PT-2013-1224 · Freetype · Freetype

J00Ru

Publicado

2013-01-24

Atualizado

2024-06-15

CVE-2012-5670

CVSS v2.0

4.3

Média

Vetor

AV:N/AC:M/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions FreeType versions prior to 2.4.11

Description The issue allows context-dependent attackers to cause a denial of service, potentially leading to a crash, via vectors related to BDF fonts and an ENCODING field with a negative value. Exploitation of the issue can be done remotely.

Recommendations For versions prior to 2.4.11, update to version 2.4.11 or later to resolve the issue. As a temporary workaround, consider restricting the use of BDF fonts to minimize the risk of exploitation.

Correção

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119

Identificadores relacionados

BDU:2015-09722

CVE-2012-5670

OPENSUSE-SU-2024:10172-1

OPENSUSE-SU-2024:10438-1

Produtos afetados

Freetype

PT-2013-1224 · Freetype · Freetype

CVE-2012-5670

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 74