CVE-2012-1143

2012-03-0700:00:00

ubuntu.com

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.053 Low

EPSS

Percentile

93.1%

JSON

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and
other products, allows remote attackers to cause a denial of service
(divide-by-zero error) via a crafted font.

Bugs

Notes

Author	Note
tyhicks	Reproducer doesn’t trigger on hardy, but code is present

OSVersionArchitecturePackageVersionFilename
ubuntu8.04noarchfreetype< 2.3.5-1ubuntu4.8.04.9UNKNOWN
ubuntu10.04noarchfreetype< 2.3.11-1ubuntu2.6UNKNOWN
ubuntu10.10noarchfreetype< 2.4.2-2ubuntu0.4UNKNOWN
ubuntu11.04noarchfreetype< 2.4.4-1ubuntu2.3UNKNOWN
ubuntu11.10noarchfreetype< 2.4.4-2ubuntu1.2UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	8.04	noarch	freetype	< 2.3.5-1ubuntu4.8.04.9	UNKNOWN
ubuntu	10.04	noarch	freetype	< 2.3.11-1ubuntu2.6	UNKNOWN
ubuntu	10.10	noarch	freetype	< 2.4.2-2ubuntu0.4	UNKNOWN
ubuntu	11.04	noarch	freetype	< 2.4.4-1ubuntu2.3	UNKNOWN
ubuntu	11.10	noarch	freetype	< 2.4.4-2ubuntu1.2	UNKNOWN