Lucene search

K

PRIOn knowledge basePRION:CVE-2012-5670

HistoryJan 24, 2013 - 9:55 p.m.

Out-of-bounds

2013-01-2421:55:00

PRIOn knowledge base

www.prio-n.com

3

6.8 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.011 Low

EPSS

Percentile

84.5%

The _bdf_parse_glyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) via vectors related to BDF fonts and an ENCODING field with a negative value.

CPENameOperatorVersion
freetypeeq2.0.3
freetypeeq2.4.0
freetypeeq2.4.2
freetypeeq2.3.6
freetypeeq2.1.9
freetypeeq2.1.10
freetypeeq2.3.4
freetypeeq2.0.1
freetypeeq2.3.5
freetypeeq2.1

Rows per page:

1-10 of 471

References

git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=7f2e4f4f553f6836be7683f66226afac3fa979b8

lists.opensuse.org/opensuse-updates/2013-01/msg00056.html

lists.opensuse.org/opensuse-updates/2013-01/msg00078.html

secunia.com/advisories/51826

secunia.com/advisories/51900

www.freetype.org/

www.openwall.com/lists/oss-security/2012/12/25/2

www.securitytracker.com/id?1027921

www.slackware.com/security/viewer.php?l=slackware-security&y=2013&m=slackware-security.520186

www.ubuntu.com/usn/USN-1686-1

savannah.nongnu.org/bugs/?37907

6.8 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.011 Low

EPSS

Percentile

84.5%

Related for PRION:CVE-2012-5670

nvd1 cve1 debiancve1 ubuntucve1 cvelist1 securityvulns2 slackware1 debian1 nessus6 openvas4 gentoo1 ubuntu1