CVE-2012-1137

Name of the Vulnerable Software and Affected Versions freetype versions prior to 2.4.9 libfreetype6 versions prior to 2.4.9 libfreetype6-32bit versions prior to 2.4.9 libfreetype6-debuginfo versions prior to 2.4.9 libfreetype6-debuginfo-32bit versions prior to 2.4.9 libfreetype6-debuginfo-x86 versions prior to 2.4.9 libfreetype6-x86 versions prior to 2.4.9 freetype2-devel versions prior to 2.4.9 freetype2-devel-32bit versions prior to 2.4.9 ft2demos versions prior to 2.4.9 freetype2-debugsource versions prior to 2.4.9

Description The issue is related to multiple vulnerabilities in the freetype package, which can lead to a disruption of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely, potentially causing a denial of service or allowing the execution of arbitrary code via a crafted header in a BDF font.

Recommendations For freetype versions prior to 2.4.9, update to version 2.4.9 or later. For libfreetype6 versions prior to 2.4.9, update to version 2.4.9 or later. For libfreetype6-32bit versions prior to 2.4.9, update to version 2.4.9 or later. For libfreetype6-debuginfo versions prior to 2.4.9, update to version 2.4.9 or later. For libfreetype6-debuginfo-32bit versions prior to 2.4.9, update to version 2.4.9 or later. For libfreetype6-debuginfo-x86 versions prior to 2.4.9, update to version 2.4.9 or later. For libfreetype6-x86 versions prior to 2.4.9, update to version 2.4.9 or later. For freetype2-devel versions prior to 2.4.9, update to version 2.4.9 or later. For freetype2-devel-32bit versions prior to 2.4.9, update to version 2.4.9 or later. For ft2demos versions prior to 2.4.9, update to version 2.4.9 or later. For freetype2-debugsource versions prior to 2.4.9, update to version 2.4.9 or later.