CVE-2012-1134

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted private-dictionary data in a Type 1 font.

CVSS v2.0 9.3 HIGH

9.3^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 8.6 / Impact : 10.0

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
https://bugzilla.redhat.com/show_bug.cgi?id=800592
https://bugzilla.mozilla.org/show_bug.cgi?id=733512
http://www.mozilla.org/security/announce/2012/mfsa2012-21.html	Vendor Advisory
http://www.openwall.com/lists/oss-security/2012/03/06/16
http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html
http://security.gentoo.org/glsa/glsa-201204-04.xml
http://secunia.com/advisories/48758
http://secunia.com/advisories/48918
http://rhn.redhat.com/errata/RHSA-2012-0467.html
http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html
http://support.apple.com/kb/HT5503
http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html
http://secunia.com/advisories/48822
http://secunia.com/advisories/48951
http://secunia.com/advisories/48973
http://secunia.com/advisories/48797
http://www.debian.org/security/2012/dsa-2428
http://secunia.com/advisories/48508
http://www.ubuntu.com/usn/USN-1403-1
http://www.securitytracker.com/id?1026765
http://www.securityfocus.com/bid/52318
http://secunia.com/advisories/48300
http://www.mandriva.com/security/advisories?name=MDVSA-2012:057
http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html
http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:freetype:freetype:2.0.3:::::::*
	cpe:2.3:a:freetype:freetype:2.4.0:::::::*
	cpe:2.3:a:freetype:freetype:2.4.2:::::::*
	cpe:2.3:a:mozilla:firefox_mobile:4.0:beta2::::::
	cpe:2.3:a:freetype:freetype:2.3.6:::::::*
	cpe:2.3:a:freetype:freetype::::::::
	cpe:2.3:a:freetype:freetype:2.1.9:::::::*
	cpe:2.3:a:freetype:freetype:2.1.10:::::::*
	cpe:2.3:a:freetype:freetype:2.3.4:::::::*
	cpe:2.3:a:freetype:freetype:2.0.1:::::::*
	cpe:2.3:a:freetype:freetype:2.3.5:::::::*
	cpe:2.3:a:mozilla:firefox_mobile:8.0:::::::*
	cpe:2.3:a:mozilla:firefox_mobile:10.0.1:::::::*
	cpe:2.3:a:mozilla:firefox_mobile:7.0:::::::*
	cpe:2.3:a:freetype:freetype:2.1:::::::*
	cpe:2.3:a:freetype:freetype:2.1.5:::::::*
	cpe:2.3:a:freetype:freetype:2.3.10:::::::*
	cpe:2.3:a:mozilla:firefox_mobile:10.0.2:::::::*
	cpe:2.3:a:mozilla:firefox_mobile:4.0:beta3::::::
	cpe:2.3:a:freetype:freetype:1.3.1:::::::*
	cpe:2.3:a:mozilla:firefox_mobile:6.0.2:::::::*
	cpe:2.3:a:freetype:freetype:2.4.4:::::::*
	cpe:2.3:a:freetype:freetype:2.4.6:::::::*
	cpe:2.3:a:freetype:freetype:2.1.8:::::::*
	cpe:2.3:a:freetype:freetype:2.2.1:::::::*
	cpe:2.3:a:freetype:freetype:2.1.3:::::::*
	cpe:2.3:a:mozilla:firefox_mobile:6.0:::::::*
	cpe:2.3:a:freetype:freetype:2.3.3:::::::*
	cpe:2.3:a:freetype:freetype:2.1.6:::::::*
	cpe:2.3:a:mozilla:firefox_mobile:9.0:::::::*
	cpe:2.3:a:freetype:freetype:2.3.0:::::::*
	cpe:2.3:a:freetype:freetype:2.3.1:::::::*
	cpe:2.3:a:freetype:freetype:2.0.5:::::::*
	cpe:2.3:a:freetype:freetype:2.4.1:::::::*
	cpe:2.3:a:freetype:freetype:2.4.3:::::::*
	cpe:2.3:a:freetype:freetype:2.0.7:::::::*
	cpe:2.3:a:freetype:freetype:2.0.9:::::::*
	cpe:2.3:a:freetype:freetype:2.1.8:rc1::::::
	cpe:2.3:a:freetype:freetype:2.3.7:::::::*
	cpe:2.3:a:mozilla:firefox_mobile:4.0:beta1::::::
	cpe:2.3:a:freetype:freetype:2.0.6:::::::*
	cpe:2.3:a:freetype:freetype:2.0.4:::::::*
	cpe:2.3:a:mozilla:firefox_mobile:1.0:::::::*
	cpe:2.3:a:freetype:freetype:2.3.8:::::::*
	cpe:2.3:a:freetype:freetype:2.3.11:::::::*
	cpe:2.3:a:mozilla:firefox_mobile:6.0.1:::::::*
	cpe:2.3:a:freetype:freetype:2.3.2:::::::*
	cpe:2.3:a:mozilla:firefox_mobile:4.0:beta4::::::
	cpe:2.3:a:freetype:freetype:2.0.2:::::::*
	cpe:2.3:a:freetype:freetype:2.0.8:::::::*
	cpe:2.3:a:freetype:freetype:2.3.12:::::::*
	cpe:2.3:a:mozilla:firefox_mobile::::::::
	cpe:2.3:a:freetype:freetype:2.3.9:::::::*
	cpe:2.3:a:mozilla:firefox_mobile:4.0:::::::*
	cpe:2.3:a:mozilla:firefox_mobile:10.0:::::::*
	cpe:2.3:a:freetype:freetype:2.4.5:::::::*
	cpe:2.3:a:mozilla:firefox_mobile:5.0:::::::*
	cpe:2.3:a:freetype:freetype:2.1.7:::::::*
	cpe:2.3:a:freetype:freetype:2.4.7:::::::*
	cpe:2.3:a:freetype:freetype:2.1.4:::::::*
	cpe:2.3:a:freetype:freetype:2.0.0:::::::*
	cpe:2.3:a:freetype:freetype:2.2.0:::::::*

Information

Published : 2012-04-25 03:10

Updated : 2023-02-12 20:33

NVD link : CVE-2012-1134

Mitre link : CVE-2012-1134

JSON object : View

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

Products Affected

freetype

freetype

mozilla

firefox_mobile

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800592", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=800592", "tags": [], "refsource": "CONFIRM"}, {"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512", "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=733512", "tags": [], "refsource": "CONFIRM"}, {"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html", "name": "http://www.mozilla.org/security/announce/2012/mfsa2012-21.html", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://www.openwall.com/lists/oss-security/2012/03/06/16", "name": "[oss-security] 20120306 Re: CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9", "tags": [], "refsource": "MLIST"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html", "name": "SUSE-SU-2012:0483", "tags": [], "refsource": "SUSE"}, {"url": "http://security.gentoo.org/glsa/glsa-201204-04.xml", "name": "GLSA-201204-04", "tags": [], "refsource": "GENTOO"}, {"url": "http://secunia.com/advisories/48758", "name": "48758", "tags": [], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/48918", "name": "48918", "tags": [], "refsource": "SECUNIA"}, {"url": "http://rhn.redhat.com/errata/RHSA-2012-0467.html", "name": "RHSA-2012:0467", "tags": [], "refsource": "REDHAT"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html", "name": "SUSE-SU-2012:0521", "tags": [], "refsource": "SUSE"}, {"url": "http://support.apple.com/kb/HT5503", "name": "http://support.apple.com/kb/HT5503", "tags": [], "refsource": "CONFIRM"}, {"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html", "name": "APPLE-SA-2012-09-19-1", "tags": [], "refsource": "APPLE"}, {"url": "http://secunia.com/advisories/48822", "name": "48822", "tags": [], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/48951", "name": "48951", "tags": [], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/48973", "name": "48973", "tags": [], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/48797", "name": "48797", "tags": [], "refsource": "SECUNIA"}, {"url": "http://www.debian.org/security/2012/dsa-2428", "name": "DSA-2428", "tags": [], "refsource": "DEBIAN"}, {"url": "http://secunia.com/advisories/48508", "name": "48508", "tags": [], "refsource": "SECUNIA"}, {"url": "http://www.ubuntu.com/usn/USN-1403-1", "name": "USN-1403-1", "tags": [], "refsource": "UBUNTU"}, {"url": "http://www.securitytracker.com/id?1026765", "name": "1026765", "tags": [], "refsource": "SECTRACK"}, {"url": "http://www.securityfocus.com/bid/52318", "name": "52318", "tags": [], "refsource": "BID"}, {"url": "http://secunia.com/advisories/48300", "name": "48300", "tags": [], "refsource": "SECUNIA"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:057", "name": "MDVSA-2012:057", "tags": [], "refsource": "MANDRIVA"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html", "name": "openSUSE-SU-2012:0489", "tags": [], "refsource": "SUSE"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html", "name": "SUSE-SU-2012:0484", "tags": [], "refsource": "SUSE"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted private-dictionary data in a Type 1 font."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-119"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2012-1134", "ASSIGNER": "secalert@redhat.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "acInsufInfo": false, "impactScore": 10.0, "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2012-04-25T10:10Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:freetype:freetype:2.0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:freetype:freetype:2.4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:freetype:freetype:2.4.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:freetype:freetype:2.3.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "2.4.8"}, {"cpe23Uri": "cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:freetype:freetype:2.1.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:freetype:freetype:2.3.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:freetype:freetype:2.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:freetype:freetype:2.3.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mozilla:firefox_mobile:8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mozilla:firefox_mobile:10.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mozilla:firefox_mobile:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:freetype:freetype:2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:freetype:freetype:2.1.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:freetype:freetype:2.3.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mozilla:firefox_mobile:10.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:freetype:freetype:1.3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mozilla:firefox_mobile:6.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:freetype:freetype:2.4.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:freetype:freetype:2.4.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:freetype:freetype:2.1.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:freetype:freetype:2.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:freetype:freetype:2.1.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mozilla:firefox_mobile:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:freetype:freetype:2.3.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:freetype:freetype:2.1.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mozilla:firefox_mobile:9.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:freetype:freetype:2.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:freetype:freetype:2.3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:freetype:freetype:2.0.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:freetype:freetype:2.4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:freetype:freetype:2.4.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:freetype:freetype:2.0.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:freetype:freetype:2.0.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:freetype:freetype:2.1.8:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:freetype:freetype:2.3.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:freetype:freetype:2.0.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:freetype:freetype:2.0.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mozilla:firefox_mobile:1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:freetype:freetype:2.3.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:freetype:freetype:2.3.11:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mozilla:firefox_mobile:6.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:freetype:freetype:2.3.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mozilla:firefox_mobile:4.0:beta4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:freetype:freetype:2.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:freetype:freetype:2.0.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:freetype:freetype:2.3.12:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mozilla:firefox_mobile:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "10.0.3"}, {"cpe23Uri": "cpe:2.3:a:freetype:freetype:2.3.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mozilla:firefox_mobile:4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mozilla:firefox_mobile:10.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:freetype:freetype:2.4.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mozilla:firefox_mobile:5.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:freetype:freetype:2.1.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:freetype:freetype:2.4.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:freetype:freetype:2.1.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:freetype:freetype:2.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:freetype:freetype:2.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2023-02-13T04:33Z"}

9.3 /10