Vulnerabilities > Freetype > Freetype > 2.1.7
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2013-01-24 | CVE-2012-5670 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Freetype The _bdf_parse_glyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) via vectors related to BDF fonts and an ENCODING field with a negative value. | 4.3 |
2013-01-24 | CVE-2012-5669 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Freetype The _bdf_parse_glyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to BDF fonts and an incorrect calculation that triggers an out-of-bounds read. | 4.3 |
2013-01-24 | CVE-2012-5668 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Freetype FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to BDF fonts and the improper handling of an "allocation error" in the bdf_free_font function. | 4.3 |
2012-04-25 | CVE-2012-1138 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors involving the MIRP instruction in a TrueType font. | 9.3 |
2012-04-25 | CVE-2012-1135 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors involving the NPUSHB and NPUSHW instructions in a TrueType font. | 9.3 |
2012-04-25 | CVE-2012-1133 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font. | 9.3 |
2012-04-25 | CVE-2012-1129 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted SFNT string in a Type 42 font. | 9.3 |
2012-04-25 | CVE-2012-1128 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and memory corruption) or possibly execute arbitrary code via a crafted TrueType font. | 9.3 |
2011-07-19 | CVE-2011-0226 | Numeric Errors vulnerability in multiple products Integer signedness error in psaux/t1decode.c in FreeType before 2.4.6, as used in CoreGraphics in Apple iOS before 4.2.9 and 4.3.x before 4.3.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Type 1 font in a PDF document, as exploited in the wild in July 2011. | 9.3 |
2010-11-26 | CVE-2010-3814 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Freetype Heap-based buffer overflow in the Ins_SHZ function in ttinterp.c in FreeType 2.4.3 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted SHZ bytecode instruction, related to TrueType opcodes, as demonstrated by a PDF document with a crafted embedded font. | 6.8 |