Heap Memory Vulnerability in FreeType Used by Mozilla Firefox Mobile and Other Products
CVE-2012-1132

Currently unrated

Key Information:

Vendor: Freetype
Status: Freetype; Firefox Mobile
Vendor: CVE Published:; 25 April 2012

What is CVE-2012-1132?

The vulnerability in FreeType allows remote attackers to exploit crafted dictionary data in a Type 1 font to cause a denial of service via invalid heap read operations and potential memory corruption. This can lead to unexpected behavior and may enable attackers to execute arbitrary code, impacting the security and stability of affected applications.

References

http://secunia.com/advisories/48797

third-party-advisoryx_refsource_SECUNIA

http://secunia.com/advisories/48508

third-party-advisoryx_refsource_SECUNIA

http://secunia.com/advisories/48822

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Apr 25, 2012
Vulnerability Reserved
Feb 14, 2012

Freetype

What is CVE-2012-1132?

References

Timeline