FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2012-1144

This CVE name corresponds to:

Entered Topic
2012-04-24 mozilla -- multiple vulnerabilities
2012-04-06 freetype -- multiple vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2012-1144 at cve.mitre.org

Details

Type Candidate
Name CVE-2012-1144
Phase Assigned(20120214)

Description

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via a crafted TrueType font.

References

Source Reference
MLIST [oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9
CONFIRM http://www.mozilla.org/security/announce/2012/mfsa2012-21.html
CONFIRM https://bugzilla.mozilla.org/show_bug.cgi?id=733512
CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=800607
CONFIRM http://support.apple.com/kb/HT5503
APPLE APPLE-SA-2012-09-19-1
DEBIAN DSA-2428
GENTOO GLSA-201204-04
REDHAT RHSA-2012:0467
SECUNIA 48758
SECUNIA 48822
SECUNIA 48973

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.