CVSS: 9.8EPSS: 5%CPEs: 62EXPL: 0CVE-2012-1134 – freetype: limited heap buffer overflow in Type1 parser T1_Get_Private_Dict() (#35608)
https://notcve.org/view.php?id=CVE-2012-1134
25 Apr 2012 — FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted private-dictionary data in a Type 1 font. FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegación de servicio (operación no válida de escritura y corrupción de memori... • http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 3%CPEs: 62EXPL: 0CVE-2012-1144 – freetype: insufficient checking of first outline point in TTF parser (#35689)
https://notcve.org/view.php?id=CVE-2012-1144
25 Apr 2012 — FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via a crafted TrueType font. FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegación de servicio (operación no válida de escritura y corrupción de memoria) o posiblemente ejecuta... • http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 3%CPEs: 62EXPL: 0CVE-2012-1126 – freetype: heap buffer over-read in BDF parsing _bdf_is_atom() (#35597, #35598)
https://notcve.org/view.php?id=CVE-2012-1126
25 Apr 2012 — FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted property data in a BDF font. FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegación de servicio (operación no válida de lectura y corrupción de memoria) o posiblement... • http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 3%CPEs: 62EXPL: 0CVE-2012-1127 – freetype: heap buffer over-read in BDF parsing _bdf_parse_glyphs() (#35599, #35600)
https://notcve.org/view.php?id=CVE-2012-1127
25 Apr 2012 — FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font. FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegación de servicio (operación no válida de lectura y corrupción de memoria) o posi... • http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 5%CPEs: 62EXPL: 0CVE-2012-1136 – freetype: uninitialized pointer use in BDF parser _bdf_parse_glyphs() (#35641)
https://notcve.org/view.php?id=CVE-2012-1136
25 Apr 2012 — FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font that lacks an ENCODING field. FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegación de servicio (operación no válida de escritura... • http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 9.8EPSS: 3%CPEs: 62EXPL: 0CVE-2012-1141 – freetype: BDF parser _bdf_list_split() fails to properly initialize field array (#35658)
https://notcve.org/view.php?id=CVE-2012-1141
25 Apr 2012 — FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted ASCII string in a BDF font. FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegación de servicio (operación no válida de escritura y corrupción de memoria) o posiblem... • http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 9.3EPSS: 2%CPEs: 62EXPL: 0CVE-2012-1128
https://notcve.org/view.php?id=CVE-2012-1128
25 Apr 2012 — FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and memory corruption) or possibly execute arbitrary code via a crafted TrueType font. FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegación de servicio (desreferencia de puntero nulo y corrupción de memoria) o posiblemente ejecutar códig... • http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 3%CPEs: 62EXPL: 0CVE-2012-1139 – freetype: data buffer underflow in BDF parser _bdf_parse_glyphs() (#35656)
https://notcve.org/view.php?id=CVE-2012-1139
25 Apr 2012 — Array index error in FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid stack read operation and memory corruption) or possibly execute arbitrary code via crafted glyph data in a BDF font. Error de índice de matriz en FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegación de servicio (operación no válida d... • http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 2%CPEs: 62EXPL: 0CVE-2012-1143 – freetype: integer divide by zero in FT_DivFix() (#35660)
https://notcve.org/view.php?id=CVE-2012-1143
25 Apr 2012 — FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted font. FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegación de servicio (error de división por cero) a través de una fuente TrueType modificada. • http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html • CWE-189: Numeric Errors CWE-369: Divide By Zero •
CVSS: 9.8EPSS: 3%CPEs: 62EXPL: 0CVE-2012-1132 – freetype: heap buffer over-read in Type1 parser parse_subrs() (#35606)
https://notcve.org/view.php?id=CVE-2012-1132
25 Apr 2012 — FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted dictionary data in a Type 1 font. FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegación de servicio (operación no válida de escritura y corrupción de memoria) o posi... • http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •