-7216-443E-BBD8-120DA96F7E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "369D87D8-E4A7-4EC4-B508-2940EE174F95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "288FDB59-7FE4-4351-8822-554ADF07C79A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B681257A-F8D8-46D5-995D-BC44F54DD5C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "56E0DEB6-4414-49AB-88E9-988CE5D8EF67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "56A90D08-2CAF-422F-8587-7D88EC7632A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9B944FEB-F69D-4F6C-9485-26F95A5874B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9B9B1DE-89F6-463D-A3F4-6366D5D30077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F73474B9-6853-4C5C-9CB9-5F4D3080D1C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5283E910-D512-481C-804E-8717A83B24CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A28C0F7A-F1F3-4F3B-81B9-228DA8FCCCD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7252819-BA8A-4BD1-BAAA-179A8777C994",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11575E3C-2BEA-4264-AE41-4A962BD17035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D333A965-EAD2-40DB-8FBE-C4C7DF44C35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA37666-D2E6-47EF-BFFE-A9449D6A72CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B49505-C973-4673-A9BC-34ACA25059D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8ECCA-58F2-4A05-8DF2-79C09A5FB275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8697D11D-BBDF-4722-85F7-5144A5D26E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "50E3EDA8-04D1-4DF1-80BB-72C6003E8F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AB06CA25-BB25-43B8-9FC2-62C399CC52EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6AF7414E-33A7-40E2-AEF0-1AE9D7D1B077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC0BD12-E065-4CC9-8AEE-E4C34A58EC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "214DC64B-BA35-486B-AE30-F2D9381E4D26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B7CDE19A-473A-4BC5-AA7B-3D08FEEEE82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8401A8-A328-49F6-BAE8-337F5F36C906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3FBF5BAA-8027-478F-BE06-3D3F4F823C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31358B5D-4087-4207-9730-297BA47DAA83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3A73E016-A4B0-416D-B9B6-786A787DAD3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0588BCE1-059B-4602-B274-E9D268720B55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D19BE9CC-6B1C-4AC8-9740-2ABDF40C4FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F3E33C-95E0-4EEF-8E26-F7044D8C3892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0871F88D-3D36-4EAA-B2B4-39D844FF8874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B3396203-9BDF-4E7D-85CC-0B6AA7DC55C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C25B56F0-B244-4D64-BC8F-341214080A90",
"versionEndIncluding": "10.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B00C6411-5566-4060-B68B-8F1674B9E280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C4A1A-E3C7-40DD-AF51-AFFA0D904722",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "B6A0EDF9-2260-439F-9CF0-A66CBE35ACF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "6E55723B-B7B8-4EBF-8767-55988D26E82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "761B33B6-4FFD-4E6C-92B4-2186F8D195C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8E4E272B-27F1-41CE-8B60-B1C098105A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "907FA1DF-E3D3-4E46-B353-753E70C292CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "97DE5B71-865A-4DB0-A31A-1CA75A5AB7AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B64C7CE2-6BA7-4294-80CF-3AE25EE9529B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "640595E6-3E39-4112-887E-174C86D18630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E26E8D7-334C-4260-A8EE-82DF067CC081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "643623BB-29E4-4138-AFC6-252368FC9495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CEA838D-5FE6-47A7-8367-F040FF01B681",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF547E94-BEC4-4D32-A2AF-AFEBFE11782A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB1307C-64E4-4EC2-BB07-012107CA5DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "91C9D50D-9450-489C-8336-4332F8FD6806",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Array index error in FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid stack read operation and memory corruption) or possibly execute arbitrary code via crafted glyph data in a BDF font."
},
{
"lang": "es",
"value": "Error de \u00edndice de matriz en FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegaci\u00f3n de servicio (operaci\u00f3n no v\u00e1lida de escritura y corrupci\u00f3n de memoria) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s del glifo modificado de una fuente BDF."
}
],
"id": "CVE-2012-1139",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-04-25T10:10:18.557",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800598"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800598"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-04-25 10:10
Modified
2025-04-11 00:51
Severity ?
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph-outline data in a font.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| secalert@redhat.com | http://secunia.com/advisories/48300 | ||
| secalert@redhat.com | http://secunia.com/advisories/48508 | ||
| secalert@redhat.com | http://secunia.com/advisories/48758 | ||
| secalert@redhat.com | http://secunia.com/advisories/48797 | ||
| secalert@redhat.com | http://secunia.com/advisories/48822 | ||
| secalert@redhat.com | http://secunia.com/advisories/48918 | ||
| secalert@redhat.com | http://secunia.com/advisories/48951 | ||
| secalert@redhat.com | http://secunia.com/advisories/48973 | ||
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| secalert@redhat.com | http://support.apple.com/kb/HT5503 | ||
| secalert@redhat.com | http://www.debian.org/security/2012/dsa-2428 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| secalert@redhat.com | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/52318 | ||
| secalert@redhat.com | http://www.securitytracker.com/id?1026765 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1403-1 | ||
| secalert@redhat.com | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=800604 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48300 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48508 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48758 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48797 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48822 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48918 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48951 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48973 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT5503 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2012/dsa-2428 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/52318 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1026765 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1403-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=800604 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| freetype | freetype | 1.3.1 | |
| freetype | freetype | 2.0.0 | |
| freetype | freetype | 2.0.1 | |
| freetype | freetype | 2.0.2 | |
| freetype | freetype | 2.0.3 | |
| freetype | freetype | 2.0.4 | |
| freetype | freetype | 2.0.5 | |
| freetype | freetype | 2.0.6 | |
| freetype | freetype | 2.0.7 | |
| freetype | freetype | 2.0.8 | |
| freetype | freetype | 2.0.9 | |
| freetype | freetype | 2.1 | |
| freetype | freetype | 2.1.3 | |
| freetype | freetype | 2.1.4 | |
| freetype | freetype | 2.1.5 | |
| freetype | freetype | 2.1.6 | |
| freetype | freetype | 2.1.7 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.9 | |
| freetype | freetype | 2.1.10 | |
| freetype | freetype | 2.2.0 | |
| freetype | freetype | 2.2.1 | |
| freetype | freetype | 2.3.0 | |
| freetype | freetype | 2.3.1 | |
| freetype | freetype | 2.3.2 | |
| freetype | freetype | 2.3.3 | |
| freetype | freetype | 2.3.4 | |
| freetype | freetype | 2.3.5 | |
| freetype | freetype | 2.3.6 | |
| freetype | freetype | 2.3.7 | |
| freetype | freetype | 2.3.8 | |
| freetype | freetype | 2.3.9 | |
| freetype | freetype | 2.3.10 | |
| freetype | freetype | 2.3.11 | |
| freetype | freetype | 2.3.12 | |
| freetype | freetype | 2.4.0 | |
| freetype | freetype | 2.4.1 | |
| freetype | freetype | 2.4.2 | |
| freetype | freetype | 2.4.3 | |
| freetype | freetype | 2.4.4 | |
| freetype | freetype | 2.4.5 | |
| freetype | freetype | 2.4.6 | |
| freetype | freetype | 2.4.7 | |
| mozilla | firefox_mobile | * | |
| mozilla | firefox_mobile | 1.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 5.0 | |
| mozilla | firefox_mobile | 6.0 | |
| mozilla | firefox_mobile | 6.0.1 | |
| mozilla | firefox_mobile | 6.0.2 | |
| mozilla | firefox_mobile | 7.0 | |
| mozilla | firefox_mobile | 8.0 | |
| mozilla | firefox_mobile | 9.0 | |
| mozilla | firefox_mobile | 10.0 | |
| mozilla | firefox_mobile | 10.0.1 | |
| mozilla | firefox_mobile | 10.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AE5852E-FBD0-4F23-82C0-4E8FBDDF558B",
"versionEndIncluding": "2.4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "888C3BB8-510B-4FBE-BA5D-0D488583C7DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B67236B-7DEF-40AE-BC6F-12CB39329C4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7EEC5D17-9141-4CA5-9D4C-76C15BAE4FBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F1019F69-8E42-43C9-926C-B948659666F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AA678E5E-9380-4D31-973F-018349F7F346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5E06AD6E-8B77-4E57-AA07-507CD1F809F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB69925-10FB-4DFD-8764-B6640B88FCEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B126D1A0-6B54-4C56-8CEC-B395D54A5C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "98D0D1A3-886D-4EE3-AC1A-3B36D192E8B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DB0B0E33-0D7D-45E9-ADFD-20C6DCB5ED64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "28CA4C7D-D70A-44CF-8E3D-F2612CCA0799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4E76672-7216-443E-BBD8-120DA96F7E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "369D87D8-E4A7-4EC4-B508-2940EE174F95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "288FDB59-7FE4-4351-8822-554ADF07C79A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B681257A-F8D8-46D5-995D-BC44F54DD5C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "56E0DEB6-4414-49AB-88E9-988CE5D8EF67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "56A90D08-2CAF-422F-8587-7D88EC7632A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9B944FEB-F69D-4F6C-9485-26F95A5874B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9B9B1DE-89F6-463D-A3F4-6366D5D30077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F73474B9-6853-4C5C-9CB9-5F4D3080D1C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5283E910-D512-481C-804E-8717A83B24CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A28C0F7A-F1F3-4F3B-81B9-228DA8FCCCD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7252819-BA8A-4BD1-BAAA-179A8777C994",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11575E3C-2BEA-4264-AE41-4A962BD17035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D333A965-EAD2-40DB-8FBE-C4C7DF44C35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA37666-D2E6-47EF-BFFE-A9449D6A72CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B49505-C973-4673-A9BC-34ACA25059D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8ECCA-58F2-4A05-8DF2-79C09A5FB275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8697D11D-BBDF-4722-85F7-5144A5D26E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "50E3EDA8-04D1-4DF1-80BB-72C6003E8F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AB06CA25-BB25-43B8-9FC2-62C399CC52EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6AF7414E-33A7-40E2-AEF0-1AE9D7D1B077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC0BD12-E065-4CC9-8AEE-E4C34A58EC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "214DC64B-BA35-486B-AE30-F2D9381E4D26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B7CDE19A-473A-4BC5-AA7B-3D08FEEEE82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8401A8-A328-49F6-BAE8-337F5F36C906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3FBF5BAA-8027-478F-BE06-3D3F4F823C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31358B5D-4087-4207-9730-297BA47DAA83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3A73E016-A4B0-416D-B9B6-786A787DAD3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0588BCE1-059B-4602-B274-E9D268720B55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D19BE9CC-6B1C-4AC8-9740-2ABDF40C4FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F3E33C-95E0-4EEF-8E26-F7044D8C3892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0871F88D-3D36-4EAA-B2B4-39D844FF8874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B3396203-9BDF-4E7D-85CC-0B6AA7DC55C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C25B56F0-B244-4D64-BC8F-341214080A90",
"versionEndIncluding": "10.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B00C6411-5566-4060-B68B-8F1674B9E280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C4A1A-E3C7-40DD-AF51-AFFA0D904722",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "B6A0EDF9-2260-439F-9CF0-A66CBE35ACF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "6E55723B-B7B8-4EBF-8767-55988D26E82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "761B33B6-4FFD-4E6C-92B4-2186F8D195C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8E4E272B-27F1-41CE-8B60-B1C098105A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "907FA1DF-E3D3-4E46-B353-753E70C292CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "97DE5B71-865A-4DB0-A31A-1CA75A5AB7AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B64C7CE2-6BA7-4294-80CF-3AE25EE9529B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "640595E6-3E39-4112-887E-174C86D18630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E26E8D7-334C-4260-A8EE-82DF067CC081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "643623BB-29E4-4138-AFC6-252368FC9495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CEA838D-5FE6-47A7-8367-F040FF01B681",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF547E94-BEC4-4D32-A2AF-AFEBFE11782A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB1307C-64E4-4EC2-BB07-012107CA5DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "91C9D50D-9450-489C-8336-4332F8FD6806",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph-outline data in a font."
},
{
"lang": "es",
"value": "FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegaci\u00f3n de servicio (operaci\u00f3n no v\u00e1lida de escritura y corrupci\u00f3n de memoria) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s del perfil modificado del glifo de una fuente."
}
],
"id": "CVE-2012-1142",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-04-25T10:10:18.683",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48300"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2012/dsa-2428"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800604"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48300"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2012/dsa-2428"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800604"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-04-25 10:10
Modified
2025-04-11 00:51
Severity ?
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors involving the NPUSHB and NPUSHW instructions in a TrueType font.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| secalert@redhat.com | http://secunia.com/advisories/48508 | ||
| secalert@redhat.com | http://secunia.com/advisories/48797 | ||
| secalert@redhat.com | http://secunia.com/advisories/48822 | ||
| secalert@redhat.com | http://secunia.com/advisories/48918 | ||
| secalert@redhat.com | http://secunia.com/advisories/48951 | ||
| secalert@redhat.com | http://secunia.com/advisories/48973 | ||
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| secalert@redhat.com | http://support.apple.com/kb/HT5503 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| secalert@redhat.com | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/52318 | ||
| secalert@redhat.com | http://www.securitytracker.com/id?1026765 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1403-1 | ||
| secalert@redhat.com | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=800593 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48508 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48797 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48822 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48918 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48951 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48973 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT5503 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/52318 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1026765 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1403-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=800593 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| freetype | freetype | 1.3.1 | |
| freetype | freetype | 2.0.0 | |
| freetype | freetype | 2.0.1 | |
| freetype | freetype | 2.0.2 | |
| freetype | freetype | 2.0.3 | |
| freetype | freetype | 2.0.4 | |
| freetype | freetype | 2.0.5 | |
| freetype | freetype | 2.0.6 | |
| freetype | freetype | 2.0.7 | |
| freetype | freetype | 2.0.8 | |
| freetype | freetype | 2.0.9 | |
| freetype | freetype | 2.1 | |
| freetype | freetype | 2.1.3 | |
| freetype | freetype | 2.1.4 | |
| freetype | freetype | 2.1.5 | |
| freetype | freetype | 2.1.6 | |
| freetype | freetype | 2.1.7 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.9 | |
| freetype | freetype | 2.1.10 | |
| freetype | freetype | 2.2.0 | |
| freetype | freetype | 2.2.1 | |
| freetype | freetype | 2.3.0 | |
| freetype | freetype | 2.3.1 | |
| freetype | freetype | 2.3.2 | |
| freetype | freetype | 2.3.3 | |
| freetype | freetype | 2.3.4 | |
| freetype | freetype | 2.3.5 | |
| freetype | freetype | 2.3.6 | |
| freetype | freetype | 2.3.7 | |
| freetype | freetype | 2.3.8 | |
| freetype | freetype | 2.3.9 | |
| freetype | freetype | 2.3.10 | |
| freetype | freetype | 2.3.11 | |
| freetype | freetype | 2.3.12 | |
| freetype | freetype | 2.4.0 | |
| freetype | freetype | 2.4.1 | |
| freetype | freetype | 2.4.2 | |
| freetype | freetype | 2.4.3 | |
| freetype | freetype | 2.4.4 | |
| freetype | freetype | 2.4.5 | |
| freetype | freetype | 2.4.6 | |
| freetype | freetype | 2.4.7 | |
| mozilla | firefox_mobile | * | |
| mozilla | firefox_mobile | 1.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 5.0 | |
| mozilla | firefox_mobile | 6.0 | |
| mozilla | firefox_mobile | 6.0.1 | |
| mozilla | firefox_mobile | 6.0.2 | |
| mozilla | firefox_mobile | 7.0 | |
| mozilla | firefox_mobile | 8.0 | |
| mozilla | firefox_mobile | 9.0 | |
| mozilla | firefox_mobile | 10.0 | |
| mozilla | firefox_mobile | 10.0.1 | |
| mozilla | firefox_mobile | 10.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AE5852E-FBD0-4F23-82C0-4E8FBDDF558B",
"versionEndIncluding": "2.4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "888C3BB8-510B-4FBE-BA5D-0D488583C7DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B67236B-7DEF-40AE-BC6F-12CB39329C4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7EEC5D17-9141-4CA5-9D4C-76C15BAE4FBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F1019F69-8E42-43C9-926C-B948659666F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AA678E5E-9380-4D31-973F-018349F7F346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5E06AD6E-8B77-4E57-AA07-507CD1F809F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB69925-10FB-4DFD-8764-B6640B88FCEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B126D1A0-6B54-4C56-8CEC-B395D54A5C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "98D0D1A3-886D-4EE3-AC1A-3B36D192E8B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DB0B0E33-0D7D-45E9-ADFD-20C6DCB5ED64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "28CA4C7D-D70A-44CF-8E3D-F2612CCA0799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4E76672-7216-443E-BBD8-120DA96F7E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "369D87D8-E4A7-4EC4-B508-2940EE174F95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "288FDB59-7FE4-4351-8822-554ADF07C79A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B681257A-F8D8-46D5-995D-BC44F54DD5C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "56E0DEB6-4414-49AB-88E9-988CE5D8EF67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "56A90D08-2CAF-422F-8587-7D88EC7632A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9B944FEB-F69D-4F6C-9485-26F95A5874B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9B9B1DE-89F6-463D-A3F4-6366D5D30077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F73474B9-6853-4C5C-9CB9-5F4D3080D1C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5283E910-D512-481C-804E-8717A83B24CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A28C0F7A-F1F3-4F3B-81B9-228DA8FCCCD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7252819-BA8A-4BD1-BAAA-179A8777C994",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11575E3C-2BEA-4264-AE41-4A962BD17035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D333A965-EAD2-40DB-8FBE-C4C7DF44C35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA37666-D2E6-47EF-BFFE-A9449D6A72CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B49505-C973-4673-A9BC-34ACA25059D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8ECCA-58F2-4A05-8DF2-79C09A5FB275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8697D11D-BBDF-4722-85F7-5144A5D26E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "50E3EDA8-04D1-4DF1-80BB-72C6003E8F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AB06CA25-BB25-43B8-9FC2-62C399CC52EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6AF7414E-33A7-40E2-AEF0-1AE9D7D1B077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC0BD12-E065-4CC9-8AEE-E4C34A58EC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "214DC64B-BA35-486B-AE30-F2D9381E4D26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B7CDE19A-473A-4BC5-AA7B-3D08FEEEE82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8401A8-A328-49F6-BAE8-337F5F36C906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3FBF5BAA-8027-478F-BE06-3D3F4F823C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31358B5D-4087-4207-9730-297BA47DAA83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3A73E016-A4B0-416D-B9B6-786A787DAD3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0588BCE1-059B-4602-B274-E9D268720B55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D19BE9CC-6B1C-4AC8-9740-2ABDF40C4FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F3E33C-95E0-4EEF-8E26-F7044D8C3892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0871F88D-3D36-4EAA-B2B4-39D844FF8874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B3396203-9BDF-4E7D-85CC-0B6AA7DC55C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C25B56F0-B244-4D64-BC8F-341214080A90",
"versionEndIncluding": "10.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B00C6411-5566-4060-B68B-8F1674B9E280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C4A1A-E3C7-40DD-AF51-AFFA0D904722",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "B6A0EDF9-2260-439F-9CF0-A66CBE35ACF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "6E55723B-B7B8-4EBF-8767-55988D26E82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "761B33B6-4FFD-4E6C-92B4-2186F8D195C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8E4E272B-27F1-41CE-8B60-B1C098105A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "907FA1DF-E3D3-4E46-B353-753E70C292CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "97DE5B71-865A-4DB0-A31A-1CA75A5AB7AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B64C7CE2-6BA7-4294-80CF-3AE25EE9529B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "640595E6-3E39-4112-887E-174C86D18630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E26E8D7-334C-4260-A8EE-82DF067CC081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "643623BB-29E4-4138-AFC6-252368FC9495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CEA838D-5FE6-47A7-8367-F040FF01B681",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF547E94-BEC4-4D32-A2AF-AFEBFE11782A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB1307C-64E4-4EC2-BB07-012107CA5DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "91C9D50D-9450-489C-8336-4332F8FD6806",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors involving the NPUSHB and NPUSHW instructions in a TrueType font."
},
{
"lang": "es",
"value": "FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegaci\u00f3n de servicio (operaci\u00f3n no v\u00e1lida de escritura y corrupci\u00f3n de memoria) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores que incluyen instrucciones NPUSHB y NPUSHW en una fuente TrueType."
}
],
"id": "CVE-2012-1135",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-04-25T10:10:18.370",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800593"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800593"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-08-29 10:56
Modified
2025-04-11 00:51
Severity ?
Summary
Mozilla Firefox before 15.0 on Android does not properly implement unspecified callers of the __android_log_print function, which allows remote attackers to execute arbitrary code via a crafted web page that calls the JavaScript dump function.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00011.html | ||
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00014.html | ||
| cve@mitre.org | http://www.mozilla.org/security/announce/2012/mfsa2012-71.html | Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/55344 | ||
| cve@mitre.org | https://bugzilla.mozilla.org/show_bug.cgi?id=769265 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00011.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00014.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2012/mfsa2012-71.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/55344 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=769265 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | firefox | * | |
| mozilla | firefox | 0.1 | |
| mozilla | firefox | 0.2 | |
| mozilla | firefox | 0.3 | |
| mozilla | firefox | 0.4 | |
| mozilla | firefox | 0.5 | |
| mozilla | firefox | 0.6 | |
| mozilla | firefox | 0.6.1 | |
| mozilla | firefox | 0.7 | |
| mozilla | firefox | 0.7.1 | |
| mozilla | firefox | 0.8 | |
| mozilla | firefox | 0.9 | |
| mozilla | firefox | 0.9 | |
| mozilla | firefox | 0.9.1 | |
| mozilla | firefox | 0.9.2 | |
| mozilla | firefox | 0.9.3 | |
| mozilla | firefox | 0.10 | |
| mozilla | firefox | 0.10.1 | |
| mozilla | firefox | 1.0 | |
| mozilla | firefox | 1.0 | |
| mozilla | firefox | 1.0.1 | |
| mozilla | firefox | 1.0.2 | |
| mozilla | firefox | 1.0.3 | |
| mozilla | firefox | 1.0.4 | |
| mozilla | firefox | 1.0.5 | |
| mozilla | firefox | 1.0.6 | |
| mozilla | firefox | 1.0.7 | |
| mozilla | firefox | 1.0.8 | |
| mozilla | firefox | 1.4.1 | |
| mozilla | firefox | 1.5 | |
| mozilla | firefox | 1.5 | |
| mozilla | firefox | 1.5 | |
| mozilla | firefox | 1.5.0.1 | |
| mozilla | firefox | 1.5.0.2 | |
| mozilla | firefox | 1.5.0.3 | |
| mozilla | firefox | 1.5.0.4 | |
| mozilla | firefox | 1.5.0.5 | |
| mozilla | firefox | 1.5.0.6 | |
| mozilla | firefox | 1.5.0.7 | |
| mozilla | firefox | 1.5.0.8 | |
| mozilla | firefox | 1.5.0.9 | |
| mozilla | firefox | 1.5.0.10 | |
| mozilla | firefox | 1.5.0.11 | |
| mozilla | firefox | 1.5.0.12 | |
| mozilla | firefox | 1.5.1 | |
| mozilla | firefox | 1.5.2 | |
| mozilla | firefox | 1.5.3 | |
| mozilla | firefox | 1.5.4 | |
| mozilla | firefox | 1.5.5 | |
| mozilla | firefox | 1.5.6 | |
| mozilla | firefox | 1.5.7 | |
| mozilla | firefox | 1.5.8 | |
| mozilla | firefox | 1.8 | |
| mozilla | firefox | 2.0 | |
| mozilla | firefox | 2.0.0.1 | |
| mozilla | firefox | 2.0.0.2 | |
| mozilla | firefox | 2.0.0.3 | |
| mozilla | firefox | 2.0.0.4 | |
| mozilla | firefox | 2.0.0.5 | |
| mozilla | firefox | 2.0.0.6 | |
| mozilla | firefox | 2.0.0.7 | |
| mozilla | firefox | 2.0.0.8 | |
| mozilla | firefox | 2.0.0.9 | |
| mozilla | firefox | 2.0.0.10 | |
| mozilla | firefox | 2.0.0.11 | |
| mozilla | firefox | 2.0.0.12 | |
| mozilla | firefox | 2.0.0.13 | |
| mozilla | firefox | 2.0.0.14 | |
| mozilla | firefox | 2.0.0.15 | |
| mozilla | firefox | 2.0.0.16 | |
| mozilla | firefox | 2.0.0.17 | |
| mozilla | firefox | 2.0.0.18 | |
| mozilla | firefox | 2.0.0.19 | |
| mozilla | firefox | 2.0.0.20 | |
| mozilla | firefox | 3.0 | |
| mozilla | firefox | 3.0.1 | |
| mozilla | firefox | 3.0.2 | |
| mozilla | firefox | 3.0.3 | |
| mozilla | firefox | 3.0.4 | |
| mozilla | firefox | 3.0.5 | |
| mozilla | firefox | 3.0.6 | |
| mozilla | firefox | 3.0.7 | |
| mozilla | firefox | 3.0.8 | |
| mozilla | firefox | 3.0.9 | |
| mozilla | firefox | 3.0.10 | |
| mozilla | firefox | 3.0.11 | |
| mozilla | firefox | 3.0.12 | |
| mozilla | firefox | 3.0.13 | |
| mozilla | firefox | 3.0.14 | |
| mozilla | firefox | 3.0.15 | |
| mozilla | firefox | 3.0.16 | |
| mozilla | firefox | 3.0.17 | |
| mozilla | firefox | 3.5 | |
| mozilla | firefox | 3.5.1 | |
| mozilla | firefox | 3.5.2 | |
| mozilla | firefox | 3.5.3 | |
| mozilla | firefox | 3.5.4 | |
| mozilla | firefox | 3.5.5 | |
| mozilla | firefox | 3.5.6 | |
| mozilla | firefox | 3.5.7 | |
| mozilla | firefox | 3.5.8 | |
| mozilla | firefox | 3.5.9 | |
| mozilla | firefox | 3.5.10 | |
| mozilla | firefox | 3.5.11 | |
| mozilla | firefox | 3.5.12 | |
| mozilla | firefox | 3.5.13 | |
| mozilla | firefox | 3.5.14 | |
| mozilla | firefox | 3.5.15 | |
| mozilla | firefox | 3.6 | |
| mozilla | firefox | 3.6.2 | |
| mozilla | firefox | 3.6.3 | |
| mozilla | firefox | 3.6.4 | |
| mozilla | firefox | 3.6.6 | |
| mozilla | firefox | 3.6.7 | |
| mozilla | firefox | 3.6.8 | |
| mozilla | firefox | 3.6.9 | |
| mozilla | firefox | 3.6.10 | |
| mozilla | firefox | 3.6.11 | |
| mozilla | firefox | 3.6.12 | |
| mozilla | firefox | 3.6.13 | |
| mozilla | firefox | 3.6.14 | |
| mozilla | firefox | 3.6.15 | |
| mozilla | firefox | 3.6.16 | |
| mozilla | firefox | 3.6.17 | |
| mozilla | firefox | 3.6.18 | |
| mozilla | firefox | 3.6.19 | |
| mozilla | firefox | 3.6.20 | |
| mozilla | firefox | 3.6.21 | |
| mozilla | firefox | 3.6.22 | |
| mozilla | firefox | 3.6.23 | |
| mozilla | firefox | 3.6.24 | |
| mozilla | firefox | 3.6.25 | |
| mozilla | firefox | 4.0 | |
| mozilla | firefox | 4.0 | |
| mozilla | firefox | 4.0 | |
| mozilla | firefox | 4.0 | |
| mozilla | firefox | 4.0 | |
| mozilla | firefox | 4.0 | |
| mozilla | firefox | 4.0 | |
| mozilla | firefox | 4.0 | |
| mozilla | firefox | 4.0 | |
| mozilla | firefox | 4.0 | |
| mozilla | firefox | 4.0 | |
| mozilla | firefox | 4.0 | |
| mozilla | firefox | 4.0 | |
| mozilla | firefox | 4.0.1 | |
| mozilla | firefox | 5.0 | |
| mozilla | firefox | 5.0.1 | |
| mozilla | firefox | 6.0 | |
| mozilla | firefox | 6.0.1 | |
| mozilla | firefox | 6.0.2 | |
| mozilla | firefox | 7.0 | |
| mozilla | firefox | 7.0.1 | |
| mozilla | firefox | 8.0 | |
| mozilla | firefox | 8.0.1 | |
| mozilla | firefox | 9.0 | |
| mozilla | firefox | 9.0.1 | |
| mozilla | firefox | 10.0 | |
| mozilla | firefox | 10.0.1 | |
| mozilla | firefox | 10.0.2 | |
| mozilla | firefox | 10.0.3 | |
| mozilla | firefox | 10.0.4 | |
| mozilla | firefox | 10.0.5 | |
| mozilla | firefox | 10.0.6 | |
| mozilla | firefox | 11.0 | |
| mozilla | firefox | 12.0 | |
| mozilla | firefox | 12.0 | |
| mozilla | firefox | 13.0 | |
| mozilla | firefox_mobile | 6.0.1 | |
| mozilla | firefox_mobile | 6.0.2 | |
| mozilla | firefox_mobile | 10.0 | |
| mozilla | firefox_mobile | 10.0.1 | |
| mozilla | firefox_mobile | 10.0.2 | |
| mozilla | firefox_mobile | 10.0.3 | |
| mozilla | firefox_mobile | 10.0.4 | |
| android | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3BAFECDE-D9A1-4600-81B6-163D74312B5B",
"versionEndIncluding": "14.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7C7AA88B-638A-451A-B235-A1A1444BE417",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9C01AD7C-8470-47AB-B8AE-670E3A381E89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7E43F2F1-9252-4B44-8A61-D05305915A5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3BB9D48B-DC7B-4D92-BB26-B6DE629A2506",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A360D595-A829-4DDE-932E-9995626917E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "6E9B5349-FAA7-4CDA-9533-1AD1ACDFAC4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "07243837-C353-4C25-A5B1-4DA32807E97D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B832C034-F793-415F-BFC8-D97A18BA6BC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:0.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "83CD1A13-66CB-49CC-BD84-5D8334DB774A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "93C142C5-3A85-432B-80D6-2E7B1B4694F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "2434FCE7-A50B-4527-9970-C7224B31141C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:0.9:rc:*:*:*:*:*:*",
"matchCriteriaId": "5633FB6E-D623-49D4-9858-4E20E64DE458",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:0.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "429ECA02-DBCD-45FB-942C-CA4BC1BC8A72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:0.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B5F0DC80-5473-465C-9D7F-9589F1B78E12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:0.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "567FF916-7DE0-403C-8528-7931A43E0D18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "010B34F4-910E-4515-990B-8E72DF009578",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:0.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8FAA1A89-E8D9-46D0-8E2C-9259920ACBFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5A545A77-2198-4685-A87F-E0F2DAECECF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.0:preview_release:*:*:*:*:*:*",
"matchCriteriaId": "438AACF8-006F-4522-853F-30DBBABD8C15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "778FAE0C-A5CF-4B67-93A9-1A803E3E699F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E7447185-7509-449D-8907-F30A42CF7EB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0EDBAC37-9D08-44D1-B279-BC6ACF126CAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3FFF89FA-2020-43CC-BACD-D66117B3DD26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "834BB391-5EB5-43A8-980A-D305EDAE6FA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9A38AD88-BAA6-4FBE-885B-69E951BD1EFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B500EE6C-99DB-49A3-A1F1-AFFD7FE28068",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "4F2938F2-A801-45E5-8E06-BE03DE03C8A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F18A45C0-419C-4723-AB7D-5880EF668CE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB88E86-6E83-4A59-9266-8B98AA91774D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.5:beta1:*:*:*:*:*:*",
"matchCriteriaId": "E19ED1CA-DEBD-4786-BA7B-C122C7D2E5B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.5:beta2:*:*:*:*:*:*",
"matchCriteriaId": "66BE50FE-EA21-4633-A181-CD35196DF06E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7D6BF5B1-86D1-47FE-9D9C-735718F94874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "84D15CE0-69DF-4EFD-801E-96A4D6AABEDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CEE203DE-6C0E-4FDE-9C3A-0E73430F17DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F2F38886-C25A-4C6B-93E7-36461405BA99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C65D2670-F37F-48CB-804A-D35BB1C27D9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "DE8E5194-7B34-4802-BDA6-6A86EB5EDE05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "FABA5F56-99F7-4F8F-9CC1-5B0B2EB72922",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "2917BD67-CE81-4B94-B241-D4A9DDA60319",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "A524A94E-F19B-42B9-AA8E-171751C339AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "F71436CF-F756-44E0-8E69-6951F6B3E54A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "582EE839-B83F-4908-9780-D0C92DC44FD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "824369CF-00A0-434E-94BC-71CA1317012C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BCB35099-B04E-4796-A25D-953329FE62F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5DBEBCFD-80D6-466A-BAEF-C75E65A3B12E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C30ACBCA-4FA1-46DE-8F15-4830BC27E160",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9453EF65-7C69-449E-BF7C-4FECFB56713E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4AA75825-21CF-475B-8040-126A13FA2216",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CA97C80E-17FA-4866-86CE-29886145ED80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7DE24BED-202E-416D-B5F2-8207D97B9939",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "04198E04-CE1D-4A5A-A20C-D1E135B45F94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "717DB967-F658-4699-A224-5B261BFEC10A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3487FA64-BE04-42CA-861E-3DAC097D7D32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F3D956DC-C73B-439F-8D79-8239207CC76F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "57E2C7E7-56C0-466C-BB08-5EB43922C4F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "462E135A-5616-46CC-A9C0-5A7A0526ACC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6121F9C1-F4DF-4AAB-9E51-AC1592AA5639",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "58D44634-A0B5-4F05-8983-B08D392EC742",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "EB3AC3D3-FDD7-489F-BDCF-BDB55DF33A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "4105171B-9C90-4ABF-B220-A35E7BA9EE40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "20985549-DB24-4B69-9D40-208A47AE658E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "43A13026-416F-4308-8A1B-E989BD769E12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "612B015E-9F96-4CE6-83E4-23848FD609E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "1E391619-0967-43E1-8CBC-4D54F72A85C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "0544D626-E269-4677-9B05-7DAB23BD103B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "C95F7B2C-80FC-4DF2-9680-F74634DCE3E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "863C140E-DC15-4A88-AB8A-8AEF9F4B8164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "38CD049A-5333-4FF7-AD34-6B74E19BADCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "0066576D-D66A-4B59-B5C3-471EEBEE8B9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "60ED6DAA-9194-4829-BC1A-00F04BE7930A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "13BEB9A6-EFD5-4793-9603-84DB84F1CF7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.19:*:*:*:*:*:*:*",
"matchCriteriaId": "461163C6-4CA8-4BA9-95A1-136E612CBA6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:2.0.0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "275E9D96-1290-44AB-BF9B-E9E4A803F593",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "412DF091-7604-4110-87A0-3488116A97E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "11E07FED-ABDB-4B0A-AB2E-4CBF1EAC4301",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9A6558F1-9E0D-4107-909A-8EF4BC8A9C2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "63DF3D65-C992-44CF-89B4-893526C6242E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A9024117-2E8B-4240-9E21-CC501F3879B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FBC3CAD3-2F54-4E32-A0C9-0D826C45AC23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "52624B41-AB34-40AD-8709-D9646B618AB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "917E9856-9556-4FD6-A834-858F8837A6B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "98BBD74D-930C-4D80-A91B-0D61347BAA63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "FAF2E696-883D-4DE5-8B79-D8E5D9470253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "94E04FD9-38E8-462D-82C2-729F7F7F0465",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "5888517E-3C57-4A0A-9895-EA4BCB0A0ED5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "0BB21291-B9F3-445E-A9E9-EA1822083DD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "D595F649-ECBE-45E0-8AAD-BCBC65A654B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "4FE6E920-9A4C-431B-89EA-683A22F15ACD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "18B6CC9F-6295-4598-B28B-0CA19D1D9F45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F0434D-C84F-49FD-9F44-66D3ACD7B601",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "F6AAB416-E865-4EEE-8FCB-A91253BEB52B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "76CD3BDF-A079-4EF3-ABDE-43CBDD08DB1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "031E8624-5161-43AF-AF19-6BAB5A94FDD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "54186D4A-C6F0-44AD-94FB-73B4346ABB6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "47E50AD9-BA35-4817-BD4D-5D678FC5A3C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DD09DE40-8C9B-41EA-B372-9E4E4830E8F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F223FB83-0EDB-4429-94B9-1AEEF314B73F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BC6B977F-292F-4981-95A0-6065A3C487D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "342226B9-2C0C-416C-81FE-19C49F03AA88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "2A6A28E0-F67A-4275-B0D9-A02822E9EF7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "ECAB4696-76F3-458C-B33B-D7F8690C60A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "BBB444FD-15F3-4447-9EA8-1669779A5749",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "F92E2EF3-A612-476F-9D31-1EEC240C7EA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.5.12:*:*:*:*:*:*:*",
"matchCriteriaId": "0F175D30-2416-4172-BF11-DA78D252D608",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.5.13:*:*:*:*:*:*:*",
"matchCriteriaId": "5DD3F168-3EF4-492E-BBAA-EACB1357C709",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.5.14:*:*:*:*:*:*:*",
"matchCriteriaId": "4B46BA97-2860-45E4-9FD3-F418A202E4F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.5.15:*:*:*:*:*:*:*",
"matchCriteriaId": "B1C23289-38C3-4C62-8B27-249EAECC297E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F3782354-7EB7-49D2-B240-1871F6CB84C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "30D47263-03AD-4060-91E3-90F997B3D174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AFD775DF-277E-4D5B-B980-B8E6E782467D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C8587BFD-417D-42BE-A5F8-22FDC68FA9E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D7364FAB-EEE9-4064-A8AD-6547239F9AB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "4C50485F-BC7B-4B70-A47B-1712E2DBAC5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "51EE386B-0833-484E-A2AB-86B4470D4D45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "C3EF1B4D-6556-4B3C-BDD0-6348A4D4A91D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "68C5C7CF-005B-42FC-B950-90303F0CC115",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.6.11:*:*:*:*:*:*:*",
"matchCriteriaId": "0B2FA2CF-7FE4-43B1-96A0-C14666EDBD7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.6.12:*:*:*:*:*:*:*",
"matchCriteriaId": "30290F6D-55CA-47EB-8F41-7BBB745C7A34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.6.13:*:*:*:*:*:*:*",
"matchCriteriaId": "F61F0607-14B0-49AD-B7E6-C4D75401C270",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.6.14:*:*:*:*:*:*:*",
"matchCriteriaId": "7FED863D-2898-4148-A9FB-73BFF9DE4396",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.6.15:*:*:*:*:*:*:*",
"matchCriteriaId": "779C1245-A6F9-41F5-B8D4-FAE506A23FD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.6.16:*:*:*:*:*:*:*",
"matchCriteriaId": "9E7CFEE9-70D4-465F-9FB9-397E6B200FA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.6.17:*:*:*:*:*:*:*",
"matchCriteriaId": "197E56BF-BE78-459F-A124-786DF39D1235",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.6.18:*:*:*:*:*:*:*",
"matchCriteriaId": "07747612-3890-4271-94A4-4347E5ED073D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.6.19:*:*:*:*:*:*:*",
"matchCriteriaId": "0855BA85-BC52-4EDF-915A-8B4E5FB48092",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.6.20:*:*:*:*:*:*:*",
"matchCriteriaId": "BC273819-9DDE-4591-9376-1DD5782461F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.6.21:*:*:*:*:*:*:*",
"matchCriteriaId": "9B68D1E7-B2F7-4581-8173-8CCF55A0E1BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.6.22:*:*:*:*:*:*:*",
"matchCriteriaId": "CDFF6453-B707-4772-8CDF-2F8922FD4894",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.6.23:*:*:*:*:*:*:*",
"matchCriteriaId": "C4D70DBF-1CF2-491D-BA0F-478D7732E01C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.6.24:*:*:*:*:*:*:*",
"matchCriteriaId": "0B55ADF9-6525-4EFA-A431-CD69C8C2216C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:3.6.25:*:*:*:*:*:*:*",
"matchCriteriaId": "B40A42AD-7097-47F8-9A3F-1806D8C174F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C69962C4-FA56-47F2-82A4-DFF4C19DAF3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:4.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "B7BC1684-3634-4585-B7E6-8C8777E1DA0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:4.0:beta10:*:*:*:*:*:*",
"matchCriteriaId": "A490D040-EF74-45C2-89ED-D88ADD222712",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:4.0:beta11:*:*:*:*:*:*",
"matchCriteriaId": "6CDA17D1-CD93-401E-860C-7C3291FEEB7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:4.0:beta12:*:*:*:*:*:*",
"matchCriteriaId": "6F72FDE3-54E0-48E4-9015-1B8A36DB1EC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "4062C901-3828-415B-A6C3-EDD0E7B20C0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "CC0D8730-7034-4AD6-9B05-F8BAFB0145EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "857AFB05-F0C1-4061-9680-9561D68C908F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:4.0:beta5:*:*:*:*:*:*",
"matchCriteriaId": "EC37EBAF-C979-4ACC-ACA9-BDC2AECCB0D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:4.0:beta6:*:*:*:*:*:*",
"matchCriteriaId": "80801CD8-EEAF-4BC4-9085-DCCC6CF73076",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:4.0:beta7:*:*:*:*:*:*",
"matchCriteriaId": "FAF4C78A-5093-4871-AF69-A8E8FD7E1AAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:4.0:beta8:*:*:*:*:*:*",
"matchCriteriaId": "560AD4C7-89D2-4323-BBCC-A89EEB6832CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:4.0:beta9:*:*:*:*:*:*",
"matchCriteriaId": "6B389CBC-4F6C-4C17-A87B-A6DD92703A10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DDFBA043-91BC-4FB5-A34D-FCE1A9C65A88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8901A808-66F1-4501-AFF6-6FBB22852855",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B88D1373-6E41-4EF4-86A0-CE85EA3BF23E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1F42315C-35AF-4EDD-8B78-A9EDB9F85D59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "62147F86-C2E6-4D55-9C72-F8BB430F2F7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CE4D1FFD-3AFE-4F52-BCBE-A56609B2D7EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5B2CD349-B9BF-4752-B7B9-665BF718EDB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "11A8F675-A91F-4E41-AA2B-5214DF79C69C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "75B6A811-2B5A-484A-9878-C8E2C3E7633C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "456769EF-8961-4038-A7D5-B980147159E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7439C998-E396-4EEC-9C21-E82D27459EA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A1CD246C-1104-4DA1-9BFD-ED0B1FBA7EF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A1D4D8C9-5A00-46FE-9E42-CB8C2D66B120",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E639BCCB-A6BF-4174-BFAF-9674E65BA404",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FDFC5947-3C3D-4484-8803-D6629C63B315",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:10.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A04BF0E2-0A40-4396-A46A-005D103D9E3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:10.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C0C4C930-6EC1-469D-811C-E85490AB38C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:10.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D93271DA-A9E2-459B-832E-162A803DD2E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:10.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "60ADFF75-220C-4729-B3C6-2CBA23C24C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9FEA6800-CBDB-497A-BBBE-1C40E8484A89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DF604D56-5D81-4276-88A1-AE321929E22A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:12.0:beta6:*:*:*:*:*:*",
"matchCriteriaId": "AB630A94-DA1F-4A7F-891D-E6F242C20271",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B038D136-BB5E-4252-B313-A13919195DB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B64C7CE2-6BA7-4294-80CF-3AE25EE9529B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "640595E6-3E39-4112-887E-174C86D18630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF547E94-BEC4-4D32-A2AF-AFEBFE11782A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB1307C-64E4-4EC2-BB07-012107CA5DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "91C9D50D-9450-489C-8336-4332F8FD6806",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B58CDD0D-5864-4433-9C54-ACAAB5ACFA98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "80C26C6C-74DE-4EC7-BCDE-A1156D445A8D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8255F035-04C8-4158-B301-82101711939C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Mozilla Firefox before 15.0 on Android does not properly implement unspecified callers of the __android_log_print function, which allows remote attackers to execute arbitrary code via a crafted web page that calls the JavaScript dump function."
},
{
"lang": "es",
"value": "Mozilla Firefox anterior a v15.0 en Android no implementa correctamente los (callers) de la funci\u00f3n __android_log_print, lo que permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de una p\u00e1gina web dise\u00f1ada que llama a la funci\u00f3n de volcado JavaScript."
}
],
"id": "CVE-2012-3979",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-08-29T10:56:41.237",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00011.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00014.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-71.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/55344"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=769265"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-71.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/55344"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=769265"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-04-25 10:10
Modified
2025-04-11 00:51
Severity ?
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted property data in a BDF font.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| secalert@redhat.com | http://secunia.com/advisories/48508 | ||
| secalert@redhat.com | http://secunia.com/advisories/48758 | ||
| secalert@redhat.com | http://secunia.com/advisories/48797 | ||
| secalert@redhat.com | http://secunia.com/advisories/48822 | ||
| secalert@redhat.com | http://secunia.com/advisories/48918 | ||
| secalert@redhat.com | http://secunia.com/advisories/48951 | ||
| secalert@redhat.com | http://secunia.com/advisories/48973 | ||
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| secalert@redhat.com | http://support.apple.com/kb/HT5503 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| secalert@redhat.com | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/52318 | ||
| secalert@redhat.com | http://www.securitytracker.com/id?1026765 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1403-1 | ||
| secalert@redhat.com | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=800581 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48508 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48758 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48797 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48822 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48918 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48951 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48973 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT5503 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/52318 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1026765 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1403-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=800581 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| freetype | freetype | 1.3.1 | |
| freetype | freetype | 2.0.0 | |
| freetype | freetype | 2.0.1 | |
| freetype | freetype | 2.0.2 | |
| freetype | freetype | 2.0.3 | |
| freetype | freetype | 2.0.4 | |
| freetype | freetype | 2.0.5 | |
| freetype | freetype | 2.0.6 | |
| freetype | freetype | 2.0.7 | |
| freetype | freetype | 2.0.8 | |
| freetype | freetype | 2.0.9 | |
| freetype | freetype | 2.1 | |
| freetype | freetype | 2.1.3 | |
| freetype | freetype | 2.1.4 | |
| freetype | freetype | 2.1.5 | |
| freetype | freetype | 2.1.6 | |
| freetype | freetype | 2.1.7 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.9 | |
| freetype | freetype | 2.1.10 | |
| freetype | freetype | 2.2.0 | |
| freetype | freetype | 2.2.1 | |
| freetype | freetype | 2.3.0 | |
| freetype | freetype | 2.3.1 | |
| freetype | freetype | 2.3.2 | |
| freetype | freetype | 2.3.3 | |
| freetype | freetype | 2.3.4 | |
| freetype | freetype | 2.3.5 | |
| freetype | freetype | 2.3.6 | |
| freetype | freetype | 2.3.7 | |
| freetype | freetype | 2.3.8 | |
| freetype | freetype | 2.3.9 | |
| freetype | freetype | 2.3.10 | |
| freetype | freetype | 2.3.11 | |
| freetype | freetype | 2.3.12 | |
| freetype | freetype | 2.4.0 | |
| freetype | freetype | 2.4.1 | |
| freetype | freetype | 2.4.2 | |
| freetype | freetype | 2.4.3 | |
| freetype | freetype | 2.4.4 | |
| freetype | freetype | 2.4.5 | |
| freetype | freetype | 2.4.6 | |
| freetype | freetype | 2.4.7 | |
| mozilla | firefox_mobile | * | |
| mozilla | firefox_mobile | 1.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 5.0 | |
| mozilla | firefox_mobile | 6.0 | |
| mozilla | firefox_mobile | 6.0.1 | |
| mozilla | firefox_mobile | 6.0.2 | |
| mozilla | firefox_mobile | 7.0 | |
| mozilla | firefox_mobile | 8.0 | |
| mozilla | firefox_mobile | 9.0 | |
| mozilla | firefox_mobile | 10.0 | |
| mozilla | firefox_mobile | 10.0.1 | |
| mozilla | firefox_mobile | 10.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AE5852E-FBD0-4F23-82C0-4E8FBDDF558B",
"versionEndIncluding": "2.4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "888C3BB8-510B-4FBE-BA5D-0D488583C7DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B67236B-7DEF-40AE-BC6F-12CB39329C4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7EEC5D17-9141-4CA5-9D4C-76C15BAE4FBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F1019F69-8E42-43C9-926C-B948659666F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AA678E5E-9380-4D31-973F-018349F7F346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5E06AD6E-8B77-4E57-AA07-507CD1F809F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB69925-10FB-4DFD-8764-B6640B88FCEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B126D1A0-6B54-4C56-8CEC-B395D54A5C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "98D0D1A3-886D-4EE3-AC1A-3B36D192E8B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DB0B0E33-0D7D-45E9-ADFD-20C6DCB5ED64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "28CA4C7D-D70A-44CF-8E3D-F2612CCA0799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4E76672-7216-443E-BBD8-120DA96F7E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "369D87D8-E4A7-4EC4-B508-2940EE174F95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "288FDB59-7FE4-4351-8822-554ADF07C79A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B681257A-F8D8-46D5-995D-BC44F54DD5C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "56E0DEB6-4414-49AB-88E9-988CE5D8EF67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "56A90D08-2CAF-422F-8587-7D88EC7632A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9B944FEB-F69D-4F6C-9485-26F95A5874B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9B9B1DE-89F6-463D-A3F4-6366D5D30077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F73474B9-6853-4C5C-9CB9-5F4D3080D1C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5283E910-D512-481C-804E-8717A83B24CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A28C0F7A-F1F3-4F3B-81B9-228DA8FCCCD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7252819-BA8A-4BD1-BAAA-179A8777C994",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11575E3C-2BEA-4264-AE41-4A962BD17035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D333A965-EAD2-40DB-8FBE-C4C7DF44C35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA37666-D2E6-47EF-BFFE-A9449D6A72CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B49505-C973-4673-A9BC-34ACA25059D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8ECCA-58F2-4A05-8DF2-79C09A5FB275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8697D11D-BBDF-4722-85F7-5144A5D26E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "50E3EDA8-04D1-4DF1-80BB-72C6003E8F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AB06CA25-BB25-43B8-9FC2-62C399CC52EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6AF7414E-33A7-40E2-AEF0-1AE9D7D1B077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC0BD12-E065-4CC9-8AEE-E4C34A58EC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "214DC64B-BA35-486B-AE30-F2D9381E4D26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B7CDE19A-473A-4BC5-AA7B-3D08FEEEE82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8401A8-A328-49F6-BAE8-337F5F36C906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3FBF5BAA-8027-478F-BE06-3D3F4F823C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31358B5D-4087-4207-9730-297BA47DAA83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3A73E016-A4B0-416D-B9B6-786A787DAD3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0588BCE1-059B-4602-B274-E9D268720B55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D19BE9CC-6B1C-4AC8-9740-2ABDF40C4FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F3E33C-95E0-4EEF-8E26-F7044D8C3892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0871F88D-3D36-4EAA-B2B4-39D844FF8874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B3396203-9BDF-4E7D-85CC-0B6AA7DC55C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C25B56F0-B244-4D64-BC8F-341214080A90",
"versionEndIncluding": "10.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B00C6411-5566-4060-B68B-8F1674B9E280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C4A1A-E3C7-40DD-AF51-AFFA0D904722",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "B6A0EDF9-2260-439F-9CF0-A66CBE35ACF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "6E55723B-B7B8-4EBF-8767-55988D26E82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "761B33B6-4FFD-4E6C-92B4-2186F8D195C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8E4E272B-27F1-41CE-8B60-B1C098105A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "907FA1DF-E3D3-4E46-B353-753E70C292CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "97DE5B71-865A-4DB0-A31A-1CA75A5AB7AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B64C7CE2-6BA7-4294-80CF-3AE25EE9529B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "640595E6-3E39-4112-887E-174C86D18630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E26E8D7-334C-4260-A8EE-82DF067CC081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "643623BB-29E4-4138-AFC6-252368FC9495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CEA838D-5FE6-47A7-8367-F040FF01B681",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF547E94-BEC4-4D32-A2AF-AFEBFE11782A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB1307C-64E4-4EC2-BB07-012107CA5DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "91C9D50D-9450-489C-8336-4332F8FD6806",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted property data in a BDF font."
},
{
"lang": "es",
"value": "FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegaci\u00f3n de servicio (operaci\u00f3n no v\u00e1lida de lectura y corrupci\u00f3n de memoria) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de datos de la propiedad modificados en una fuente BDF."
}
],
"id": "CVE-2012-1126",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-04-25T10:10:17.933",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800581"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800581"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-04-25 10:10
Modified
2025-04-11 00:51
Severity ?
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and memory corruption) or possibly execute arbitrary code via a crafted TrueType font.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| secalert@redhat.com | http://secunia.com/advisories/48508 | ||
| secalert@redhat.com | http://secunia.com/advisories/48822 | ||
| secalert@redhat.com | http://secunia.com/advisories/48973 | ||
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| secalert@redhat.com | http://support.apple.com/kb/HT5503 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| secalert@redhat.com | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/52318 | ||
| secalert@redhat.com | http://www.securitytracker.com/id?1026765 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1403-1 | ||
| secalert@redhat.com | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=800584 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48508 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48822 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48973 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT5503 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/52318 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1026765 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1403-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=800584 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| freetype | freetype | 1.3.1 | |
| freetype | freetype | 2.0.0 | |
| freetype | freetype | 2.0.1 | |
| freetype | freetype | 2.0.2 | |
| freetype | freetype | 2.0.3 | |
| freetype | freetype | 2.0.4 | |
| freetype | freetype | 2.0.5 | |
| freetype | freetype | 2.0.6 | |
| freetype | freetype | 2.0.7 | |
| freetype | freetype | 2.0.8 | |
| freetype | freetype | 2.0.9 | |
| freetype | freetype | 2.1 | |
| freetype | freetype | 2.1.3 | |
| freetype | freetype | 2.1.4 | |
| freetype | freetype | 2.1.5 | |
| freetype | freetype | 2.1.6 | |
| freetype | freetype | 2.1.7 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.9 | |
| freetype | freetype | 2.1.10 | |
| freetype | freetype | 2.2.0 | |
| freetype | freetype | 2.2.1 | |
| freetype | freetype | 2.3.0 | |
| freetype | freetype | 2.3.1 | |
| freetype | freetype | 2.3.2 | |
| freetype | freetype | 2.3.3 | |
| freetype | freetype | 2.3.4 | |
| freetype | freetype | 2.3.5 | |
| freetype | freetype | 2.3.6 | |
| freetype | freetype | 2.3.7 | |
| freetype | freetype | 2.3.8 | |
| freetype | freetype | 2.3.9 | |
| freetype | freetype | 2.3.10 | |
| freetype | freetype | 2.3.11 | |
| freetype | freetype | 2.3.12 | |
| freetype | freetype | 2.4.0 | |
| freetype | freetype | 2.4.1 | |
| freetype | freetype | 2.4.2 | |
| freetype | freetype | 2.4.3 | |
| freetype | freetype | 2.4.4 | |
| freetype | freetype | 2.4.5 | |
| freetype | freetype | 2.4.6 | |
| freetype | freetype | 2.4.7 | |
| mozilla | firefox_mobile | * | |
| mozilla | firefox_mobile | 1.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 5.0 | |
| mozilla | firefox_mobile | 6.0 | |
| mozilla | firefox_mobile | 6.0.1 | |
| mozilla | firefox_mobile | 6.0.2 | |
| mozilla | firefox_mobile | 7.0 | |
| mozilla | firefox_mobile | 8.0 | |
| mozilla | firefox_mobile | 9.0 | |
| mozilla | firefox_mobile | 10.0 | |
| mozilla | firefox_mobile | 10.0.1 | |
| mozilla | firefox_mobile | 10.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AE5852E-FBD0-4F23-82C0-4E8FBDDF558B",
"versionEndIncluding": "2.4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "888C3BB8-510B-4FBE-BA5D-0D488583C7DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B67236B-7DEF-40AE-BC6F-12CB39329C4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7EEC5D17-9141-4CA5-9D4C-76C15BAE4FBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F1019F69-8E42-43C9-926C-B948659666F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AA678E5E-9380-4D31-973F-018349F7F346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5E06AD6E-8B77-4E57-AA07-507CD1F809F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB69925-10FB-4DFD-8764-B6640B88FCEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B126D1A0-6B54-4C56-8CEC-B395D54A5C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "98D0D1A3-886D-4EE3-AC1A-3B36D192E8B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DB0B0E33-0D7D-45E9-ADFD-20C6DCB5ED64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "28CA4C7D-D70A-44CF-8E3D-F2612CCA0799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4E76672-7216-443E-BBD8-120DA96F7E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "369D87D8-E4A7-4EC4-B508-2940EE174F95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "288FDB59-7FE4-4351-8822-554ADF07C79A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B681257A-F8D8-46D5-995D-BC44F54DD5C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "56E0DEB6-4414-49AB-88E9-988CE5D8EF67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "56A90D08-2CAF-422F-8587-7D88EC7632A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9B944FEB-F69D-4F6C-9485-26F95A5874B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9B9B1DE-89F6-463D-A3F4-6366D5D30077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F73474B9-6853-4C5C-9CB9-5F4D3080D1C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5283E910-D512-481C-804E-8717A83B24CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A28C0F7A-F1F3-4F3B-81B9-228DA8FCCCD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7252819-BA8A-4BD1-BAAA-179A8777C994",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11575E3C-2BEA-4264-AE41-4A962BD17035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D333A965-EAD2-40DB-8FBE-C4C7DF44C35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA37666-D2E6-47EF-BFFE-A9449D6A72CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B49505-C973-4673-A9BC-34ACA25059D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8ECCA-58F2-4A05-8DF2-79C09A5FB275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8697D11D-BBDF-4722-85F7-5144A5D26E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "50E3EDA8-04D1-4DF1-80BB-72C6003E8F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AB06CA25-BB25-43B8-9FC2-62C399CC52EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6AF7414E-33A7-40E2-AEF0-1AE9D7D1B077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC0BD12-E065-4CC9-8AEE-E4C34A58EC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "214DC64B-BA35-486B-AE30-F2D9381E4D26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B7CDE19A-473A-4BC5-AA7B-3D08FEEEE82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8401A8-A328-49F6-BAE8-337F5F36C906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3FBF5BAA-8027-478F-BE06-3D3F4F823C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31358B5D-4087-4207-9730-297BA47DAA83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3A73E016-A4B0-416D-B9B6-786A787DAD3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0588BCE1-059B-4602-B274-E9D268720B55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D19BE9CC-6B1C-4AC8-9740-2ABDF40C4FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F3E33C-95E0-4EEF-8E26-F7044D8C3892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0871F88D-3D36-4EAA-B2B4-39D844FF8874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B3396203-9BDF-4E7D-85CC-0B6AA7DC55C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C25B56F0-B244-4D64-BC8F-341214080A90",
"versionEndIncluding": "10.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B00C6411-5566-4060-B68B-8F1674B9E280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C4A1A-E3C7-40DD-AF51-AFFA0D904722",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "B6A0EDF9-2260-439F-9CF0-A66CBE35ACF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "6E55723B-B7B8-4EBF-8767-55988D26E82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "761B33B6-4FFD-4E6C-92B4-2186F8D195C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8E4E272B-27F1-41CE-8B60-B1C098105A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "907FA1DF-E3D3-4E46-B353-753E70C292CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "97DE5B71-865A-4DB0-A31A-1CA75A5AB7AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B64C7CE2-6BA7-4294-80CF-3AE25EE9529B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "640595E6-3E39-4112-887E-174C86D18630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E26E8D7-334C-4260-A8EE-82DF067CC081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "643623BB-29E4-4138-AFC6-252368FC9495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CEA838D-5FE6-47A7-8367-F040FF01B681",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF547E94-BEC4-4D32-A2AF-AFEBFE11782A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB1307C-64E4-4EC2-BB07-012107CA5DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "91C9D50D-9450-489C-8336-4332F8FD6806",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and memory corruption) or possibly execute arbitrary code via a crafted TrueType font."
},
{
"lang": "es",
"value": "FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegaci\u00f3n de servicio (desreferencia de puntero nulo y corrupci\u00f3n de memoria) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de una fuente TrueType modificada."
}
],
"id": "CVE-2012-1128",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-04-25T10:10:18.057",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800584"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800584"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-04-25 10:10
Modified
2025-04-11 00:51
Severity ?
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via a crafted TrueType font.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| secalert@redhat.com | http://secunia.com/advisories/48300 | ||
| secalert@redhat.com | http://secunia.com/advisories/48508 | ||
| secalert@redhat.com | http://secunia.com/advisories/48758 | ||
| secalert@redhat.com | http://secunia.com/advisories/48822 | ||
| secalert@redhat.com | http://secunia.com/advisories/48973 | ||
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| secalert@redhat.com | http://support.apple.com/kb/HT5503 | ||
| secalert@redhat.com | http://www.debian.org/security/2012/dsa-2428 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| secalert@redhat.com | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/52318 | ||
| secalert@redhat.com | http://www.securitytracker.com/id?1026765 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1403-1 | ||
| secalert@redhat.com | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=800607 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48300 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48508 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48758 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48822 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48973 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT5503 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2012/dsa-2428 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/52318 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1026765 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1403-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=800607 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| freetype | freetype | 1.3.1 | |
| freetype | freetype | 2.0.0 | |
| freetype | freetype | 2.0.1 | |
| freetype | freetype | 2.0.2 | |
| freetype | freetype | 2.0.3 | |
| freetype | freetype | 2.0.4 | |
| freetype | freetype | 2.0.5 | |
| freetype | freetype | 2.0.6 | |
| freetype | freetype | 2.0.7 | |
| freetype | freetype | 2.0.8 | |
| freetype | freetype | 2.0.9 | |
| freetype | freetype | 2.1 | |
| freetype | freetype | 2.1.3 | |
| freetype | freetype | 2.1.4 | |
| freetype | freetype | 2.1.5 | |
| freetype | freetype | 2.1.6 | |
| freetype | freetype | 2.1.7 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.9 | |
| freetype | freetype | 2.1.10 | |
| freetype | freetype | 2.2.0 | |
| freetype | freetype | 2.2.1 | |
| freetype | freetype | 2.3.0 | |
| freetype | freetype | 2.3.1 | |
| freetype | freetype | 2.3.2 | |
| freetype | freetype | 2.3.3 | |
| freetype | freetype | 2.3.4 | |
| freetype | freetype | 2.3.5 | |
| freetype | freetype | 2.3.6 | |
| freetype | freetype | 2.3.7 | |
| freetype | freetype | 2.3.8 | |
| freetype | freetype | 2.3.9 | |
| freetype | freetype | 2.3.10 | |
| freetype | freetype | 2.3.11 | |
| freetype | freetype | 2.3.12 | |
| freetype | freetype | 2.4.0 | |
| freetype | freetype | 2.4.1 | |
| freetype | freetype | 2.4.2 | |
| freetype | freetype | 2.4.3 | |
| freetype | freetype | 2.4.4 | |
| freetype | freetype | 2.4.5 | |
| freetype | freetype | 2.4.6 | |
| freetype | freetype | 2.4.7 | |
| mozilla | firefox_mobile | * | |
| mozilla | firefox_mobile | 1.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 5.0 | |
| mozilla | firefox_mobile | 6.0 | |
| mozilla | firefox_mobile | 6.0.1 | |
| mozilla | firefox_mobile | 6.0.2 | |
| mozilla | firefox_mobile | 7.0 | |
| mozilla | firefox_mobile | 8.0 | |
| mozilla | firefox_mobile | 9.0 | |
| mozilla | firefox_mobile | 10.0 | |
| mozilla | firefox_mobile | 10.0.1 | |
| mozilla | firefox_mobile | 10.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AE5852E-FBD0-4F23-82C0-4E8FBDDF558B",
"versionEndIncluding": "2.4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "888C3BB8-510B-4FBE-BA5D-0D488583C7DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B67236B-7DEF-40AE-BC6F-12CB39329C4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7EEC5D17-9141-4CA5-9D4C-76C15BAE4FBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F1019F69-8E42-43C9-926C-B948659666F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AA678E5E-9380-4D31-973F-018349F7F346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5E06AD6E-8B77-4E57-AA07-507CD1F809F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB69925-10FB-4DFD-8764-B6640B88FCEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B126D1A0-6B54-4C56-8CEC-B395D54A5C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "98D0D1A3-886D-4EE3-AC1A-3B36D192E8B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DB0B0E33-0D7D-45E9-ADFD-20C6DCB5ED64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "28CA4C7D-D70A-44CF-8E3D-F2612CCA0799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4E76672-7216-443E-BBD8-120DA96F7E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "369D87D8-E4A7-4EC4-B508-2940EE174F95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "288FDB59-7FE4-4351-8822-554ADF07C79A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B681257A-F8D8-46D5-995D-BC44F54DD5C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "56E0DEB6-4414-49AB-88E9-988CE5D8EF67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "56A90D08-2CAF-422F-8587-7D88EC7632A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9B944FEB-F69D-4F6C-9485-26F95A5874B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9B9B1DE-89F6-463D-A3F4-6366D5D30077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F73474B9-6853-4C5C-9CB9-5F4D3080D1C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5283E910-D512-481C-804E-8717A83B24CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A28C0F7A-F1F3-4F3B-81B9-228DA8FCCCD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7252819-BA8A-4BD1-BAAA-179A8777C994",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11575E3C-2BEA-4264-AE41-4A962BD17035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D333A965-EAD2-40DB-8FBE-C4C7DF44C35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA37666-D2E6-47EF-BFFE-A9449D6A72CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B49505-C973-4673-A9BC-34ACA25059D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8ECCA-58F2-4A05-8DF2-79C09A5FB275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8697D11D-BBDF-4722-85F7-5144A5D26E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "50E3EDA8-04D1-4DF1-80BB-72C6003E8F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AB06CA25-BB25-43B8-9FC2-62C399CC52EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6AF7414E-33A7-40E2-AEF0-1AE9D7D1B077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC0BD12-E065-4CC9-8AEE-E4C34A58EC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "214DC64B-BA35-486B-AE30-F2D9381E4D26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B7CDE19A-473A-4BC5-AA7B-3D08FEEEE82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8401A8-A328-49F6-BAE8-337F5F36C906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3FBF5BAA-8027-478F-BE06-3D3F4F823C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31358B5D-4087-4207-9730-297BA47DAA83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3A73E016-A4B0-416D-B9B6-786A787DAD3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0588BCE1-059B-4602-B274-E9D268720B55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D19BE9CC-6B1C-4AC8-9740-2ABDF40C4FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F3E33C-95E0-4EEF-8E26-F7044D8C3892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0871F88D-3D36-4EAA-B2B4-39D844FF8874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B3396203-9BDF-4E7D-85CC-0B6AA7DC55C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C25B56F0-B244-4D64-BC8F-341214080A90",
"versionEndIncluding": "10.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B00C6411-5566-4060-B68B-8F1674B9E280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C4A1A-E3C7-40DD-AF51-AFFA0D904722",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "B6A0EDF9-2260-439F-9CF0-A66CBE35ACF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "6E55723B-B7B8-4EBF-8767-55988D26E82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "761B33B6-4FFD-4E6C-92B4-2186F8D195C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8E4E272B-27F1-41CE-8B60-B1C098105A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "907FA1DF-E3D3-4E46-B353-753E70C292CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "97DE5B71-865A-4DB0-A31A-1CA75A5AB7AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B64C7CE2-6BA7-4294-80CF-3AE25EE9529B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "640595E6-3E39-4112-887E-174C86D18630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E26E8D7-334C-4260-A8EE-82DF067CC081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "643623BB-29E4-4138-AFC6-252368FC9495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CEA838D-5FE6-47A7-8367-F040FF01B681",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF547E94-BEC4-4D32-A2AF-AFEBFE11782A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB1307C-64E4-4EC2-BB07-012107CA5DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "91C9D50D-9450-489C-8336-4332F8FD6806",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via a crafted TrueType font."
},
{
"lang": "es",
"value": "FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegaci\u00f3n de servicio (operaci\u00f3n no v\u00e1lida de escritura y corrupci\u00f3n de memoria) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de una fuente TrueType modificada."
}
],
"id": "CVE-2012-1144",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-04-25T10:10:18.777",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48300"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2012/dsa-2428"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800607"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48300"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2012/dsa-2428"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800607"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-04-25 10:10
Modified
2025-04-11 00:51
Severity ?
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted ASCII string in a BDF font.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| secalert@redhat.com | http://secunia.com/advisories/48508 | ||
| secalert@redhat.com | http://secunia.com/advisories/48758 | ||
| secalert@redhat.com | http://secunia.com/advisories/48797 | ||
| secalert@redhat.com | http://secunia.com/advisories/48822 | ||
| secalert@redhat.com | http://secunia.com/advisories/48918 | ||
| secalert@redhat.com | http://secunia.com/advisories/48951 | ||
| secalert@redhat.com | http://secunia.com/advisories/48973 | ||
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| secalert@redhat.com | http://support.apple.com/kb/HT5503 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| secalert@redhat.com | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/52318 | ||
| secalert@redhat.com | http://www.securitytracker.com/id?1026765 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1403-1 | ||
| secalert@redhat.com | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=800602 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48508 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48758 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48797 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48822 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48918 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48951 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48973 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT5503 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/52318 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1026765 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1403-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=800602 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| freetype | freetype | 1.3.1 | |
| freetype | freetype | 2.0.0 | |
| freetype | freetype | 2.0.1 | |
| freetype | freetype | 2.0.2 | |
| freetype | freetype | 2.0.3 | |
| freetype | freetype | 2.0.4 | |
| freetype | freetype | 2.0.5 | |
| freetype | freetype | 2.0.6 | |
| freetype | freetype | 2.0.7 | |
| freetype | freetype | 2.0.8 | |
| freetype | freetype | 2.0.9 | |
| freetype | freetype | 2.1 | |
| freetype | freetype | 2.1.3 | |
| freetype | freetype | 2.1.4 | |
| freetype | freetype | 2.1.5 | |
| freetype | freetype | 2.1.6 | |
| freetype | freetype | 2.1.7 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.9 | |
| freetype | freetype | 2.1.10 | |
| freetype | freetype | 2.2.0 | |
| freetype | freetype | 2.2.1 | |
| freetype | freetype | 2.3.0 | |
| freetype | freetype | 2.3.1 | |
| freetype | freetype | 2.3.2 | |
| freetype | freetype | 2.3.3 | |
| freetype | freetype | 2.3.4 | |
| freetype | freetype | 2.3.5 | |
| freetype | freetype | 2.3.6 | |
| freetype | freetype | 2.3.7 | |
| freetype | freetype | 2.3.8 | |
| freetype | freetype | 2.3.9 | |
| freetype | freetype | 2.3.10 | |
| freetype | freetype | 2.3.11 | |
| freetype | freetype | 2.3.12 | |
| freetype | freetype | 2.4.0 | |
| freetype | freetype | 2.4.1 | |
| freetype | freetype | 2.4.2 | |
| freetype | freetype | 2.4.3 | |
| freetype | freetype | 2.4.4 | |
| freetype | freetype | 2.4.5 | |
| freetype | freetype | 2.4.6 | |
| freetype | freetype | 2.4.7 | |
| mozilla | firefox_mobile | * | |
| mozilla | firefox_mobile | 1.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 5.0 | |
| mozilla | firefox_mobile | 6.0 | |
| mozilla | firefox_mobile | 6.0.1 | |
| mozilla | firefox_mobile | 6.0.2 | |
| mozilla | firefox_mobile | 7.0 | |
| mozilla | firefox_mobile | 8.0 | |
| mozilla | firefox_mobile | 9.0 | |
| mozilla | firefox_mobile | 10.0 | |
| mozilla | firefox_mobile | 10.0.1 | |
| mozilla | firefox_mobile | 10.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AE5852E-FBD0-4F23-82C0-4E8FBDDF558B",
"versionEndIncluding": "2.4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "888C3BB8-510B-4FBE-BA5D-0D488583C7DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B67236B-7DEF-40AE-BC6F-12CB39329C4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7EEC5D17-9141-4CA5-9D4C-76C15BAE4FBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F1019F69-8E42-43C9-926C-B948659666F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AA678E5E-9380-4D31-973F-018349F7F346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5E06AD6E-8B77-4E57-AA07-507CD1F809F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB69925-10FB-4DFD-8764-B6640B88FCEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B126D1A0-6B54-4C56-8CEC-B395D54A5C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "98D0D1A3-886D-4EE3-AC1A-3B36D192E8B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DB0B0E33-0D7D-45E9-ADFD-20C6DCB5ED64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "28CA4C7D-D70A-44CF-8E3D-F2612CCA0799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4E76672-7216-443E-BBD8-120DA96F7E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "369D87D8-E4A7-4EC4-B508-2940EE174F95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "288FDB59-7FE4-4351-8822-554ADF07C79A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B681257A-F8D8-46D5-995D-BC44F54DD5C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "56E0DEB6-4414-49AB-88E9-988CE5D8EF67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "56A90D08-2CAF-422F-8587-7D88EC7632A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9B944FEB-F69D-4F6C-9485-26F95A5874B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9B9B1DE-89F6-463D-A3F4-6366D5D30077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F73474B9-6853-4C5C-9CB9-5F4D3080D1C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5283E910-D512-481C-804E-8717A83B24CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A28C0F7A-F1F3-4F3B-81B9-228DA8FCCCD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7252819-BA8A-4BD1-BAAA-179A8777C994",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11575E3C-2BEA-4264-AE41-4A962BD17035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D333A965-EAD2-40DB-8FBE-C4C7DF44C35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA37666-D2E6-47EF-BFFE-A9449D6A72CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B49505-C973-4673-A9BC-34ACA25059D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8ECCA-58F2-4A05-8DF2-79C09A5FB275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8697D11D-BBDF-4722-85F7-5144A5D26E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "50E3EDA8-04D1-4DF1-80BB-72C6003E8F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AB06CA25-BB25-43B8-9FC2-62C399CC52EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6AF7414E-33A7-40E2-AEF0-1AE9D7D1B077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC0BD12-E065-4CC9-8AEE-E4C34A58EC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "214DC64B-BA35-486B-AE30-F2D9381E4D26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B7CDE19A-473A-4BC5-AA7B-3D08FEEEE82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8401A8-A328-49F6-BAE8-337F5F36C906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3FBF5BAA-8027-478F-BE06-3D3F4F823C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31358B5D-4087-4207-9730-297BA47DAA83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3A73E016-A4B0-416D-B9B6-786A787DAD3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0588BCE1-059B-4602-B274-E9D268720B55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D19BE9CC-6B1C-4AC8-9740-2ABDF40C4FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F3E33C-95E0-4EEF-8E26-F7044D8C3892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0871F88D-3D36-4EAA-B2B4-39D844FF8874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B3396203-9BDF-4E7D-85CC-0B6AA7DC55C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C25B56F0-B244-4D64-BC8F-341214080A90",
"versionEndIncluding": "10.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B00C6411-5566-4060-B68B-8F1674B9E280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C4A1A-E3C7-40DD-AF51-AFFA0D904722",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "B6A0EDF9-2260-439F-9CF0-A66CBE35ACF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "6E55723B-B7B8-4EBF-8767-55988D26E82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "761B33B6-4FFD-4E6C-92B4-2186F8D195C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8E4E272B-27F1-41CE-8B60-B1C098105A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "907FA1DF-E3D3-4E46-B353-753E70C292CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "97DE5B71-865A-4DB0-A31A-1CA75A5AB7AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B64C7CE2-6BA7-4294-80CF-3AE25EE9529B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "640595E6-3E39-4112-887E-174C86D18630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E26E8D7-334C-4260-A8EE-82DF067CC081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "643623BB-29E4-4138-AFC6-252368FC9495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CEA838D-5FE6-47A7-8367-F040FF01B681",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF547E94-BEC4-4D32-A2AF-AFEBFE11782A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB1307C-64E4-4EC2-BB07-012107CA5DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "91C9D50D-9450-489C-8336-4332F8FD6806",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted ASCII string in a BDF font."
},
{
"lang": "es",
"value": "FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegaci\u00f3n de servicio (operaci\u00f3n no v\u00e1lida de escritura y corrupci\u00f3n de memoria) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s una cadena ASCII modificada en una fuente BDF."
}
],
"id": "CVE-2012-1141",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-04-25T10:10:18.650",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800602"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800602"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-04-25 10:10
Modified
2025-04-11 00:51
Severity ?
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted header in a BDF font.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| secalert@redhat.com | http://secunia.com/advisories/48508 | ||
| secalert@redhat.com | http://secunia.com/advisories/48758 | ||
| secalert@redhat.com | http://secunia.com/advisories/48797 | ||
| secalert@redhat.com | http://secunia.com/advisories/48822 | ||
| secalert@redhat.com | http://secunia.com/advisories/48951 | ||
| secalert@redhat.com | http://secunia.com/advisories/48973 | ||
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| secalert@redhat.com | http://support.apple.com/kb/HT5503 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| secalert@redhat.com | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/52318 | ||
| secalert@redhat.com | http://www.securitytracker.com/id?1026765 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1403-1 | ||
| secalert@redhat.com | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=800595 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48508 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48758 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48797 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48822 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48951 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48973 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT5503 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/52318 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1026765 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1403-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=800595 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| freetype | freetype | 1.3.1 | |
| freetype | freetype | 2.0.0 | |
| freetype | freetype | 2.0.1 | |
| freetype | freetype | 2.0.2 | |
| freetype | freetype | 2.0.3 | |
| freetype | freetype | 2.0.4 | |
| freetype | freetype | 2.0.5 | |
| freetype | freetype | 2.0.6 | |
| freetype | freetype | 2.0.7 | |
| freetype | freetype | 2.0.8 | |
| freetype | freetype | 2.0.9 | |
| freetype | freetype | 2.1 | |
| freetype | freetype | 2.1.3 | |
| freetype | freetype | 2.1.4 | |
| freetype | freetype | 2.1.5 | |
| freetype | freetype | 2.1.6 | |
| freetype | freetype | 2.1.7 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.9 | |
| freetype | freetype | 2.1.10 | |
| freetype | freetype | 2.2.0 | |
| freetype | freetype | 2.2.1 | |
| freetype | freetype | 2.3.0 | |
| freetype | freetype | 2.3.1 | |
| freetype | freetype | 2.3.2 | |
| freetype | freetype | 2.3.3 | |
| freetype | freetype | 2.3.4 | |
| freetype | freetype | 2.3.5 | |
| freetype | freetype | 2.3.6 | |
| freetype | freetype | 2.3.7 | |
| freetype | freetype | 2.3.8 | |
| freetype | freetype | 2.3.9 | |
| freetype | freetype | 2.3.10 | |
| freetype | freetype | 2.3.11 | |
| freetype | freetype | 2.3.12 | |
| freetype | freetype | 2.4.0 | |
| freetype | freetype | 2.4.1 | |
| freetype | freetype | 2.4.2 | |
| freetype | freetype | 2.4.3 | |
| freetype | freetype | 2.4.4 | |
| freetype | freetype | 2.4.5 | |
| freetype | freetype | 2.4.6 | |
| freetype | freetype | 2.4.7 | |
| mozilla | firefox_mobile | * | |
| mozilla | firefox_mobile | 1.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 5.0 | |
| mozilla | firefox_mobile | 6.0 | |
| mozilla | firefox_mobile | 6.0.1 | |
| mozilla | firefox_mobile | 6.0.2 | |
| mozilla | firefox_mobile | 7.0 | |
| mozilla | firefox_mobile | 8.0 | |
| mozilla | firefox_mobile | 9.0 | |
| mozilla | firefox_mobile | 10.0 | |
| mozilla | firefox_mobile | 10.0.1 | |
| mozilla | firefox_mobile | 10.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AE5852E-FBD0-4F23-82C0-4E8FBDDF558B",
"versionEndIncluding": "2.4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "888C3BB8-510B-4FBE-BA5D-0D488583C7DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B67236B-7DEF-40AE-BC6F-12CB39329C4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7EEC5D17-9141-4CA5-9D4C-76C15BAE4FBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F1019F69-8E42-43C9-926C-B948659666F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AA678E5E-9380-4D31-973F-018349F7F346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5E06AD6E-8B77-4E57-AA07-507CD1F809F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB69925-10FB-4DFD-8764-B6640B88FCEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B126D1A0-6B54-4C56-8CEC-B395D54A5C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "98D0D1A3-886D-4EE3-AC1A-3B36D192E8B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DB0B0E33-0D7D-45E9-ADFD-20C6DCB5ED64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "28CA4C7D-D70A-44CF-8E3D-F2612CCA0799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4E76672-7216-443E-BBD8-120DA96F7E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "369D87D8-E4A7-4EC4-B508-2940EE174F95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "288FDB59-7FE4-4351-8822-554ADF07C79A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B681257A-F8D8-46D5-995D-BC44F54DD5C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "56E0DEB6-4414-49AB-88E9-988CE5D8EF67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "56A90D08-2CAF-422F-8587-7D88EC7632A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9B944FEB-F69D-4F6C-9485-26F95A5874B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9B9B1DE-89F6-463D-A3F4-6366D5D30077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F73474B9-6853-4C5C-9CB9-5F4D3080D1C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5283E910-D512-481C-804E-8717A83B24CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A28C0F7A-F1F3-4F3B-81B9-228DA8FCCCD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7252819-BA8A-4BD1-BAAA-179A8777C994",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11575E3C-2BEA-4264-AE41-4A962BD17035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D333A965-EAD2-40DB-8FBE-C4C7DF44C35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA37666-D2E6-47EF-BFFE-A9449D6A72CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B49505-C973-4673-A9BC-34ACA25059D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8ECCA-58F2-4A05-8DF2-79C09A5FB275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8697D11D-BBDF-4722-85F7-5144A5D26E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "50E3EDA8-04D1-4DF1-80BB-72C6003E8F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AB06CA25-BB25-43B8-9FC2-62C399CC52EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6AF7414E-33A7-40E2-AEF0-1AE9D7D1B077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC0BD12-E065-4CC9-8AEE-E4C34A58EC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "214DC64B-BA35-486B-AE30-F2D9381E4D26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B7CDE19A-473A-4BC5-AA7B-3D08FEEEE82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8401A8-A328-49F6-BAE8-337F5F36C906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3FBF5BAA-8027-478F-BE06-3D3F4F823C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31358B5D-4087-4207-9730-297BA47DAA83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3A73E016-A4B0-416D-B9B6-786A787DAD3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0588BCE1-059B-4602-B274-E9D268720B55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D19BE9CC-6B1C-4AC8-9740-2ABDF40C4FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F3E33C-95E0-4EEF-8E26-F7044D8C3892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0871F88D-3D36-4EAA-B2B4-39D844FF8874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B3396203-9BDF-4E7D-85CC-0B6AA7DC55C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C25B56F0-B244-4D64-BC8F-341214080A90",
"versionEndIncluding": "10.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B00C6411-5566-4060-B68B-8F1674B9E280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C4A1A-E3C7-40DD-AF51-AFFA0D904722",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "B6A0EDF9-2260-439F-9CF0-A66CBE35ACF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "6E55723B-B7B8-4EBF-8767-55988D26E82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "761B33B6-4FFD-4E6C-92B4-2186F8D195C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8E4E272B-27F1-41CE-8B60-B1C098105A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "907FA1DF-E3D3-4E46-B353-753E70C292CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "97DE5B71-865A-4DB0-A31A-1CA75A5AB7AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B64C7CE2-6BA7-4294-80CF-3AE25EE9529B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "640595E6-3E39-4112-887E-174C86D18630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E26E8D7-334C-4260-A8EE-82DF067CC081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "643623BB-29E4-4138-AFC6-252368FC9495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CEA838D-5FE6-47A7-8367-F040FF01B681",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF547E94-BEC4-4D32-A2AF-AFEBFE11782A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB1307C-64E4-4EC2-BB07-012107CA5DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "91C9D50D-9450-489C-8336-4332F8FD6806",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted header in a BDF font."
},
{
"lang": "es",
"value": "FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegaci\u00f3n de servicio (operaci\u00f3n no v\u00e1lida de escritura y corrupci\u00f3n de memoria) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de una cabecera modificada en una fuente BDF."
}
],
"id": "CVE-2012-1137",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-04-25T10:10:18.480",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800595"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800595"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-04-25 10:10
Modified
2025-04-11 00:51
Severity ?
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors involving the MIRP instruction in a TrueType font.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| secalert@redhat.com | http://secunia.com/advisories/48508 | ||
| secalert@redhat.com | http://secunia.com/advisories/48797 | ||
| secalert@redhat.com | http://secunia.com/advisories/48822 | ||
| secalert@redhat.com | http://secunia.com/advisories/48918 | ||
| secalert@redhat.com | http://secunia.com/advisories/48951 | ||
| secalert@redhat.com | http://secunia.com/advisories/48973 | ||
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| secalert@redhat.com | http://support.apple.com/kb/HT5503 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| secalert@redhat.com | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/52318 | ||
| secalert@redhat.com | http://www.securitytracker.com/id?1026765 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1403-1 | ||
| secalert@redhat.com | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=800597 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48508 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48797 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48822 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48918 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48951 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48973 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT5503 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/52318 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1026765 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1403-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=800597 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| freetype | freetype | 1.3.1 | |
| freetype | freetype | 2.0.0 | |
| freetype | freetype | 2.0.1 | |
| freetype | freetype | 2.0.2 | |
| freetype | freetype | 2.0.3 | |
| freetype | freetype | 2.0.4 | |
| freetype | freetype | 2.0.5 | |
| freetype | freetype | 2.0.6 | |
| freetype | freetype | 2.0.7 | |
| freetype | freetype | 2.0.8 | |
| freetype | freetype | 2.0.9 | |
| freetype | freetype | 2.1 | |
| freetype | freetype | 2.1.3 | |
| freetype | freetype | 2.1.4 | |
| freetype | freetype | 2.1.5 | |
| freetype | freetype | 2.1.6 | |
| freetype | freetype | 2.1.7 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.9 | |
| freetype | freetype | 2.1.10 | |
| freetype | freetype | 2.2.0 | |
| freetype | freetype | 2.2.1 | |
| freetype | freetype | 2.3.0 | |
| freetype | freetype | 2.3.1 | |
| freetype | freetype | 2.3.2 | |
| freetype | freetype | 2.3.3 | |
| freetype | freetype | 2.3.4 | |
| freetype | freetype | 2.3.5 | |
| freetype | freetype | 2.3.6 | |
| freetype | freetype | 2.3.7 | |
| freetype | freetype | 2.3.8 | |
| freetype | freetype | 2.3.9 | |
| freetype | freetype | 2.3.10 | |
| freetype | freetype | 2.3.11 | |
| freetype | freetype | 2.3.12 | |
| freetype | freetype | 2.4.0 | |
| freetype | freetype | 2.4.1 | |
| freetype | freetype | 2.4.2 | |
| freetype | freetype | 2.4.3 | |
| freetype | freetype | 2.4.4 | |
| freetype | freetype | 2.4.5 | |
| freetype | freetype | 2.4.6 | |
| freetype | freetype | 2.4.7 | |
| mozilla | firefox_mobile | * | |
| mozilla | firefox_mobile | 1.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 5.0 | |
| mozilla | firefox_mobile | 6.0 | |
| mozilla | firefox_mobile | 6.0.1 | |
| mozilla | firefox_mobile | 6.0.2 | |
| mozilla | firefox_mobile | 7.0 | |
| mozilla | firefox_mobile | 8.0 | |
| mozilla | firefox_mobile | 9.0 | |
| mozilla | firefox_mobile | 10.0 | |
| mozilla | firefox_mobile | 10.0.1 | |
| mozilla | firefox_mobile | 10.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AE5852E-FBD0-4F23-82C0-4E8FBDDF558B",
"versionEndIncluding": "2.4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "888C3BB8-510B-4FBE-BA5D-0D488583C7DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B67236B-7DEF-40AE-BC6F-12CB39329C4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7EEC5D17-9141-4CA5-9D4C-76C15BAE4FBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F1019F69-8E42-43C9-926C-B948659666F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AA678E5E-9380-4D31-973F-018349F7F346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5E06AD6E-8B77-4E57-AA07-507CD1F809F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB69925-10FB-4DFD-8764-B6640B88FCEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B126D1A0-6B54-4C56-8CEC-B395D54A5C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "98D0D1A3-886D-4EE3-AC1A-3B36D192E8B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DB0B0E33-0D7D-45E9-ADFD-20C6DCB5ED64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "28CA4C7D-D70A-44CF-8E3D-F2612CCA0799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4E76672-7216-443E-BBD8-120DA96F7E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "369D87D8-E4A7-4EC4-B508-2940EE174F95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "288FDB59-7FE4-4351-8822-554ADF07C79A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B681257A-F8D8-46D5-995D-BC44F54DD5C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "56E0DEB6-4414-49AB-88E9-988CE5D8EF67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "56A90D08-2CAF-422F-8587-7D88EC7632A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9B944FEB-F69D-4F6C-9485-26F95A5874B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9B9B1DE-89F6-463D-A3F4-6366D5D30077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F73474B9-6853-4C5C-9CB9-5F4D3080D1C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5283E910-D512-481C-804E-8717A83B24CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A28C0F7A-F1F3-4F3B-81B9-228DA8FCCCD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7252819-BA8A-4BD1-BAAA-179A8777C994",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11575E3C-2BEA-4264-AE41-4A962BD17035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D333A965-EAD2-40DB-8FBE-C4C7DF44C35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA37666-D2E6-47EF-BFFE-A9449D6A72CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B49505-C973-4673-A9BC-34ACA25059D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8ECCA-58F2-4A05-8DF2-79C09A5FB275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8697D11D-BBDF-4722-85F7-5144A5D26E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "50E3EDA8-04D1-4DF1-80BB-72C6003E8F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AB06CA25-BB25-43B8-9FC2-62C399CC52EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6AF7414E-33A7-40E2-AEF0-1AE9D7D1B077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC0BD12-E065-4CC9-8AEE-E4C34A58EC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "214DC64B-BA35-486B-AE30-F2D9381E4D26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B7CDE19A-473A-4BC5-AA7B-3D08FEEEE82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8401A8-A328-49F6-BAE8-337F5F36C906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3FBF5BAA-8027-478F-BE06-3D3F4F823C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31358B5D-4087-4207-9730-297BA47DAA83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3A73E016-A4B0-416D-B9B6-786A787DAD3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0588BCE1-059B-4602-B274-E9D268720B55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D19BE9CC-6B1C-4AC8-9740-2ABDF40C4FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F3E33C-95E0-4EEF-8E26-F7044D8C3892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0871F88D-3D36-4EAA-B2B4-39D844FF8874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B3396203-9BDF-4E7D-85CC-0B6AA7DC55C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C25B56F0-B244-4D64-BC8F-341214080A90",
"versionEndIncluding": "10.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B00C6411-5566-4060-B68B-8F1674B9E280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C4A1A-E3C7-40DD-AF51-AFFA0D904722",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "B6A0EDF9-2260-439F-9CF0-A66CBE35ACF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "6E55723B-B7B8-4EBF-8767-55988D26E82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "761B33B6-4FFD-4E6C-92B4-2186F8D195C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8E4E272B-27F1-41CE-8B60-B1C098105A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "907FA1DF-E3D3-4E46-B353-753E70C292CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "97DE5B71-865A-4DB0-A31A-1CA75A5AB7AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B64C7CE2-6BA7-4294-80CF-3AE25EE9529B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "640595E6-3E39-4112-887E-174C86D18630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E26E8D7-334C-4260-A8EE-82DF067CC081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "643623BB-29E4-4138-AFC6-252368FC9495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CEA838D-5FE6-47A7-8367-F040FF01B681",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF547E94-BEC4-4D32-A2AF-AFEBFE11782A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB1307C-64E4-4EC2-BB07-012107CA5DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "91C9D50D-9450-489C-8336-4332F8FD6806",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors involving the MIRP instruction in a TrueType font."
},
{
"lang": "es",
"value": "FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegaci\u00f3n de servicio (operaci\u00f3n no v\u00e1lida de escritura y corrupci\u00f3n de memoria) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores que implican una instrucci\u00f3n MIRP en una fuente TrueType."
}
],
"id": "CVE-2012-1138",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-04-25T10:10:18.527",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800597"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800597"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-04-25 10:10
Modified
2025-04-11 00:51
Severity ?
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, on 64-bit platforms allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors related to the cell table of a font.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| secalert@redhat.com | http://secunia.com/advisories/48508 | ||
| secalert@redhat.com | http://secunia.com/advisories/48758 | ||
| secalert@redhat.com | http://secunia.com/advisories/48797 | ||
| secalert@redhat.com | http://secunia.com/advisories/48822 | ||
| secalert@redhat.com | http://secunia.com/advisories/48918 | ||
| secalert@redhat.com | http://secunia.com/advisories/48951 | ||
| secalert@redhat.com | http://secunia.com/advisories/48973 | ||
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| secalert@redhat.com | http://support.apple.com/kb/HT5503 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| secalert@redhat.com | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/52318 | ||
| secalert@redhat.com | http://www.securitytracker.com/id?1026765 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1403-1 | ||
| secalert@redhat.com | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=800589 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48508 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48758 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48797 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48822 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48918 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48951 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48973 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT5503 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/52318 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1026765 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1403-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=800589 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| freetype | freetype | 1.3.1 | |
| freetype | freetype | 2.0.0 | |
| freetype | freetype | 2.0.1 | |
| freetype | freetype | 2.0.2 | |
| freetype | freetype | 2.0.3 | |
| freetype | freetype | 2.0.4 | |
| freetype | freetype | 2.0.5 | |
| freetype | freetype | 2.0.6 | |
| freetype | freetype | 2.0.7 | |
| freetype | freetype | 2.0.8 | |
| freetype | freetype | 2.0.9 | |
| freetype | freetype | 2.1 | |
| freetype | freetype | 2.1.3 | |
| freetype | freetype | 2.1.4 | |
| freetype | freetype | 2.1.5 | |
| freetype | freetype | 2.1.6 | |
| freetype | freetype | 2.1.7 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.9 | |
| freetype | freetype | 2.1.10 | |
| freetype | freetype | 2.2.0 | |
| freetype | freetype | 2.2.1 | |
| freetype | freetype | 2.3.0 | |
| freetype | freetype | 2.3.1 | |
| freetype | freetype | 2.3.2 | |
| freetype | freetype | 2.3.3 | |
| freetype | freetype | 2.3.4 | |
| freetype | freetype | 2.3.5 | |
| freetype | freetype | 2.3.6 | |
| freetype | freetype | 2.3.7 | |
| freetype | freetype | 2.3.8 | |
| freetype | freetype | 2.3.9 | |
| freetype | freetype | 2.3.10 | |
| freetype | freetype | 2.3.11 | |
| freetype | freetype | 2.3.12 | |
| freetype | freetype | 2.4.0 | |
| freetype | freetype | 2.4.1 | |
| freetype | freetype | 2.4.2 | |
| freetype | freetype | 2.4.3 | |
| freetype | freetype | 2.4.4 | |
| freetype | freetype | 2.4.5 | |
| freetype | freetype | 2.4.6 | |
| freetype | freetype | 2.4.7 | |
| mozilla | firefox_mobile | * | |
| mozilla | firefox_mobile | 1.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 5.0 | |
| mozilla | firefox_mobile | 6.0 | |
| mozilla | firefox_mobile | 6.0.1 | |
| mozilla | firefox_mobile | 6.0.2 | |
| mozilla | firefox_mobile | 7.0 | |
| mozilla | firefox_mobile | 8.0 | |
| mozilla | firefox_mobile | 9.0 | |
| mozilla | firefox_mobile | 10.0 | |
| mozilla | firefox_mobile | 10.0.1 | |
| mozilla | firefox_mobile | 10.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AE5852E-FBD0-4F23-82C0-4E8FBDDF558B",
"versionEndIncluding": "2.4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "888C3BB8-510B-4FBE-BA5D-0D488583C7DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B67236B-7DEF-40AE-BC6F-12CB39329C4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7EEC5D17-9141-4CA5-9D4C-76C15BAE4FBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F1019F69-8E42-43C9-926C-B948659666F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AA678E5E-9380-4D31-973F-018349F7F346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5E06AD6E-8B77-4E57-AA07-507CD1F809F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB69925-10FB-4DFD-8764-B6640B88FCEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B126D1A0-6B54-4C56-8CEC-B395D54A5C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "98D0D1A3-886D-4EE3-AC1A-3B36D192E8B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DB0B0E33-0D7D-45E9-ADFD-20C6DCB5ED64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "28CA4C7D-D70A-44CF-8E3D-F2612CCA0799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4E76672-7216-443E-BBD8-120DA96F7E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "369D87D8-E4A7-4EC4-B508-2940EE174F95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "288FDB59-7FE4-4351-8822-554ADF07C79A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B681257A-F8D8-46D5-995D-BC44F54DD5C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "56E0DEB6-4414-49AB-88E9-988CE5D8EF67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "56A90D08-2CAF-422F-8587-7D88EC7632A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9B944FEB-F69D-4F6C-9485-26F95A5874B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9B9B1DE-89F6-463D-A3F4-6366D5D30077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F73474B9-6853-4C5C-9CB9-5F4D3080D1C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5283E910-D512-481C-804E-8717A83B24CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A28C0F7A-F1F3-4F3B-81B9-228DA8FCCCD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7252819-BA8A-4BD1-BAAA-179A8777C994",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11575E3C-2BEA-4264-AE41-4A962BD17035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D333A965-EAD2-40DB-8FBE-C4C7DF44C35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA37666-D2E6-47EF-BFFE-A9449D6A72CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B49505-C973-4673-A9BC-34ACA25059D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8ECCA-58F2-4A05-8DF2-79C09A5FB275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8697D11D-BBDF-4722-85F7-5144A5D26E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "50E3EDA8-04D1-4DF1-80BB-72C6003E8F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AB06CA25-BB25-43B8-9FC2-62C399CC52EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6AF7414E-33A7-40E2-AEF0-1AE9D7D1B077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC0BD12-E065-4CC9-8AEE-E4C34A58EC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "214DC64B-BA35-486B-AE30-F2D9381E4D26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B7CDE19A-473A-4BC5-AA7B-3D08FEEEE82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8401A8-A328-49F6-BAE8-337F5F36C906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3FBF5BAA-8027-478F-BE06-3D3F4F823C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31358B5D-4087-4207-9730-297BA47DAA83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3A73E016-A4B0-416D-B9B6-786A787DAD3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0588BCE1-059B-4602-B274-E9D268720B55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D19BE9CC-6B1C-4AC8-9740-2ABDF40C4FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F3E33C-95E0-4EEF-8E26-F7044D8C3892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0871F88D-3D36-4EAA-B2B4-39D844FF8874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B3396203-9BDF-4E7D-85CC-0B6AA7DC55C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C25B56F0-B244-4D64-BC8F-341214080A90",
"versionEndIncluding": "10.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B00C6411-5566-4060-B68B-8F1674B9E280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C4A1A-E3C7-40DD-AF51-AFFA0D904722",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "B6A0EDF9-2260-439F-9CF0-A66CBE35ACF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "6E55723B-B7B8-4EBF-8767-55988D26E82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "761B33B6-4FFD-4E6C-92B4-2186F8D195C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8E4E272B-27F1-41CE-8B60-B1C098105A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "907FA1DF-E3D3-4E46-B353-753E70C292CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "97DE5B71-865A-4DB0-A31A-1CA75A5AB7AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B64C7CE2-6BA7-4294-80CF-3AE25EE9529B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "640595E6-3E39-4112-887E-174C86D18630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E26E8D7-334C-4260-A8EE-82DF067CC081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "643623BB-29E4-4138-AFC6-252368FC9495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CEA838D-5FE6-47A7-8367-F040FF01B681",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF547E94-BEC4-4D32-A2AF-AFEBFE11782A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB1307C-64E4-4EC2-BB07-012107CA5DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "91C9D50D-9450-489C-8336-4332F8FD6806",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, on 64-bit platforms allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors related to the cell table of a font."
},
{
"lang": "es",
"value": "FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, en plataformas de 64 bits, permite a atacantes remotos causar una denegaci\u00f3n de servicio (operaci\u00f3n no v\u00e1lida de escritura y corrupci\u00f3n de memoria) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores relacionados con la celda de una tabla de una fuente."
}
],
"id": "CVE-2012-1131",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-04-25T10:10:18.183",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800589"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800589"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-04-25 10:10
Modified
2025-04-11 00:51
Severity ?
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| secalert@redhat.com | http://secunia.com/advisories/48300 | ||
| secalert@redhat.com | http://secunia.com/advisories/48508 | ||
| secalert@redhat.com | http://secunia.com/advisories/48797 | ||
| secalert@redhat.com | http://secunia.com/advisories/48822 | ||
| secalert@redhat.com | http://secunia.com/advisories/48918 | ||
| secalert@redhat.com | http://secunia.com/advisories/48951 | ||
| secalert@redhat.com | http://secunia.com/advisories/48973 | ||
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| secalert@redhat.com | http://support.apple.com/kb/HT5503 | ||
| secalert@redhat.com | http://www.debian.org/security/2012/dsa-2428 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| secalert@redhat.com | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/52318 | ||
| secalert@redhat.com | http://www.securitytracker.com/id?1026765 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1403-1 | ||
| secalert@redhat.com | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=800591 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48300 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48508 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48797 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48822 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48918 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48951 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48973 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT5503 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2012/dsa-2428 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/52318 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1026765 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1403-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=800591 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| freetype | freetype | 1.3.1 | |
| freetype | freetype | 2.0.0 | |
| freetype | freetype | 2.0.1 | |
| freetype | freetype | 2.0.2 | |
| freetype | freetype | 2.0.3 | |
| freetype | freetype | 2.0.4 | |
| freetype | freetype | 2.0.5 | |
| freetype | freetype | 2.0.6 | |
| freetype | freetype | 2.0.7 | |
| freetype | freetype | 2.0.8 | |
| freetype | freetype | 2.0.9 | |
| freetype | freetype | 2.1 | |
| freetype | freetype | 2.1.3 | |
| freetype | freetype | 2.1.4 | |
| freetype | freetype | 2.1.5 | |
| freetype | freetype | 2.1.6 | |
| freetype | freetype | 2.1.7 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.9 | |
| freetype | freetype | 2.1.10 | |
| freetype | freetype | 2.2.0 | |
| freetype | freetype | 2.2.1 | |
| freetype | freetype | 2.3.0 | |
| freetype | freetype | 2.3.1 | |
| freetype | freetype | 2.3.2 | |
| freetype | freetype | 2.3.3 | |
| freetype | freetype | 2.3.4 | |
| freetype | freetype | 2.3.5 | |
| freetype | freetype | 2.3.6 | |
| freetype | freetype | 2.3.7 | |
| freetype | freetype | 2.3.8 | |
| freetype | freetype | 2.3.9 | |
| freetype | freetype | 2.3.10 | |
| freetype | freetype | 2.3.11 | |
| freetype | freetype | 2.3.12 | |
| freetype | freetype | 2.4.0 | |
| freetype | freetype | 2.4.1 | |
| freetype | freetype | 2.4.2 | |
| freetype | freetype | 2.4.3 | |
| freetype | freetype | 2.4.4 | |
| freetype | freetype | 2.4.5 | |
| freetype | freetype | 2.4.6 | |
| freetype | freetype | 2.4.7 | |
| mozilla | firefox_mobile | * | |
| mozilla | firefox_mobile | 1.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 5.0 | |
| mozilla | firefox_mobile | 6.0 | |
| mozilla | firefox_mobile | 6.0.1 | |
| mozilla | firefox_mobile | 6.0.2 | |
| mozilla | firefox_mobile | 7.0 | |
| mozilla | firefox_mobile | 8.0 | |
| mozilla | firefox_mobile | 9.0 | |
| mozilla | firefox_mobile | 10.0 | |
| mozilla | firefox_mobile | 10.0.1 | |
| mozilla | firefox_mobile | 10.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AE5852E-FBD0-4F23-82C0-4E8FBDDF558B",
"versionEndIncluding": "2.4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "888C3BB8-510B-4FBE-BA5D-0D488583C7DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B67236B-7DEF-40AE-BC6F-12CB39329C4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7EEC5D17-9141-4CA5-9D4C-76C15BAE4FBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F1019F69-8E42-43C9-926C-B948659666F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AA678E5E-9380-4D31-973F-018349F7F346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5E06AD6E-8B77-4E57-AA07-507CD1F809F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB69925-10FB-4DFD-8764-B6640B88FCEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B126D1A0-6B54-4C56-8CEC-B395D54A5C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "98D0D1A3-886D-4EE3-AC1A-3B36D192E8B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DB0B0E33-0D7D-45E9-ADFD-20C6DCB5ED64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "28CA4C7D-D70A-44CF-8E3D-F2612CCA0799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4E76672-7216-443E-BBD8-120DA96F7E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "369D87D8-E4A7-4EC4-B508-2940EE174F95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "288FDB59-7FE4-4351-8822-554ADF07C79A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B681257A-F8D8-46D5-995D-BC44F54DD5C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "56E0DEB6-4414-49AB-88E9-988CE5D8EF67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "56A90D08-2CAF-422F-8587-7D88EC7632A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9B944FEB-F69D-4F6C-9485-26F95A5874B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9B9B1DE-89F6-463D-A3F4-6366D5D30077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F73474B9-6853-4C5C-9CB9-5F4D3080D1C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5283E910-D512-481C-804E-8717A83B24CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A28C0F7A-F1F3-4F3B-81B9-228DA8FCCCD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7252819-BA8A-4BD1-BAAA-179A8777C994",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11575E3C-2BEA-4264-AE41-4A962BD17035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D333A965-EAD2-40DB-8FBE-C4C7DF44C35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA37666-D2E6-47EF-BFFE-A9449D6A72CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B49505-C973-4673-A9BC-34ACA25059D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8ECCA-58F2-4A05-8DF2-79C09A5FB275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8697D11D-BBDF-4722-85F7-5144A5D26E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "50E3EDA8-04D1-4DF1-80BB-72C6003E8F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AB06CA25-BB25-43B8-9FC2-62C399CC52EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6AF7414E-33A7-40E2-AEF0-1AE9D7D1B077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC0BD12-E065-4CC9-8AEE-E4C34A58EC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "214DC64B-BA35-486B-AE30-F2D9381E4D26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B7CDE19A-473A-4BC5-AA7B-3D08FEEEE82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8401A8-A328-49F6-BAE8-337F5F36C906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3FBF5BAA-8027-478F-BE06-3D3F4F823C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31358B5D-4087-4207-9730-297BA47DAA83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3A73E016-A4B0-416D-B9B6-786A787DAD3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0588BCE1-059B-4602-B274-E9D268720B55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D19BE9CC-6B1C-4AC8-9740-2ABDF40C4FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F3E33C-95E0-4EEF-8E26-F7044D8C3892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0871F88D-3D36-4EAA-B2B4-39D844FF8874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B3396203-9BDF-4E7D-85CC-0B6AA7DC55C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C25B56F0-B244-4D64-BC8F-341214080A90",
"versionEndIncluding": "10.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B00C6411-5566-4060-B68B-8F1674B9E280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C4A1A-E3C7-40DD-AF51-AFFA0D904722",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "B6A0EDF9-2260-439F-9CF0-A66CBE35ACF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "6E55723B-B7B8-4EBF-8767-55988D26E82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "761B33B6-4FFD-4E6C-92B4-2186F8D195C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8E4E272B-27F1-41CE-8B60-B1C098105A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "907FA1DF-E3D3-4E46-B353-753E70C292CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "97DE5B71-865A-4DB0-A31A-1CA75A5AB7AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B64C7CE2-6BA7-4294-80CF-3AE25EE9529B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "640595E6-3E39-4112-887E-174C86D18630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E26E8D7-334C-4260-A8EE-82DF067CC081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "643623BB-29E4-4138-AFC6-252368FC9495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CEA838D-5FE6-47A7-8367-F040FF01B681",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF547E94-BEC4-4D32-A2AF-AFEBFE11782A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB1307C-64E4-4EC2-BB07-012107CA5DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "91C9D50D-9450-489C-8336-4332F8FD6806",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font."
},
{
"lang": "es",
"value": "FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegaci\u00f3n de servicio (operaci\u00f3n no v\u00e1lida de escritura y corrupci\u00f3n de memoria) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de de un glifo o datos del mapa de imagen modificados en una fuente BDF."
}
],
"id": "CVE-2012-1133",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-04-25T10:10:18.260",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48300"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2012/dsa-2428"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800591"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48300"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2012/dsa-2428"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800591"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-04-25 10:10
Modified
2025-04-11 00:51
Severity ?
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted dictionary data in a Type 1 font.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| secalert@redhat.com | http://secunia.com/advisories/48508 | ||
| secalert@redhat.com | http://secunia.com/advisories/48758 | ||
| secalert@redhat.com | http://secunia.com/advisories/48797 | ||
| secalert@redhat.com | http://secunia.com/advisories/48822 | ||
| secalert@redhat.com | http://secunia.com/advisories/48918 | ||
| secalert@redhat.com | http://secunia.com/advisories/48951 | ||
| secalert@redhat.com | http://secunia.com/advisories/48973 | ||
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| secalert@redhat.com | http://support.apple.com/kb/HT5503 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| secalert@redhat.com | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/52318 | ||
| secalert@redhat.com | http://www.securitytracker.com/id?1026765 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1403-1 | ||
| secalert@redhat.com | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=800590 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48508 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48758 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48797 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48822 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48918 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48951 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48973 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT5503 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/52318 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1026765 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1403-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=800590 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| freetype | freetype | 1.3.1 | |
| freetype | freetype | 2.0.0 | |
| freetype | freetype | 2.0.1 | |
| freetype | freetype | 2.0.2 | |
| freetype | freetype | 2.0.3 | |
| freetype | freetype | 2.0.4 | |
| freetype | freetype | 2.0.5 | |
| freetype | freetype | 2.0.6 | |
| freetype | freetype | 2.0.7 | |
| freetype | freetype | 2.0.8 | |
| freetype | freetype | 2.0.9 | |
| freetype | freetype | 2.1 | |
| freetype | freetype | 2.1.3 | |
| freetype | freetype | 2.1.4 | |
| freetype | freetype | 2.1.5 | |
| freetype | freetype | 2.1.6 | |
| freetype | freetype | 2.1.7 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.9 | |
| freetype | freetype | 2.1.10 | |
| freetype | freetype | 2.2.0 | |
| freetype | freetype | 2.2.1 | |
| freetype | freetype | 2.3.0 | |
| freetype | freetype | 2.3.1 | |
| freetype | freetype | 2.3.2 | |
| freetype | freetype | 2.3.3 | |
| freetype | freetype | 2.3.4 | |
| freetype | freetype | 2.3.5 | |
| freetype | freetype | 2.3.6 | |
| freetype | freetype | 2.3.7 | |
| freetype | freetype | 2.3.8 | |
| freetype | freetype | 2.3.9 | |
| freetype | freetype | 2.3.10 | |
| freetype | freetype | 2.3.11 | |
| freetype | freetype | 2.3.12 | |
| freetype | freetype | 2.4.0 | |
| freetype | freetype | 2.4.1 | |
| freetype | freetype | 2.4.2 | |
| freetype | freetype | 2.4.3 | |
| freetype | freetype | 2.4.4 | |
| freetype | freetype | 2.4.5 | |
| freetype | freetype | 2.4.6 | |
| freetype | freetype | 2.4.7 | |
| mozilla | firefox_mobile | * | |
| mozilla | firefox_mobile | 1.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 5.0 | |
| mozilla | firefox_mobile | 6.0 | |
| mozilla | firefox_mobile | 6.0.1 | |
| mozilla | firefox_mobile | 6.0.2 | |
| mozilla | firefox_mobile | 7.0 | |
| mozilla | firefox_mobile | 8.0 | |
| mozilla | firefox_mobile | 9.0 | |
| mozilla | firefox_mobile | 10.0 | |
| mozilla | firefox_mobile | 10.0.1 | |
| mozilla | firefox_mobile | 10.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AE5852E-FBD0-4F23-82C0-4E8FBDDF558B",
"versionEndIncluding": "2.4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "888C3BB8-510B-4FBE-BA5D-0D488583C7DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B67236B-7DEF-40AE-BC6F-12CB39329C4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7EEC5D17-9141-4CA5-9D4C-76C15BAE4FBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F1019F69-8E42-43C9-926C-B948659666F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AA678E5E-9380-4D31-973F-018349F7F346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5E06AD6E-8B77-4E57-AA07-507CD1F809F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB69925-10FB-4DFD-8764-B6640B88FCEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B126D1A0-6B54-4C56-8CEC-B395D54A5C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "98D0D1A3-886D-4EE3-AC1A-3B36D192E8B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DB0B0E33-0D7D-45E9-ADFD-20C6DCB5ED64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "28CA4C7D-D70A-44CF-8E3D-F2612CCA0799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4E76672-7216-443E-BBD8-120DA96F7E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "369D87D8-E4A7-4EC4-B508-2940EE174F95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "288FDB59-7FE4-4351-8822-554ADF07C79A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B681257A-F8D8-46D5-995D-BC44F54DD5C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "56E0DEB6-4414-49AB-88E9-988CE5D8EF67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "56A90D08-2CAF-422F-8587-7D88EC7632A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9B944FEB-F69D-4F6C-9485-26F95A5874B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9B9B1DE-89F6-463D-A3F4-6366D5D30077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F73474B9-6853-4C5C-9CB9-5F4D3080D1C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5283E910-D512-481C-804E-8717A83B24CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A28C0F7A-F1F3-4F3B-81B9-228DA8FCCCD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7252819-BA8A-4BD1-BAAA-179A8777C994",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11575E3C-2BEA-4264-AE41-4A962BD17035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D333A965-EAD2-40DB-8FBE-C4C7DF44C35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA37666-D2E6-47EF-BFFE-A9449D6A72CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B49505-C973-4673-A9BC-34ACA25059D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8ECCA-58F2-4A05-8DF2-79C09A5FB275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8697D11D-BBDF-4722-85F7-5144A5D26E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "50E3EDA8-04D1-4DF1-80BB-72C6003E8F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AB06CA25-BB25-43B8-9FC2-62C399CC52EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6AF7414E-33A7-40E2-AEF0-1AE9D7D1B077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC0BD12-E065-4CC9-8AEE-E4C34A58EC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "214DC64B-BA35-486B-AE30-F2D9381E4D26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B7CDE19A-473A-4BC5-AA7B-3D08FEEEE82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8401A8-A328-49F6-BAE8-337F5F36C906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3FBF5BAA-8027-478F-BE06-3D3F4F823C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31358B5D-4087-4207-9730-297BA47DAA83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3A73E016-A4B0-416D-B9B6-786A787DAD3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0588BCE1-059B-4602-B274-E9D268720B55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D19BE9CC-6B1C-4AC8-9740-2ABDF40C4FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F3E33C-95E0-4EEF-8E26-F7044D8C3892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0871F88D-3D36-4EAA-B2B4-39D844FF8874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B3396203-9BDF-4E7D-85CC-0B6AA7DC55C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C25B56F0-B244-4D64-BC8F-341214080A90",
"versionEndIncluding": "10.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B00C6411-5566-4060-B68B-8F1674B9E280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C4A1A-E3C7-40DD-AF51-AFFA0D904722",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "B6A0EDF9-2260-439F-9CF0-A66CBE35ACF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "6E55723B-B7B8-4EBF-8767-55988D26E82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "761B33B6-4FFD-4E6C-92B4-2186F8D195C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8E4E272B-27F1-41CE-8B60-B1C098105A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "907FA1DF-E3D3-4E46-B353-753E70C292CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "97DE5B71-865A-4DB0-A31A-1CA75A5AB7AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B64C7CE2-6BA7-4294-80CF-3AE25EE9529B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "640595E6-3E39-4112-887E-174C86D18630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E26E8D7-334C-4260-A8EE-82DF067CC081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "643623BB-29E4-4138-AFC6-252368FC9495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CEA838D-5FE6-47A7-8367-F040FF01B681",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF547E94-BEC4-4D32-A2AF-AFEBFE11782A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB1307C-64E4-4EC2-BB07-012107CA5DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "91C9D50D-9450-489C-8336-4332F8FD6806",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted dictionary data in a Type 1 font."
},
{
"lang": "es",
"value": "FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegaci\u00f3n de servicio (operaci\u00f3n no v\u00e1lida de escritura y corrupci\u00f3n de memoria) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de datos modificados del diccionario en una fuente Type 1."
}
],
"id": "CVE-2012-1132",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-04-25T10:10:18.213",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800590"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800590"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-04-25 10:10
Modified
2025-04-11 00:51
Severity ?
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted PostScript font object.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| secalert@redhat.com | http://secunia.com/advisories/48508 | ||
| secalert@redhat.com | http://secunia.com/advisories/48758 | ||
| secalert@redhat.com | http://secunia.com/advisories/48822 | ||
| secalert@redhat.com | http://secunia.com/advisories/48973 | ||
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| secalert@redhat.com | http://support.apple.com/kb/HT5503 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| secalert@redhat.com | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/52318 | ||
| secalert@redhat.com | http://www.securitytracker.com/id?1026765 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1403-1 | ||
| secalert@redhat.com | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=800600 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48508 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48758 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48822 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48973 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT5503 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/52318 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1026765 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1403-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=800600 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| freetype | freetype | 1.3.1 | |
| freetype | freetype | 2.0.0 | |
| freetype | freetype | 2.0.1 | |
| freetype | freetype | 2.0.2 | |
| freetype | freetype | 2.0.3 | |
| freetype | freetype | 2.0.4 | |
| freetype | freetype | 2.0.5 | |
| freetype | freetype | 2.0.6 | |
| freetype | freetype | 2.0.7 | |
| freetype | freetype | 2.0.8 | |
| freetype | freetype | 2.0.9 | |
| freetype | freetype | 2.1 | |
| freetype | freetype | 2.1.3 | |
| freetype | freetype | 2.1.4 | |
| freetype | freetype | 2.1.5 | |
| freetype | freetype | 2.1.6 | |
| freetype | freetype | 2.1.7 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.9 | |
| freetype | freetype | 2.1.10 | |
| freetype | freetype | 2.2.0 | |
| freetype | freetype | 2.2.1 | |
| freetype | freetype | 2.3.0 | |
| freetype | freetype | 2.3.1 | |
| freetype | freetype | 2.3.2 | |
| freetype | freetype | 2.3.3 | |
| freetype | freetype | 2.3.4 | |
| freetype | freetype | 2.3.5 | |
| freetype | freetype | 2.3.6 | |
| freetype | freetype | 2.3.7 | |
| freetype | freetype | 2.3.8 | |
| freetype | freetype | 2.3.9 | |
| freetype | freetype | 2.3.10 | |
| freetype | freetype | 2.3.11 | |
| freetype | freetype | 2.3.12 | |
| freetype | freetype | 2.4.0 | |
| freetype | freetype | 2.4.1 | |
| freetype | freetype | 2.4.2 | |
| freetype | freetype | 2.4.3 | |
| freetype | freetype | 2.4.4 | |
| freetype | freetype | 2.4.5 | |
| freetype | freetype | 2.4.6 | |
| freetype | freetype | 2.4.7 | |
| mozilla | firefox_mobile | * | |
| mozilla | firefox_mobile | 1.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 5.0 | |
| mozilla | firefox_mobile | 6.0 | |
| mozilla | firefox_mobile | 6.0.1 | |
| mozilla | firefox_mobile | 6.0.2 | |
| mozilla | firefox_mobile | 7.0 | |
| mozilla | firefox_mobile | 8.0 | |
| mozilla | firefox_mobile | 9.0 | |
| mozilla | firefox_mobile | 10.0 | |
| mozilla | firefox_mobile | 10.0.1 | |
| mozilla | firefox_mobile | 10.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AE5852E-FBD0-4F23-82C0-4E8FBDDF558B",
"versionEndIncluding": "2.4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "888C3BB8-510B-4FBE-BA5D-0D488583C7DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B67236B-7DEF-40AE-BC6F-12CB39329C4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7EEC5D17-9141-4CA5-9D4C-76C15BAE4FBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F1019F69-8E42-43C9-926C-B948659666F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AA678E5E-9380-4D31-973F-018349F7F346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5E06AD6E-8B77-4E57-AA07-507CD1F809F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB69925-10FB-4DFD-8764-B6640B88FCEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B126D1A0-6B54-4C56-8CEC-B395D54A5C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "98D0D1A3-886D-4EE3-AC1A-3B36D192E8B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DB0B0E33-0D7D-45E9-ADFD-20C6DCB5ED64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "28CA4C7D-D70A-44CF-8E3D-F2612CCA0799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4E76672-7216-443E-BBD8-120DA96F7E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "369D87D8-E4A7-4EC4-B508-2940EE174F95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "288FDB59-7FE4-4351-8822-554ADF07C79A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B681257A-F8D8-46D5-995D-BC44F54DD5C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "56E0DEB6-4414-49AB-88E9-988CE5D8EF67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "56A90D08-2CAF-422F-8587-7D88EC7632A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9B944FEB-F69D-4F6C-9485-26F95A5874B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9B9B1DE-89F6-463D-A3F4-6366D5D30077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F73474B9-6853-4C5C-9CB9-5F4D3080D1C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5283E910-D512-481C-804E-8717A83B24CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A28C0F7A-F1F3-4F3B-81B9-228DA8FCCCD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7252819-BA8A-4BD1-BAAA-179A8777C994",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11575E3C-2BEA-4264-AE41-4A962BD17035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D333A965-EAD2-40DB-8FBE-C4C7DF44C35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA37666-D2E6-47EF-BFFE-A9449D6A72CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B49505-C973-4673-A9BC-34ACA25059D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8ECCA-58F2-4A05-8DF2-79C09A5FB275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8697D11D-BBDF-4722-85F7-5144A5D26E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "50E3EDA8-04D1-4DF1-80BB-72C6003E8F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AB06CA25-BB25-43B8-9FC2-62C399CC52EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6AF7414E-33A7-40E2-AEF0-1AE9D7D1B077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC0BD12-E065-4CC9-8AEE-E4C34A58EC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "214DC64B-BA35-486B-AE30-F2D9381E4D26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B7CDE19A-473A-4BC5-AA7B-3D08FEEEE82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8401A8-A328-49F6-BAE8-337F5F36C906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3FBF5BAA-8027-478F-BE06-3D3F4F823C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31358B5D-4087-4207-9730-297BA47DAA83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3A73E016-A4B0-416D-B9B6-786A787DAD3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0588BCE1-059B-4602-B274-E9D268720B55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D19BE9CC-6B1C-4AC8-9740-2ABDF40C4FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F3E33C-95E0-4EEF-8E26-F7044D8C3892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0871F88D-3D36-4EAA-B2B4-39D844FF8874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B3396203-9BDF-4E7D-85CC-0B6AA7DC55C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C25B56F0-B244-4D64-BC8F-341214080A90",
"versionEndIncluding": "10.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B00C6411-5566-4060-B68B-8F1674B9E280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C4A1A-E3C7-40DD-AF51-AFFA0D904722",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "B6A0EDF9-2260-439F-9CF0-A66CBE35ACF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "6E55723B-B7B8-4EBF-8767-55988D26E82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "761B33B6-4FFD-4E6C-92B4-2186F8D195C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8E4E272B-27F1-41CE-8B60-B1C098105A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "907FA1DF-E3D3-4E46-B353-753E70C292CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "97DE5B71-865A-4DB0-A31A-1CA75A5AB7AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B64C7CE2-6BA7-4294-80CF-3AE25EE9529B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "640595E6-3E39-4112-887E-174C86D18630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E26E8D7-334C-4260-A8EE-82DF067CC081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "643623BB-29E4-4138-AFC6-252368FC9495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CEA838D-5FE6-47A7-8367-F040FF01B681",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF547E94-BEC4-4D32-A2AF-AFEBFE11782A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB1307C-64E4-4EC2-BB07-012107CA5DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "91C9D50D-9450-489C-8336-4332F8FD6806",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted PostScript font object."
},
{
"lang": "es",
"value": "FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegaci\u00f3n de servicio (operaci\u00f3n no v\u00e1lida de escritura y corrupci\u00f3n de memoria) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de un objeto de fuente PostScript modificado."
}
],
"id": "CVE-2012-1140",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-04-25T10:10:18.607",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800600"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800600"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-04-25 10:10
Modified
2025-04-11 00:51
Severity ?
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| secalert@redhat.com | http://secunia.com/advisories/48508 | ||
| secalert@redhat.com | http://secunia.com/advisories/48758 | ||
| secalert@redhat.com | http://secunia.com/advisories/48797 | ||
| secalert@redhat.com | http://secunia.com/advisories/48822 | ||
| secalert@redhat.com | http://secunia.com/advisories/48918 | ||
| secalert@redhat.com | http://secunia.com/advisories/48951 | ||
| secalert@redhat.com | http://secunia.com/advisories/48973 | ||
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| secalert@redhat.com | http://support.apple.com/kb/HT5503 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| secalert@redhat.com | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/52318 | ||
| secalert@redhat.com | http://www.securitytracker.com/id?1026765 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1403-1 | ||
| secalert@redhat.com | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=800583 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48508 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48758 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48797 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48822 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48918 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48951 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48973 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT5503 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/52318 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1026765 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1403-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=800583 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| freetype | freetype | 1.3.1 | |
| freetype | freetype | 2.0.0 | |
| freetype | freetype | 2.0.1 | |
| freetype | freetype | 2.0.2 | |
| freetype | freetype | 2.0.3 | |
| freetype | freetype | 2.0.4 | |
| freetype | freetype | 2.0.5 | |
| freetype | freetype | 2.0.6 | |
| freetype | freetype | 2.0.7 | |
| freetype | freetype | 2.0.8 | |
| freetype | freetype | 2.0.9 | |
| freetype | freetype | 2.1 | |
| freetype | freetype | 2.1.3 | |
| freetype | freetype | 2.1.4 | |
| freetype | freetype | 2.1.5 | |
| freetype | freetype | 2.1.6 | |
| freetype | freetype | 2.1.7 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.9 | |
| freetype | freetype | 2.1.10 | |
| freetype | freetype | 2.2.0 | |
| freetype | freetype | 2.2.1 | |
| freetype | freetype | 2.3.0 | |
| freetype | freetype | 2.3.1 | |
| freetype | freetype | 2.3.2 | |
| freetype | freetype | 2.3.3 | |
| freetype | freetype | 2.3.4 | |
| freetype | freetype | 2.3.5 | |
| freetype | freetype | 2.3.6 | |
| freetype | freetype | 2.3.7 | |
| freetype | freetype | 2.3.8 | |
| freetype | freetype | 2.3.9 | |
| freetype | freetype | 2.3.10 | |
| freetype | freetype | 2.3.11 | |
| freetype | freetype | 2.3.12 | |
| freetype | freetype | 2.4.0 | |
| freetype | freetype | 2.4.1 | |
| freetype | freetype | 2.4.2 | |
| freetype | freetype | 2.4.3 | |
| freetype | freetype | 2.4.4 | |
| freetype | freetype | 2.4.5 | |
| freetype | freetype | 2.4.6 | |
| freetype | freetype | 2.4.7 | |
| mozilla | firefox_mobile | * | |
| mozilla | firefox_mobile | 1.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 5.0 | |
| mozilla | firefox_mobile | 6.0 | |
| mozilla | firefox_mobile | 6.0.1 | |
| mozilla | firefox_mobile | 6.0.2 | |
| mozilla | firefox_mobile | 7.0 | |
| mozilla | firefox_mobile | 8.0 | |
| mozilla | firefox_mobile | 9.0 | |
| mozilla | firefox_mobile | 10.0 | |
| mozilla | firefox_mobile | 10.0.1 | |
| mozilla | firefox_mobile | 10.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AE5852E-FBD0-4F23-82C0-4E8FBDDF558B",
"versionEndIncluding": "2.4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "888C3BB8-510B-4FBE-BA5D-0D488583C7DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B67236B-7DEF-40AE-BC6F-12CB39329C4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7EEC5D17-9141-4CA5-9D4C-76C15BAE4FBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F1019F69-8E42-43C9-926C-B948659666F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AA678E5E-9380-4D31-973F-018349F7F346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5E06AD6E-8B77-4E57-AA07-507CD1F809F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB69925-10FB-4DFD-8764-B6640B88FCEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B126D1A0-6B54-4C56-8CEC-B395D54A5C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "98D0D1A3-886D-4EE3-AC1A-3B36D192E8B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DB0B0E33-0D7D-45E9-ADFD-20C6DCB5ED64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "28CA4C7D-D70A-44CF-8E3D-F2612CCA0799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4E76672-7216-443E-BBD8-120DA96F7E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "369D87D8-E4A7-4EC4-B508-2940EE174F95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "288FDB59-7FE4-4351-8822-554ADF07C79A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B681257A-F8D8-46D5-995D-BC44F54DD5C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "56E0DEB6-4414-49AB-88E9-988CE5D8EF67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "56A90D08-2CAF-422F-8587-7D88EC7632A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9B944FEB-F69D-4F6C-9485-26F95A5874B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9B9B1DE-89F6-463D-A3F4-6366D5D30077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F73474B9-6853-4C5C-9CB9-5F4D3080D1C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5283E910-D512-481C-804E-8717A83B24CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A28C0F7A-F1F3-4F3B-81B9-228DA8FCCCD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7252819-BA8A-4BD1-BAAA-179A8777C994",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11575E3C-2BEA-4264-AE41-4A962BD17035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D333A965-EAD2-40DB-8FBE-C4C7DF44C35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA37666-D2E6-47EF-BFFE-A9449D6A72CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B49505-C973-4673-A9BC-34ACA25059D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8ECCA-58F2-4A05-8DF2-79C09A5FB275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8697D11D-BBDF-4722-85F7-5144A5D26E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "50E3EDA8-04D1-4DF1-80BB-72C6003E8F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AB06CA25-BB25-43B8-9FC2-62C399CC52EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6AF7414E-33A7-40E2-AEF0-1AE9D7D1B077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC0BD12-E065-4CC9-8AEE-E4C34A58EC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "214DC64B-BA35-486B-AE30-F2D9381E4D26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B7CDE19A-473A-4BC5-AA7B-3D08FEEEE82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8401A8-A328-49F6-BAE8-337F5F36C906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3FBF5BAA-8027-478F-BE06-3D3F4F823C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31358B5D-4087-4207-9730-297BA47DAA83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3A73E016-A4B0-416D-B9B6-786A787DAD3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0588BCE1-059B-4602-B274-E9D268720B55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D19BE9CC-6B1C-4AC8-9740-2ABDF40C4FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F3E33C-95E0-4EEF-8E26-F7044D8C3892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0871F88D-3D36-4EAA-B2B4-39D844FF8874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B3396203-9BDF-4E7D-85CC-0B6AA7DC55C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C25B56F0-B244-4D64-BC8F-341214080A90",
"versionEndIncluding": "10.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B00C6411-5566-4060-B68B-8F1674B9E280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C4A1A-E3C7-40DD-AF51-AFFA0D904722",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "B6A0EDF9-2260-439F-9CF0-A66CBE35ACF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "6E55723B-B7B8-4EBF-8767-55988D26E82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "761B33B6-4FFD-4E6C-92B4-2186F8D195C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8E4E272B-27F1-41CE-8B60-B1C098105A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "907FA1DF-E3D3-4E46-B353-753E70C292CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "97DE5B71-865A-4DB0-A31A-1CA75A5AB7AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B64C7CE2-6BA7-4294-80CF-3AE25EE9529B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "640595E6-3E39-4112-887E-174C86D18630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E26E8D7-334C-4260-A8EE-82DF067CC081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "643623BB-29E4-4138-AFC6-252368FC9495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CEA838D-5FE6-47A7-8367-F040FF01B681",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF547E94-BEC4-4D32-A2AF-AFEBFE11782A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB1307C-64E4-4EC2-BB07-012107CA5DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "91C9D50D-9450-489C-8336-4332F8FD6806",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font."
},
{
"lang": "es",
"value": "FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegaci\u00f3n de servicio (operaci\u00f3n no v\u00e1lida de lectura y corrupci\u00f3n de memoria) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de datos modificados del glifo o mapa de imagen en una fuente BDF."
}
],
"id": "CVE-2012-1127",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-04-25T10:10:17.997",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800583"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800583"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-04-25 10:10
Modified
2025-04-11 00:51
Severity ?
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted private-dictionary data in a Type 1 font.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| secalert@redhat.com | http://secunia.com/advisories/48300 | ||
| secalert@redhat.com | http://secunia.com/advisories/48508 | ||
| secalert@redhat.com | http://secunia.com/advisories/48758 | ||
| secalert@redhat.com | http://secunia.com/advisories/48797 | ||
| secalert@redhat.com | http://secunia.com/advisories/48822 | ||
| secalert@redhat.com | http://secunia.com/advisories/48918 | ||
| secalert@redhat.com | http://secunia.com/advisories/48951 | ||
| secalert@redhat.com | http://secunia.com/advisories/48973 | ||
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| secalert@redhat.com | http://support.apple.com/kb/HT5503 | ||
| secalert@redhat.com | http://www.debian.org/security/2012/dsa-2428 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| secalert@redhat.com | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/52318 | ||
| secalert@redhat.com | http://www.securitytracker.com/id?1026765 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1403-1 | ||
| secalert@redhat.com | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=800592 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48300 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48508 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48758 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48797 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48822 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48918 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48951 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48973 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT5503 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2012/dsa-2428 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/52318 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1026765 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1403-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=800592 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| freetype | freetype | 1.3.1 | |
| freetype | freetype | 2.0.0 | |
| freetype | freetype | 2.0.1 | |
| freetype | freetype | 2.0.2 | |
| freetype | freetype | 2.0.3 | |
| freetype | freetype | 2.0.4 | |
| freetype | freetype | 2.0.5 | |
| freetype | freetype | 2.0.6 | |
| freetype | freetype | 2.0.7 | |
| freetype | freetype | 2.0.8 | |
| freetype | freetype | 2.0.9 | |
| freetype | freetype | 2.1 | |
| freetype | freetype | 2.1.3 | |
| freetype | freetype | 2.1.4 | |
| freetype | freetype | 2.1.5 | |
| freetype | freetype | 2.1.6 | |
| freetype | freetype | 2.1.7 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.9 | |
| freetype | freetype | 2.1.10 | |
| freetype | freetype | 2.2.0 | |
| freetype | freetype | 2.2.1 | |
| freetype | freetype | 2.3.0 | |
| freetype | freetype | 2.3.1 | |
| freetype | freetype | 2.3.2 | |
| freetype | freetype | 2.3.3 | |
| freetype | freetype | 2.3.4 | |
| freetype | freetype | 2.3.5 | |
| freetype | freetype | 2.3.6 | |
| freetype | freetype | 2.3.7 | |
| freetype | freetype | 2.3.8 | |
| freetype | freetype | 2.3.9 | |
| freetype | freetype | 2.3.10 | |
| freetype | freetype | 2.3.11 | |
| freetype | freetype | 2.3.12 | |
| freetype | freetype | 2.4.0 | |
| freetype | freetype | 2.4.1 | |
| freetype | freetype | 2.4.2 | |
| freetype | freetype | 2.4.3 | |
| freetype | freetype | 2.4.4 | |
| freetype | freetype | 2.4.5 | |
| freetype | freetype | 2.4.6 | |
| freetype | freetype | 2.4.7 | |
| mozilla | firefox_mobile | * | |
| mozilla | firefox_mobile | 1.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 5.0 | |
| mozilla | firefox_mobile | 6.0 | |
| mozilla | firefox_mobile | 6.0.1 | |
| mozilla | firefox_mobile | 6.0.2 | |
| mozilla | firefox_mobile | 7.0 | |
| mozilla | firefox_mobile | 8.0 | |
| mozilla | firefox_mobile | 9.0 | |
| mozilla | firefox_mobile | 10.0 | |
| mozilla | firefox_mobile | 10.0.1 | |
| mozilla | firefox_mobile | 10.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AE5852E-FBD0-4F23-82C0-4E8FBDDF558B",
"versionEndIncluding": "2.4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "888C3BB8-510B-4FBE-BA5D-0D488583C7DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B67236B-7DEF-40AE-BC6F-12CB39329C4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7EEC5D17-9141-4CA5-9D4C-76C15BAE4FBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F1019F69-8E42-43C9-926C-B948659666F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AA678E5E-9380-4D31-973F-018349F7F346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5E06AD6E-8B77-4E57-AA07-507CD1F809F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB69925-10FB-4DFD-8764-B6640B88FCEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B126D1A0-6B54-4C56-8CEC-B395D54A5C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "98D0D1A3-886D-4EE3-AC1A-3B36D192E8B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DB0B0E33-0D7D-45E9-ADFD-20C6DCB5ED64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "28CA4C7D-D70A-44CF-8E3D-F2612CCA0799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4E76672-7216-443E-BBD8-120DA96F7E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "369D87D8-E4A7-4EC4-B508-2940EE174F95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "288FDB59-7FE4-4351-8822-554ADF07C79A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B681257A-F8D8-46D5-995D-BC44F54DD5C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "56E0DEB6-4414-49AB-88E9-988CE5D8EF67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "56A90D08-2CAF-422F-8587-7D88EC7632A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9B944FEB-F69D-4F6C-9485-26F95A5874B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9B9B1DE-89F6-463D-A3F4-6366D5D30077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F73474B9-6853-4C5C-9CB9-5F4D3080D1C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5283E910-D512-481C-804E-8717A83B24CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A28C0F7A-F1F3-4F3B-81B9-228DA8FCCCD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7252819-BA8A-4BD1-BAAA-179A8777C994",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11575E3C-2BEA-4264-AE41-4A962BD17035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D333A965-EAD2-40DB-8FBE-C4C7DF44C35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA37666-D2E6-47EF-BFFE-A9449D6A72CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B49505-C973-4673-A9BC-34ACA25059D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8ECCA-58F2-4A05-8DF2-79C09A5FB275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8697D11D-BBDF-4722-85F7-5144A5D26E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "50E3EDA8-04D1-4DF1-80BB-72C6003E8F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AB06CA25-BB25-43B8-9FC2-62C399CC52EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6AF7414E-33A7-40E2-AEF0-1AE9D7D1B077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC0BD12-E065-4CC9-8AEE-E4C34A58EC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "214DC64B-BA35-486B-AE30-F2D9381E4D26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B7CDE19A-473A-4BC5-AA7B-3D08FEEEE82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8401A8-A328-49F6-BAE8-337F5F36C906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3FBF5BAA-8027-478F-BE06-3D3F4F823C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31358B5D-4087-4207-9730-297BA47DAA83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3A73E016-A4B0-416D-B9B6-786A787DAD3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0588BCE1-059B-4602-B274-E9D268720B55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D19BE9CC-6B1C-4AC8-9740-2ABDF40C4FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F3E33C-95E0-4EEF-8E26-F7044D8C3892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0871F88D-3D36-4EAA-B2B4-39D844FF8874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B3396203-9BDF-4E7D-85CC-0B6AA7DC55C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C25B56F0-B244-4D64-BC8F-341214080A90",
"versionEndIncluding": "10.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B00C6411-5566-4060-B68B-8F1674B9E280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C4A1A-E3C7-40DD-AF51-AFFA0D904722",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "B6A0EDF9-2260-439F-9CF0-A66CBE35ACF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "6E55723B-B7B8-4EBF-8767-55988D26E82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "761B33B6-4FFD-4E6C-92B4-2186F8D195C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8E4E272B-27F1-41CE-8B60-B1C098105A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "907FA1DF-E3D3-4E46-B353-753E70C292CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "97DE5B71-865A-4DB0-A31A-1CA75A5AB7AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B64C7CE2-6BA7-4294-80CF-3AE25EE9529B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "640595E6-3E39-4112-887E-174C86D18630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E26E8D7-334C-4260-A8EE-82DF067CC081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "643623BB-29E4-4138-AFC6-252368FC9495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CEA838D-5FE6-47A7-8367-F040FF01B681",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF547E94-BEC4-4D32-A2AF-AFEBFE11782A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB1307C-64E4-4EC2-BB07-012107CA5DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "91C9D50D-9450-489C-8336-4332F8FD6806",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted private-dictionary data in a Type 1 font."
},
{
"lang": "es",
"value": "FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegaci\u00f3n de servicio (operaci\u00f3n no v\u00e1lida de escritura y corrupci\u00f3n de memoria) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de datos modificados del diccionario privado en una fuente Type 1."
}
],
"id": "CVE-2012-1134",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-04-25T10:10:18.307",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48300"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2012/dsa-2428"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800592"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48300"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2012/dsa-2428"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800592"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-04-25 10:10
Modified
2025-04-11 00:51
Severity ?
Summary
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font that lacks an ENCODING field.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| secalert@redhat.com | http://secunia.com/advisories/48300 | ||
| secalert@redhat.com | http://secunia.com/advisories/48508 | ||
| secalert@redhat.com | http://secunia.com/advisories/48758 | ||
| secalert@redhat.com | http://secunia.com/advisories/48797 | ||
| secalert@redhat.com | http://secunia.com/advisories/48822 | ||
| secalert@redhat.com | http://secunia.com/advisories/48918 | ||
| secalert@redhat.com | http://secunia.com/advisories/48951 | ||
| secalert@redhat.com | http://secunia.com/advisories/48973 | ||
| secalert@redhat.com | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| secalert@redhat.com | http://support.apple.com/kb/HT5503 | ||
| secalert@redhat.com | http://www.debian.org/security/2012/dsa-2428 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| secalert@redhat.com | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/52318 | ||
| secalert@redhat.com | http://www.securitytracker.com/id?1026765 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1403-1 | ||
| secalert@redhat.com | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=800594 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-0467.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48300 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48508 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48758 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48797 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48822 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48918 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48951 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48973 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-201204-04.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.apple.com/kb/HT5503 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2012/dsa-2428 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mozilla.org/security/announce/2012/mfsa2012-21.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2012/03/06/16 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/52318 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1026765 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1403-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.mozilla.org/show_bug.cgi?id=733512 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=800594 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freetype | freetype | * | |
| freetype | freetype | 1.3.1 | |
| freetype | freetype | 2.0.0 | |
| freetype | freetype | 2.0.1 | |
| freetype | freetype | 2.0.2 | |
| freetype | freetype | 2.0.3 | |
| freetype | freetype | 2.0.4 | |
| freetype | freetype | 2.0.5 | |
| freetype | freetype | 2.0.6 | |
| freetype | freetype | 2.0.7 | |
| freetype | freetype | 2.0.8 | |
| freetype | freetype | 2.0.9 | |
| freetype | freetype | 2.1 | |
| freetype | freetype | 2.1.3 | |
| freetype | freetype | 2.1.4 | |
| freetype | freetype | 2.1.5 | |
| freetype | freetype | 2.1.6 | |
| freetype | freetype | 2.1.7 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.8 | |
| freetype | freetype | 2.1.9 | |
| freetype | freetype | 2.1.10 | |
| freetype | freetype | 2.2.0 | |
| freetype | freetype | 2.2.1 | |
| freetype | freetype | 2.3.0 | |
| freetype | freetype | 2.3.1 | |
| freetype | freetype | 2.3.2 | |
| freetype | freetype | 2.3.3 | |
| freetype | freetype | 2.3.4 | |
| freetype | freetype | 2.3.5 | |
| freetype | freetype | 2.3.6 | |
| freetype | freetype | 2.3.7 | |
| freetype | freetype | 2.3.8 | |
| freetype | freetype | 2.3.9 | |
| freetype | freetype | 2.3.10 | |
| freetype | freetype | 2.3.11 | |
| freetype | freetype | 2.3.12 | |
| freetype | freetype | 2.4.0 | |
| freetype | freetype | 2.4.1 | |
| freetype | freetype | 2.4.2 | |
| freetype | freetype | 2.4.3 | |
| freetype | freetype | 2.4.4 | |
| freetype | freetype | 2.4.5 | |
| freetype | freetype | 2.4.6 | |
| freetype | freetype | 2.4.7 | |
| mozilla | firefox_mobile | * | |
| mozilla | firefox_mobile | 1.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 4.0 | |
| mozilla | firefox_mobile | 5.0 | |
| mozilla | firefox_mobile | 6.0 | |
| mozilla | firefox_mobile | 6.0.1 | |
| mozilla | firefox_mobile | 6.0.2 | |
| mozilla | firefox_mobile | 7.0 | |
| mozilla | firefox_mobile | 8.0 | |
| mozilla | firefox_mobile | 9.0 | |
| mozilla | firefox_mobile | 10.0 | |
| mozilla | firefox_mobile | 10.0.1 | |
| mozilla | firefox_mobile | 10.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AE5852E-FBD0-4F23-82C0-4E8FBDDF558B",
"versionEndIncluding": "2.4.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "888C3BB8-510B-4FBE-BA5D-0D488583C7DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B67236B-7DEF-40AE-BC6F-12CB39329C4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7EEC5D17-9141-4CA5-9D4C-76C15BAE4FBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F1019F69-8E42-43C9-926C-B948659666F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AA678E5E-9380-4D31-973F-018349F7F346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5E06AD6E-8B77-4E57-AA07-507CD1F809F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8DB69925-10FB-4DFD-8764-B6640B88FCEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B126D1A0-6B54-4C56-8CEC-B395D54A5C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "98D0D1A3-886D-4EE3-AC1A-3B36D192E8B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DB0B0E33-0D7D-45E9-ADFD-20C6DCB5ED64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "28CA4C7D-D70A-44CF-8E3D-F2612CCA0799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4E76672-7216-443E-BBD8-120DA96F7E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "369D87D8-E4A7-4EC4-B508-2940EE174F95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "288FDB59-7FE4-4351-8822-554ADF07C79A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B681257A-F8D8-46D5-995D-BC44F54DD5C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "56E0DEB6-4414-49AB-88E9-988CE5D8EF67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "56A90D08-2CAF-422F-8587-7D88EC7632A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9B944FEB-F69D-4F6C-9485-26F95A5874B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B9B9B1DE-89F6-463D-A3F4-6366D5D30077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F73474B9-6853-4C5C-9CB9-5F4D3080D1C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5283E910-D512-481C-804E-8717A83B24CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A28C0F7A-F1F3-4F3B-81B9-228DA8FCCCD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7252819-BA8A-4BD1-BAAA-179A8777C994",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11575E3C-2BEA-4264-AE41-4A962BD17035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D333A965-EAD2-40DB-8FBE-C4C7DF44C35C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA37666-D2E6-47EF-BFFE-A9449D6A72CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B49505-C973-4673-A9BC-34ACA25059D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E8ECCA-58F2-4A05-8DF2-79C09A5FB275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8697D11D-BBDF-4722-85F7-5144A5D26E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "50E3EDA8-04D1-4DF1-80BB-72C6003E8F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AB06CA25-BB25-43B8-9FC2-62C399CC52EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "6AF7414E-33A7-40E2-AEF0-1AE9D7D1B077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC0BD12-E065-4CC9-8AEE-E4C34A58EC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "214DC64B-BA35-486B-AE30-F2D9381E4D26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B7CDE19A-473A-4BC5-AA7B-3D08FEEEE82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8401A8-A328-49F6-BAE8-337F5F36C906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3FBF5BAA-8027-478F-BE06-3D3F4F823C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31358B5D-4087-4207-9730-297BA47DAA83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3A73E016-A4B0-416D-B9B6-786A787DAD3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0588BCE1-059B-4602-B274-E9D268720B55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D19BE9CC-6B1C-4AC8-9740-2ABDF40C4FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E6F3E33C-95E0-4EEF-8E26-F7044D8C3892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0871F88D-3D36-4EAA-B2B4-39D844FF8874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freetype:freetype:2.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B3396203-9BDF-4E7D-85CC-0B6AA7DC55C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C25B56F0-B244-4D64-BC8F-341214080A90",
"versionEndIncluding": "10.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B00C6411-5566-4060-B68B-8F1674B9E280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9C4A1A-E3C7-40DD-AF51-AFFA0D904722",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "B6A0EDF9-2260-439F-9CF0-A66CBE35ACF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "6E55723B-B7B8-4EBF-8767-55988D26E82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "761B33B6-4FFD-4E6C-92B4-2186F8D195C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8E4E272B-27F1-41CE-8B60-B1C098105A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "907FA1DF-E3D3-4E46-B353-753E70C292CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "97DE5B71-865A-4DB0-A31A-1CA75A5AB7AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B64C7CE2-6BA7-4294-80CF-3AE25EE9529B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "640595E6-3E39-4112-887E-174C86D18630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E26E8D7-334C-4260-A8EE-82DF067CC081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "643623BB-29E4-4138-AFC6-252368FC9495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CEA838D-5FE6-47A7-8367-F040FF01B681",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF547E94-BEC4-4D32-A2AF-AFEBFE11782A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB1307C-64E4-4EC2-BB07-012107CA5DA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:firefox_mobile:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "91C9D50D-9450-489C-8336-4332F8FD6806",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font that lacks an ENCODING field."
},
{
"lang": "es",
"value": "FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegaci\u00f3n de servicio (operaci\u00f3n no v\u00e1lida de escritura y corrupci\u00f3n de memoria) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s del glifo modificado o datos del mapa de bits en una fuente BDF que carece de campo ENCODING."
}
],
"id": "CVE-2012-1136",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-04-25T10:10:18.417",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48300"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2012/dsa-2428"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800594"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48300"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48758"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48797"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48822"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48918"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48951"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48973"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT5503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2012/dsa-2428"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1403-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800594"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}