CVE-2012-1136
published 2012-04-25CVE-2012-1136: FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap…
critical9.3CVSS 3.1
AVNACMAuNCCICAC
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font that lacks an ENCODING field.
Affected
62 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | freetype | < freetype 2.4.9-1 (bookworm) | freetype 2.4.9-1 (bookworm) |
| freetype | freetype | <= 2.4.8 | — |
| freetype | freetype | — | — |
| freetype | freetype | — | — |
| freetype | freetype | — | — |
| freetype | freetype | — | — |
| freetype | freetype | — | — |
| freetype | freetype | — | — |
| freetype | freetype | — | — |
| freetype | freetype | — | — |
| freetype | freetype | — | — |
| freetype | freetype | — | — |
| freetype | freetype | — | — |
| freetype | freetype | — | — |
| freetype | freetype | — | — |
| freetype | freetype | — | — |
| freetype | freetype | — | — |
| freetype | freetype | — | — |
| freetype | freetype | — | — |
| freetype | freetype | — | — |
| freetype | freetype | — | — |
| freetype | freetype | — | — |
| freetype | freetype | — | — |
| freetype | freetype | — | — |
| freetype | freetype | — | — |
CVSS provenance
nvd9.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
osv9.3CRITICAL