Page 11 of 65 results (0.006 seconds)

CVSS: 9.3EPSS: 6%CPEs: 62EXPL: 0

CVE-2012-1131 – freetype: incorrect type cast allowing input sanity check bypass in ft_smooth_render_generic() (#35604)

https://notcve.org/view.php?id=CVE-2012-1131

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, on 64-bit platforms allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors related to the cell table of a font. FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, en plataformas de 64 bits, permite a atacantes remotos causar una denegación de servicio (operación no válida de escritura y corrupción de memoria) o posiblemente ejecutar código arbitrario a través de vectores relacionados con la celda de una tabla de una fuente. • http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html http://rhn.redhat.com/errata/RHSA-2012-0467.html http://secunia.com/advisories/48508 http://secunia.com/advisories/48758 http • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •

CVSS: 9.3EPSS: 6%CPEs: 62EXPL: 0

CVE-2012-1132 – freetype: heap buffer over-read in Type1 parser parse_subrs() (#35606)

https://notcve.org/view.php?id=CVE-2012-1132

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted dictionary data in a Type 1 font. FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegación de servicio (operación no válida de escritura y corrupción de memoria) o posiblemente ejecutar código arbitrario a través de datos modificados del diccionario en una fuente Type 1. • http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html http://rhn.redhat.com/errata/RHSA-2012-0467.html http://secunia.com/advisories/48508 http://secunia.com/advisories/48758 http • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •

CVSS: 9.3EPSS: 6%CPEs: 62EXPL: 0

CVE-2012-1137 – freetype: heap buffer off-by-one in BDF parsing _bdf_list_ensure() (#35643)

https://notcve.org/view.php?id=CVE-2012-1137

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted header in a BDF font. FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegación de servicio (operación no válida de escritura y corrupción de memoria) o posiblemente ejecutar código arbitrario a través de una cabecera modificada en una fuente BDF. • http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html http://rhn.redhat.com/errata/RHSA-2012-0467.html http://secunia.com/advisories/48508 http://secunia.com/advisories/48758 http://secunia.com/advisories/48797 http://secunia.com/advisories/48822 htt • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •

CVSS: 9.3EPSS: 6%CPEs: 62EXPL: 0

CVE-2012-1139 – freetype: data buffer underflow in BDF parser _bdf_parse_glyphs() (#35656)

https://notcve.org/view.php?id=CVE-2012-1139

Array index error in FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid stack read operation and memory corruption) or possibly execute arbitrary code via crafted glyph data in a BDF font. Error de índice de matriz en FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegación de servicio (operación no válida de escritura y corrupción de memoria) o posiblemente ejecutar código arbitrario a través del glifo modificado de una fuente BDF. • http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html http://rhn.redhat.com/errata/RHSA-2012-0467.html http://secunia.com/advisories/48508 http://secunia.com/advisories/48758 http • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •

CVSS: 9.3EPSS: 5%CPEs: 62EXPL: 0

CVE-2012-1140 – freetype: multiple buffer over-read in PS parser conversion functions (#35657)

https://notcve.org/view.php?id=CVE-2012-1140

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted PostScript font object. FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegación de servicio (operación no válida de escritura y corrupción de memoria) o posiblemente ejecutar código arbitrario a través de un objeto de fuente PostScript modificado. • http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html http://rhn.redhat.com/errata/RHSA-2012-0467.html http://secunia.com/advisories/48508 http://secunia.com/advisories/48758 http://secunia.com/advisories/48822 http://secunia.com/advisories/48973 http://security.gentoo.org/glsa/glsa-201204-04.xml http://support.app • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •