CVE-2012-1128

Priority
Low
Description
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and
other products, allows remote attackers to cause a denial of service (NULL
pointer dereference and memory corruption) or possibly execute arbitrary
code via a crafted TrueType font.
References
Bugs
Assigned-to
tyhicks
Package
Upstream:released (2.4.9)
Ubuntu 8.04 LTS (Hardy Heron):released (2.3.5-1ubuntu4.8.04.9)
Ubuntu 10.04 LTS (Lucid Lynx):released (2.3.11-1ubuntu2.6)
Ubuntu 11.04 (Natty Narwhal):released (2.4.4-1ubuntu2.3)
Ubuntu 11.10 (Oneiric Ocelot):released (2.4.4-2ubuntu1.2)
Ubuntu 12.04 LTS (Precise Pangolin):released (2.4.8-1ubuntu1)
Patches:
Upstream:http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=96cddb8d1d32d6738b06552083db9d6cee5b5cb4
More Information

Valid XHTML 1.0 Strict

Updated: 2012-06-01 15:22:41 UTC (commit 5347)