Lucene search

K
cveRedhatCVE-2012-1142
HistoryApr 25, 2012 - 10:10 a.m.

CVE-2012-1142

2012-04-2510:10:18
CWE-119
redhat
web.nvd.nist.gov
44
freetype
cve-2012-1142
denial of service
arbitrary code execution
memory corruption
font vulnerability
mozilla firefox mobile

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.8

Confidence

High

EPSS

0.063

Percentile

93.7%

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph-outline data in a font.

Affected configurations

Nvd
Node
freetypefreetypeRange2.4.8
OR
freetypefreetypeMatch1.3.1
OR
freetypefreetypeMatch2.0.0
OR
freetypefreetypeMatch2.0.1
OR
freetypefreetypeMatch2.0.2
OR
freetypefreetypeMatch2.0.3
OR
freetypefreetypeMatch2.0.4
OR
freetypefreetypeMatch2.0.5
OR
freetypefreetypeMatch2.0.6
OR
freetypefreetypeMatch2.0.7
OR
freetypefreetypeMatch2.0.8
OR
freetypefreetypeMatch2.0.9
OR
freetypefreetypeMatch2.1
OR
freetypefreetypeMatch2.1.3
OR
freetypefreetypeMatch2.1.4
OR
freetypefreetypeMatch2.1.5
OR
freetypefreetypeMatch2.1.6
OR
freetypefreetypeMatch2.1.7
OR
freetypefreetypeMatch2.1.8
OR
freetypefreetypeMatch2.1.8rc1
OR
freetypefreetypeMatch2.1.9
OR
freetypefreetypeMatch2.1.10
OR
freetypefreetypeMatch2.2.0
OR
freetypefreetypeMatch2.2.1
OR
freetypefreetypeMatch2.3.0
OR
freetypefreetypeMatch2.3.1
OR
freetypefreetypeMatch2.3.2
OR
freetypefreetypeMatch2.3.3
OR
freetypefreetypeMatch2.3.4
OR
freetypefreetypeMatch2.3.5
OR
freetypefreetypeMatch2.3.6
OR
freetypefreetypeMatch2.3.7
OR
freetypefreetypeMatch2.3.8
OR
freetypefreetypeMatch2.3.9
OR
freetypefreetypeMatch2.3.10
OR
freetypefreetypeMatch2.3.11
OR
freetypefreetypeMatch2.3.12
OR
freetypefreetypeMatch2.4.0
OR
freetypefreetypeMatch2.4.1
OR
freetypefreetypeMatch2.4.2
OR
freetypefreetypeMatch2.4.3
OR
freetypefreetypeMatch2.4.4
OR
freetypefreetypeMatch2.4.5
OR
freetypefreetypeMatch2.4.6
OR
freetypefreetypeMatch2.4.7
OR
mozillafirefox_mobileRange10.0.3
OR
mozillafirefox_mobileMatch1.0
OR
mozillafirefox_mobileMatch4.0
OR
mozillafirefox_mobileMatch4.0beta1
OR
mozillafirefox_mobileMatch4.0beta2
OR
mozillafirefox_mobileMatch4.0beta3
OR
mozillafirefox_mobileMatch4.0beta4
OR
mozillafirefox_mobileMatch5.0
OR
mozillafirefox_mobileMatch6.0
OR
mozillafirefox_mobileMatch6.0.1
OR
mozillafirefox_mobileMatch6.0.2
OR
mozillafirefox_mobileMatch7.0
OR
mozillafirefox_mobileMatch8.0
OR
mozillafirefox_mobileMatch9.0
OR
mozillafirefox_mobileMatch10.0
OR
mozillafirefox_mobileMatch10.0.1
OR
mozillafirefox_mobileMatch10.0.2
VendorProductVersionCPE
freetypefreetype*cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*
freetypefreetype1.3.1cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*
freetypefreetype2.0.0cpe:2.3:a:freetype:freetype:2.0.0:*:*:*:*:*:*:*
freetypefreetype2.0.1cpe:2.3:a:freetype:freetype:2.0.1:*:*:*:*:*:*:*
freetypefreetype2.0.2cpe:2.3:a:freetype:freetype:2.0.2:*:*:*:*:*:*:*
freetypefreetype2.0.3cpe:2.3:a:freetype:freetype:2.0.3:*:*:*:*:*:*:*
freetypefreetype2.0.4cpe:2.3:a:freetype:freetype:2.0.4:*:*:*:*:*:*:*
freetypefreetype2.0.5cpe:2.3:a:freetype:freetype:2.0.5:*:*:*:*:*:*:*
freetypefreetype2.0.6cpe:2.3:a:freetype:freetype:2.0.6:*:*:*:*:*:*:*
freetypefreetype2.0.7cpe:2.3:a:freetype:freetype:2.0.7:*:*:*:*:*:*:*
Rows per page:
1-10 of 621

References

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.8

Confidence

High

EPSS

0.063

Percentile

93.7%