Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в FreeType
Опубликовано:9 марта 2012 г.
Источник:
SecurityVulns ID:12220
Тип:библиотека
Уровень опасности:
6/10
Описание:Различные уязвимости при обработке файлов шрифтов.
Затронутые продукты:FREETYPE : FreeType 2.4
CVE:CVE-2012-1144 (FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via a crafted TrueType font.)
 CVE-2012-1142 (FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph-outline data in a font.)
 CVE-2012-1136 (FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font that lacks an ENCODING field.)
 CVE-2012-1134 (FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted private-dictionary data in a Type 1 font.)
 CVE-2012-1133 (FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font.)
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 2428-1] freetype security update (09.03.2012)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород