CVSS: 7.5EPSS: 1%CPEs: 47EXPL: 0CVE-2012-5668 – Gentoo Linux Security Advisory 201402-16
https://notcve.org/view.php?id=CVE-2012-5668
24 Jan 2013 — FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to BDF fonts and the improper handling of an "allocation error" in the bdf_free_font function. FreeType anterior a v2.4.11, permite a atacantes dependientes del contexto provocar una denegación de servicio (Caída y deferencia a puntero nulo) posiblemente la ejecución de código arbitrario a través de vectores relacionados con las fuentes BDF y un manejo incorrecto de... • http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=9b6b5754b57c12b820e01305eb69b8863a161e5a • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 1%CPEs: 47EXPL: 0CVE-2012-5669 – freetype: heap buffer over-read in BDF parsing _bdf_parse_glyphs() (#37906)
https://notcve.org/view.php?id=CVE-2012-5669
24 Jan 2013 — The _bdf_parse_glyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to BDF fonts and an incorrect calculation that triggers an out-of-bounds read. La función _bdf_parse_glyphs en FreeType anterior a v2.4.11, permite a atacantes dependientes del contexto provocar una denegación de servicio (Caída) u posiblemente la ejecución de código arbitrario a través de vectores relacionados con las fuente... • http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=07bdb6e289c7954e2a533039dc93c1c136099d2d • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 1%CPEs: 47EXPL: 0CVE-2012-5670 – Gentoo Linux Security Advisory 201402-16
https://notcve.org/view.php?id=CVE-2012-5670
24 Jan 2013 — The _bdf_parse_glyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) via vectors related to BDF fonts and an ENCODING field with a negative value. La función _bdf_parse_glyphs en FreeType antes v2.4.11 permite a atacantes dependientes de contexto provocar una denegación de servicio (fuera del terreno de juego de escritura y bloqueo) a través de vectores relacionados con las fuentes BDF y un campo de codificación con un valor... • http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=7f2e4f4f553f6836be7683f66226afac3fa979b8 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 8%CPEs: 62EXPL: 0CVE-2012-1131 – freetype: incorrect type cast allowing input sanity check bypass in ft_smooth_render_generic() (#35604)
https://notcve.org/view.php?id=CVE-2012-1131
25 Apr 2012 — FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, on 64-bit platforms allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors related to the cell table of a font. FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, en plataformas de 64 bits, permite a atacantes remotos causar una denegación de servicio (operación no v... • http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 9.8EPSS: 8%CPEs: 62EXPL: 0CVE-2012-1139 – freetype: data buffer underflow in BDF parser _bdf_parse_glyphs() (#35656)
https://notcve.org/view.php?id=CVE-2012-1139
25 Apr 2012 — Array index error in FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid stack read operation and memory corruption) or possibly execute arbitrary code via crafted glyph data in a BDF font. Error de índice de matriz en FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegación de servicio (operación no válida d... • http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 5%CPEs: 62EXPL: 0CVE-2012-1143 – freetype: integer divide by zero in FT_DivFix() (#35660)
https://notcve.org/view.php?id=CVE-2012-1143
25 Apr 2012 — FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted font. FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegación de servicio (error de división por cero) a través de una fuente TrueType modificada. • http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html • CWE-189: Numeric Errors CWE-369: Divide By Zero •
CVSS: 9.8EPSS: 8%CPEs: 62EXPL: 0CVE-2012-1136 – freetype: uninitialized pointer use in BDF parser _bdf_parse_glyphs() (#35641)
https://notcve.org/view.php?id=CVE-2012-1136
25 Apr 2012 — FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font that lacks an ENCODING field. FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegación de servicio (operación no válida de escritura... • http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 9.8EPSS: 8%CPEs: 62EXPL: 0CVE-2012-1142 – freetype: incorrect computation of number of glyphs in FNT_Face_Init() for FNT/FON files (#35659)
https://notcve.org/view.php?id=CVE-2012-1142
25 Apr 2012 — FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph-outline data in a font. FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegación de servicio (operación no válida de escritura y corrupción de memoria) o posible... • http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 8%CPEs: 62EXPL: 0CVE-2012-1141 – freetype: BDF parser _bdf_list_split() fails to properly initialize field array (#35658)
https://notcve.org/view.php?id=CVE-2012-1141
25 Apr 2012 — FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted ASCII string in a BDF font. FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegación de servicio (operación no válida de escritura y corrupción de memoria) o posiblem... • http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 9.3EPSS: 8%CPEs: 62EXPL: 0CVE-2012-1129
https://notcve.org/view.php?id=CVE-2012-1129
25 Apr 2012 — FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted SFNT string in a Type 42 font. FreeType antes de v2.4.9, tal como se utiliza en Mozilla Firefox Mobile antes de v10.0.4 y otros productos, permite a atacantes remotos causar una denegación de servicio (operación no válida de escritura y corrupción de memoria) o posib... • http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •