#VU32807 Buffer overflow in FreeType - CVE-2012-1126

Cybersecurity Help s.r.o.

Published: 2012-04-25 | Updated: 2020-07-28

Vulnerability identifier: #VU32807

Vulnerability risk: High

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2012-1126

CWE-ID: CWE-119

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
FreeType
Universal components / Libraries / Libraries used by multiple products

Vendor: freetype.org

Description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted property data in a BDF font.

Mitigation
Install update from vendor's website.

Vulnerable software versions

FreeType: 2.4.0 - 2.4.8

External links
https://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html
https://lists.opensuse.org/opensuse-security-announce/2012-04/msg00002.html
https://lists.opensuse.org/opensuse-security-announce/2012-04/msg00003.html
https://lists.opensuse.org/opensuse-security-announce/2012-04/msg00004.html
https://lists.opensuse.org/opensuse-security-announce/2012-04/msg00015.html
https://rhn.redhat.com/errata/RHSA-2012-0467.html
https://secunia.com/advisories/48508
https://secunia.com/advisories/48758
https://secunia.com/advisories/48797
https://secunia.com/advisories/48822
https://secunia.com/advisories/48918
https://secunia.com/advisories/48951
https://secunia.com/advisories/48973
https://security.gentoo.org/glsa/glsa-201204-04.xml
https://support.apple.com/kb/HT5503
https://www.mandriva.com/security/advisories?name=MDVSA-2012:057
https://www.mozilla.org/security/announce/2012/mfsa2012-21.html
https://www.openwall.com/lists/oss-security/2012/03/06/16
https://www.securityfocus.com/bid/52318
https://www.securitytracker.com/id?1026765
https://www.ubuntu.com/usn/USN-1403-1
https://bugzilla.mozilla.org/show_bug.cgi?id=733512
https://bugzilla.redhat.com/show_bug.cgi?id=800581

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Buffer overflow in freetype (Alpine package)

Buffer overflow in FreeType