22 matches found
CVE-2012-1134
FreeType before 2.4.9 (as used in Mozilla Firefox Mobile before 10.0.4 and other products) is vulnerable via crafted font data (Type 1, TrueType, BDF, etc.), enabling denial of service and possibly arbitrary code execution. Impact is described as invalid heap/write, memory corruption, or related ...
CVE-2012-1136
CVE-2012-1136 is listed in multiple advisories for FreeType before 2.4.9 used in Mozilla Firefox Mobile and other products. The vulnerability allows remote denial of service or potential code execution via crafted font data in BDF fonts lacking an ENCODING field, caused by an invalid heap write a...
CVE-2012-1144
CVE-2012-1144 affects FreeType before 2.4.9 and is among multiple font-related flaws in FreeType used by Mozilla Firefox Mobile and other products. It can cause denial of service via invalid heap write and memory corruption and may allow arbitrary code execution through crafted fonts (notably Tru...
CVE-2012-1141
CVE-2012-1141 affects FreeType before 2.4.9 (as used in Mozilla Firefox Mobile and other products). The underlying issue is an invalid heap read in BDF font handling, enabling a remote attacker to cause a denial of service or potentially execute arbitrary code via a crafted ASCII string in a BDF ...
CVE-2012-1126
CVE-2012-1126 (and related CVEs 1127, 1128, 1129, 1130, 1131, 1132, 1133, 1134, 1135, 1136, 1137, 1138, 1139, 1140, 1141, 1142, 1143, 1144) affect FreeType prior to 2.4.9. The issue arises when parsing various font formats (BDF, TrueType, Type 1, CFF/PD, etc.) used by FreeType in Firefox Mobile a...
CVE-2012-1132
The connected MiracleLinux security advisory AXSA:2012-513:02 fixes multiple FreeType CVEs, including CVE-2012-1132. MiracleLinux 4 lists freetype-2.3.11-6.AXS4.9 as affected; the advisory indicates a backported patch addresses the listed CVEs and notes the Remote host requires updated packages. ...
CVE-2012-1133
CVE-2012-1133 affects FreeType prior to 2.4.9 and is triggered when processing font data (e.g., BDF fonts) in Mozilla Firefox Mobile and other products. The issue can cause a denial of service via invalid heap write and memory corruption and may possibly lead to arbitrary code execution. Affected...
CVE-2012-1142
CVE-2012-1142 refers to FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products. The issue allows a remote attacker to cause a denial of service (invalid heap write operation and memory corruption) or potentially execute arbitrary code through crafted glyph-outli...
CVE-2012-1137
CVE-2012-1137 targets FreeType, specifically versions before 2.4.9 used by Mozilla Firefox Mobile and other products. The vulnerability arises from processing BDF fonts, where a crafted header can cause an invalid heap read and memory corruption, leading to denial of service and possibly remote c...
CVE-2012-1130
CVE-2012-1130 concerns the FreeType library: FreeType before 2.4.9 can be exploited via crafted PCF fonts to cause a remote denial of service or memory corruption, with potential code execution when used by Mozilla Firefox Mobile and other products. Connected documents reference multiple vendor a...
CVE-2012-1143
CVE-2012-1143 affects FreeType (FreeType before 2.4.9) as used by Firefox Mobile and other products. The issue is a divide-by-zero in font parsing when handling crafted fonts, enabling remote DoS. Exploitation details are not provided in the connected documents; remediation is to upgrade to a pat...
CVE-2012-1138
CVE-2012-1138 is a vulnerability in FreeType up to version 2.4.8 (prefix ‘before 2.4.9’) used in Mozilla Firefox Mobile and other products. The issue allows remote attackers to trigger denial of service (invalid heap read/memory corruption) or possibly execute arbitrary code via font data (MIRP i...
CVE-2012-3979
CVE-2012-3979 : The OpenVAS/Nessus entries indicate a vulnerability in Mozilla Firefox for Android where insecure use of __android_log_print can be triggered by a crafted web page using the dump() function, potentially allowing remote code execution. The issue is tied to Firefox for Android speci...
CVE-2012-1128
CVE-2012-1128 affects FreeType before 2.4.9 (as used in Mozilla Firefox Mobile before 10.0.4 and other products). The vulnerability allows remote attackers to trigger a denial of service (NULL pointer dereference and memory corruption) or possibly execute arbitrary code via a crafted TrueType fon...
CVE-2012-1131
CVE-2012-1131 is a FreeType vulnerability affecting 64-bit platforms where the cell-table handling in FreeType before 2.4.9 can trigger a denial of service or potential arbitrary code execution via crafted font data. It is referenced across multiple advisories (e.g., MiracleLinux, Oracle Solaris/...
CVE-2012-1140
CVE-2012-1140 : FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, can be exploited by a crafted PostScript font object to cause a denial of service (invalid heap read and memory corruption) or possibly execute arbitrary code. The vulnerability is rooted in...
CVE-2012-1135
CVE-2012-1135 is a vulnerability in FreeType prior to 2.4.9, affecting FreeType as used in Mozilla Firefox Mobile before 10.0.4. The issue allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors in a T...
CVE-2012-1127
CVE-2012-1127 affects the FreeType font engine (versions before 2.4.9 as used by Mozilla Firefox Mobile and other products). The issue allows remote attackers to cause a denial of service (invalid heap read or memory corruption) or possibly execute arbitrary code via crafted font data (glyphs/bit...
CVE-2012-1139
CVE-2012-1139 is a vulnerability in the FreeType library (before 2.4.9). The issue is an array index/stack read problem in FreeType used by Mozilla Firefox Mobile (and other products) that can cause a denial of service or potentially allow arbitrary code execution when processing BDF fonts. Conne...
CVE-2012-1129
FreeType 2.4.9 fixes are referenced in context of CVE-2012-1129. The vulnerability affects FreeType used in Mozilla Firefox Mobile before 10.0.4 and other products, where a crafted SFNT string in a Type 42 font can cause a denial of service (invalid heap read) and memory corruption, with potentia...
CVE-2026-53899
CVE-2026-53899 affects Firefox for iOS. The issue arises from partial domain matching when attaching cookies to PDF requests, enabling a malicious site on a suffix domain to receive cookies belonging to the target site. The root cause is tied to how cookies were matched during PDF handling, leadi...
CVE-2026-53900
CVE-2026-53900 concerns Firefox for iOS. The issue: cookies set on the initial PDF request were preserved across cross-origin HTTP redirects in TemporaryDocument, enabling a malicious site to inject cookies into requests to an unrelated target domain. The CVE has a base score of 4.3 (Medium) per ...