CyberSec.Space Logo
返回 CVE 浏览器

CVE-2012-1126

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0900%
EPSS Percentile25.68th
Published2012年4月25日
Last Modified2026年4月29日

Vulnerability Description

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted property data in a BDF font.

Affected Platforms (CPE)

📦
Freetype

Freetype

<= 2.4.8
📦
Freetype

Freetype

= 1.3.1
📦
Freetype

Freetype

= 2.0.0
📦
Freetype

Freetype

= 2.0.1
📦
Freetype

Freetype

= 2.0.2
📦
Freetype

Freetype

= 2.0.3
📦
Freetype

Freetype

= 2.0.4
📦
Freetype

Freetype

= 2.0.5
📦
Freetype

Freetype

= 2.0.6
📦
Freetype

Freetype

= 2.0.7
📦
Freetype

Freetype

= 2.0.8
📦
Freetype

Freetype

= 2.0.9
📦
Freetype

Freetype

= 2.1
📦
Freetype

Freetype

= 2.1.3
📦
Freetype

Freetype

= 2.1.4
📦
Freetype

Freetype

= 2.1.5
📦
Freetype

Freetype

= 2.1.6
📦
Freetype

Freetype

= 2.1.7
📦
Freetype

Freetype

= 2.1.8
📦
Freetype

Freetype

= 2.1.8
📦
Freetype

Freetype

= 2.1.9
📦
Freetype

Freetype

= 2.1.10
📦
Freetype

Freetype

= 2.2.0
📦
Freetype

Freetype

= 2.2.1
📦
Freetype

Freetype

= 2.3.0
📦
Freetype

Freetype

= 2.3.1
📦
Freetype

Freetype

= 2.3.2
📦
Freetype

Freetype

= 2.3.3
📦
Freetype

Freetype

= 2.3.4
📦
Freetype

Freetype

= 2.3.5
📦
Freetype

Freetype

= 2.3.6
📦
Freetype

Freetype

= 2.3.7
📦
Freetype

Freetype

= 2.3.8
📦
Freetype

Freetype

= 2.3.9
📦
Freetype

Freetype

= 2.3.10
📦
Freetype

Freetype

= 2.3.11
📦
Freetype

Freetype

= 2.3.12
📦
Freetype

Freetype

= 2.4.0
📦
Freetype

Freetype

= 2.4.1
📦
Freetype

Freetype

= 2.4.2
📦
Freetype

Freetype

= 2.4.3
📦
Freetype

Freetype

= 2.4.4
📦
Freetype

Freetype

= 2.4.5
📦
Freetype

Freetype

= 2.4.6
📦
Freetype

Freetype

= 2.4.7
📦
Mozilla

Firefox Mobile

<= 10.0.3
📦
Mozilla

Firefox Mobile

= 1.0
📦
Mozilla

Firefox Mobile

= 4.0
📦
Mozilla

Firefox Mobile

= 4.0
📦
Mozilla

Firefox Mobile

= 4.0
📦
Mozilla

Firefox Mobile

= 4.0
📦
Mozilla

Firefox Mobile

= 4.0
📦
Mozilla

Firefox Mobile

= 5.0
📦
Mozilla

Firefox Mobile

= 6.0
📦
Mozilla

Firefox Mobile

= 6.0.1
📦
Mozilla

Firefox Mobile

= 6.0.2
📦
Mozilla

Firefox Mobile

= 7.0
📦
Mozilla

Firefox Mobile

= 8.0
📦
Mozilla

Firefox Mobile

= 9.0
📦
Mozilla

Firefox Mobile

= 10.0
📦
Mozilla

Firefox Mobile

= 10.0.1
📦
Mozilla

Firefox Mobile

= 10.0.2

References & Advisories

🔗 http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html
🔗 http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html
🔗 http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html
🔗 http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html
🔗 http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html
🔗 http://rhn.redhat.com/errata/RHSA-2012-0467.html
🔗 http://secunia.com/advisories/48508
🔗 http://secunia.com/advisories/48758

相关漏洞威胁

CVE-2014-317510.0

Multiple unspecified vulnerabilities in Google Chrome before 37.0.2062.94 allow attackers to cause a denial of service or possibly...

CVE-2012-419010.0

The FT2FontEntry::CreateFontEntry function in FreeType, as used in the Android build of Mozilla Firefox before 16.0.1 on CyanogenM...

CVE-2014-97469.8

The (1) t1_parse_font_matrix function in type1/t1load.c, (2) cid_parse_font_matrix function in cid/cidload.c, (3) t42_parse_font_m...

CVE-2015-92909.8

In FreeType before 2.6.1, a buffer over-read occurs in type1/t1parse.c on function T1_Get_Private_Dict where there is no check tha...