CVE-2012-1135

Published: Apr 25, 2012Modified: Apr 29, 2026

9.3

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability: 8.6 / Impact: 10.0

Source: NVD

Description

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors involving the NPUSHB and NPUSHW instructions in a TrueType font.

Affected (62)

Products: Freetype: Freetype · Mozilla: Firefox Mobile

1 product

1 product

Configuration A

62 vulnerable

Vulnerable Software	Affected Versions
Freetype Freetype	Up to 2.4.8
Freetype Freetype	Version 1.3.1
Freetype Freetype	Version 2.0.0
Freetype Freetype	Version 2.0.1
Freetype Freetype	Version 2.0.2
Freetype Freetype	Version 2.0.3
Freetype Freetype	Version 2.0.4
Freetype Freetype	Version 2.0.5
Freetype Freetype	Version 2.0.6
Freetype Freetype	Version 2.0.7
Freetype Freetype	Version 2.0.8
Freetype Freetype	Version 2.0.9
Freetype Freetype	Version 2.1.10
Freetype Freetype	Version 2.1.3
Freetype Freetype	Version 2.1.4
Freetype Freetype	Version 2.1.5
Freetype Freetype	Version 2.1.6
Freetype Freetype	Version 2.1.7
Freetype Freetype	Version 2.1.8
Freetype Freetype	Version 2.1.8 rc1
Freetype Freetype	Version 2.1.9
Freetype Freetype	Version 2.1
Freetype Freetype	Version 2.2.0
Freetype Freetype	Version 2.2.1
Freetype Freetype	Version 2.3.0
Freetype Freetype	Version 2.3.10
Freetype Freetype	Version 2.3.11
Freetype Freetype	Version 2.3.12
Freetype Freetype	Version 2.3.1
Freetype Freetype	Version 2.3.2
Freetype Freetype	Version 2.3.3
Freetype Freetype	Version 2.3.4
Freetype Freetype	Version 2.3.5
Freetype Freetype	Version 2.3.6
Freetype Freetype	Version 2.3.7
Freetype Freetype	Version 2.3.8
Freetype Freetype	Version 2.3.9
Freetype Freetype	Version 2.4.0
Freetype Freetype	Version 2.4.1
Freetype Freetype	Version 2.4.2
Freetype Freetype	Version 2.4.3
Freetype Freetype	Version 2.4.4
Freetype Freetype	Version 2.4.5
Freetype Freetype	Version 2.4.6
Freetype Freetype	Version 2.4.7
Mozilla Firefox Mobile	Up to 10.0.3
Mozilla Firefox Mobile	Version 1.0
Mozilla Firefox Mobile	Version 10.0.1
Mozilla Firefox Mobile	Version 10.0.2
Mozilla Firefox Mobile	Version 10.0
Mozilla Firefox Mobile	Version 4.0
Mozilla Firefox Mobile	Version 4.0 beta1
Mozilla Firefox Mobile	Version 4.0 beta2
Mozilla Firefox Mobile	Version 4.0 beta3
Mozilla Firefox Mobile	Version 4.0 beta4
Mozilla Firefox Mobile	Version 5.0
Mozilla Firefox Mobile	Version 6.0.1
Mozilla Firefox Mobile	Version 6.0.2
Mozilla Firefox Mobile	Version 6.0
Mozilla Firefox Mobile	Version 7.0
Mozilla Firefox Mobile	Version 8.0
Mozilla Firefox Mobile	Version 9.0

Related CWEs

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (42)

http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html

Source: secalert@redhat.com

http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html

Source: secalert@redhat.com

http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html

Source: secalert@redhat.com

http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html

Source: secalert@redhat.com

http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html

Source: secalert@redhat.com

http://secunia.com/advisories/48508

Source: secalert@redhat.com

http://secunia.com/advisories/48797

Source: secalert@redhat.com

http://secunia.com/advisories/48822

Source: secalert@redhat.com

http://secunia.com/advisories/48918

Source: secalert@redhat.com

http://secunia.com/advisories/48951

Source: secalert@redhat.com

http://secunia.com/advisories/48973

Source: secalert@redhat.com

http://security.gentoo.org/glsa/glsa-201204-04.xml

Source: secalert@redhat.com

http://support.apple.com/kb/HT5503

Source: secalert@redhat.com

http://www.mandriva.com/security/advisories?name=MDVSA-2012:057

Source: secalert@redhat.com

http://www.mozilla.org/security/announce/2012/mfsa2012-21.html

Source: secalert@redhat.com

Vendor Advisory

http://www.openwall.com/lists/oss-security/2012/03/06/16

Source: secalert@redhat.com

http://www.securityfocus.com/bid/52318

Source: secalert@redhat.com

http://www.securitytracker.com/id?1026765

Source: secalert@redhat.com

http://www.ubuntu.com/usn/USN-1403-1

Source: secalert@redhat.com

https://bugzilla.mozilla.org/show_bug.cgi?id=733512

Source: secalert@redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=800593

Source: secalert@redhat.com

http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/48508

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/48797

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/48822

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/48918

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/48951

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/48973

Source: af854a3a-2127-422b-91ae-364da2661108

http://security.gentoo.org/glsa/glsa-201204-04.xml

Source: af854a3a-2127-422b-91ae-364da2661108

http://support.apple.com/kb/HT5503

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.mandriva.com/security/advisories?name=MDVSA-2012:057

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.mozilla.org/security/announce/2012/mfsa2012-21.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.openwall.com/lists/oss-security/2012/03/06/16

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/52318

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id?1026765

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.ubuntu.com/usn/USN-1403-1

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugzilla.mozilla.org/show_bug.cgi?id=733512

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugzilla.redhat.com/show_bug.cgi?id=800593

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.