CVE-2012-1139

Published: 04/25/2012 10:10:18
Array index error in FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid stack read operation and memory corruption) or possibly execute arbitrary code via crafted glyph data in a BDF font.
HIGH
CVSS v2: 9.3

Status

DocFilters Release Package State Justification Comment
25.1 freetype (2.6.5) Not Affected Code Not Present 2.6.5 does not match CVE configuration.
24.4 freetype (2.6.5) Not Affected Code Not Present 2.6.5 does not match CVE configuration.
24.4.0 freetype (2.6.5) Not Affected Code Not Present 2.6.5 does not match CVE configuration.
24.3 freetype (2.6.5) Not Affected Code Not Present 2.6.5 does not match CVE configuration.
24.2.1 freetype (2.6.5) Not Affected Code Not Present 2.6.5 does not match CVE configuration.
24.2 freetype (2.6.5) Not Affected Code Not Present 2.6.5 does not match CVE configuration.
24.1 freetype (2.6.5) Not Affected Code Not Present 2.6.5 does not match CVE configuration.
23.3 freetype (2.6.5) Not Affected Code Not Present 2.6.5 does not match CVE configuration.
23.2.1 freetype (2.6.5) Not Affected Code Not Present 2.6.5 does not match CVE configuration.
23.2 freetype (2.6.5) Not Affected Code Not Present 2.6.5 does not match CVE configuration.
23.1 freetype (2.6.5) Not Affected Code Not Present 2.6.5 does not match CVE configuration.
22.4 freetype (2.6.5) Not Affected Code Not Present 2.6.5 does not match CVE configuration.
22.3 freetype (2.6.5) Not Affected Code Not Present 2.6.5 does not match CVE configuration.
22.2 freetype (2.6.5) Not Affected Code Not Present 2.6.5 does not match CVE configuration.
22.1 freetype (2.6.5) Not Affected Code Not Present 2.6.5 does not match CVE configuration.
21.11.1 freetype (2.6.5) Not Affected Code Not Present 2.6.5 does not match CVE configuration.
21.11 freetype (2.6.5) Not Affected Code Not Present 2.6.5 does not match CVE configuration.
21.8.1 freetype (2.6.5) Not Affected Code Not Present 2.6.5 does not match CVE configuration.
21.8 freetype (2.6.5) Not Affected Code Not Present 2.6.5 does not match CVE configuration.

Severity score breakdown

References