CyberSec.Space Logo
Back to CVE Browser

CVE-2012-1126

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0900%
EPSS Percentile25.68th
PublishedApr 25, 2012
Last ModifiedApr 29, 2026

Vulnerability Description

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted property data in a BDF font.

Affected Platforms (CPE)

πŸ“¦
Freetype

Freetype

<= 2.4.8
πŸ“¦
Freetype

Freetype

= 1.3.1
πŸ“¦
Freetype

Freetype

= 2.0.0
πŸ“¦
Freetype

Freetype

= 2.0.1
πŸ“¦
Freetype

Freetype

= 2.0.2
πŸ“¦
Freetype

Freetype

= 2.0.3
πŸ“¦
Freetype

Freetype

= 2.0.4
πŸ“¦
Freetype

Freetype

= 2.0.5
πŸ“¦
Freetype

Freetype

= 2.0.6
πŸ“¦
Freetype

Freetype

= 2.0.7
πŸ“¦
Freetype

Freetype

= 2.0.8
πŸ“¦
Freetype

Freetype

= 2.0.9
πŸ“¦
Freetype

Freetype

= 2.1
πŸ“¦
Freetype

Freetype

= 2.1.3
πŸ“¦
Freetype

Freetype

= 2.1.4
πŸ“¦
Freetype

Freetype

= 2.1.5
πŸ“¦
Freetype

Freetype

= 2.1.6
πŸ“¦
Freetype

Freetype

= 2.1.7
πŸ“¦
Freetype

Freetype

= 2.1.8
πŸ“¦
Freetype

Freetype

= 2.1.8
πŸ“¦
Freetype

Freetype

= 2.1.9
πŸ“¦
Freetype

Freetype

= 2.1.10
πŸ“¦
Freetype

Freetype

= 2.2.0
πŸ“¦
Freetype

Freetype

= 2.2.1
πŸ“¦
Freetype

Freetype

= 2.3.0
πŸ“¦
Freetype

Freetype

= 2.3.1
πŸ“¦
Freetype

Freetype

= 2.3.2
πŸ“¦
Freetype

Freetype

= 2.3.3
πŸ“¦
Freetype

Freetype

= 2.3.4
πŸ“¦
Freetype

Freetype

= 2.3.5
πŸ“¦
Freetype

Freetype

= 2.3.6
πŸ“¦
Freetype

Freetype

= 2.3.7
πŸ“¦
Freetype

Freetype

= 2.3.8
πŸ“¦
Freetype

Freetype

= 2.3.9
πŸ“¦
Freetype

Freetype

= 2.3.10
πŸ“¦
Freetype

Freetype

= 2.3.11
πŸ“¦
Freetype

Freetype

= 2.3.12
πŸ“¦
Freetype

Freetype

= 2.4.0
πŸ“¦
Freetype

Freetype

= 2.4.1
πŸ“¦
Freetype

Freetype

= 2.4.2
πŸ“¦
Freetype

Freetype

= 2.4.3
πŸ“¦
Freetype

Freetype

= 2.4.4
πŸ“¦
Freetype

Freetype

= 2.4.5
πŸ“¦
Freetype

Freetype

= 2.4.6
πŸ“¦
Freetype

Freetype

= 2.4.7
πŸ“¦
Mozilla

Firefox Mobile

<= 10.0.3
πŸ“¦
Mozilla

Firefox Mobile

= 1.0
πŸ“¦
Mozilla

Firefox Mobile

= 4.0
πŸ“¦
Mozilla

Firefox Mobile

= 4.0
πŸ“¦
Mozilla

Firefox Mobile

= 4.0
πŸ“¦
Mozilla

Firefox Mobile

= 4.0
πŸ“¦
Mozilla

Firefox Mobile

= 4.0
πŸ“¦
Mozilla

Firefox Mobile

= 5.0
πŸ“¦
Mozilla

Firefox Mobile

= 6.0
πŸ“¦
Mozilla

Firefox Mobile

= 6.0.1
πŸ“¦
Mozilla

Firefox Mobile

= 6.0.2
πŸ“¦
Mozilla

Firefox Mobile

= 7.0
πŸ“¦
Mozilla

Firefox Mobile

= 8.0
πŸ“¦
Mozilla

Firefox Mobile

= 9.0
πŸ“¦
Mozilla

Firefox Mobile

= 10.0
πŸ“¦
Mozilla

Firefox Mobile

= 10.0.1
πŸ“¦
Mozilla

Firefox Mobile

= 10.0.2

References & Advisories

πŸ”— http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html
πŸ”— http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html
πŸ”— http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html
πŸ”— http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html
πŸ”— http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html
πŸ”— http://rhn.redhat.com/errata/RHSA-2012-0467.html
πŸ”— http://secunia.com/advisories/48508
πŸ”— http://secunia.com/advisories/48758

Related Vulnerabilities

CVE-2014-317510.0

Multiple unspecified vulnerabilities in Google Chrome before 37.0.2062.94 allow attackers to cause a denial of service or possibly...

CVE-2012-419010.0

The FT2FontEntry::CreateFontEntry function in FreeType, as used in the Android build of Mozilla Firefox before 16.0.1 on CyanogenM...

CVE-2014-97469.8

The (1) t1_parse_font_matrix function in type1/t1load.c, (2) cid_parse_font_matrix function in cid/cidload.c, (3) t42_parse_font_m...

CVE-2015-92909.8

In FreeType before 2.6.1, a buffer over-read occurs in type1/t1parse.c on function T1_Get_Private_Dict where there is no check tha...