Denial of Service and Memory Corruption Vulnerability in FreeType Used by Mozilla Firefox Mobile
CVE-2012-1137

Currently unrated

Key Information:

Vendor: Freetype
Status: Freetype; Firefox Mobile
Vendor: CVE Published:; 25 April 2012

What is CVE-2012-1137?

The vulnerability in FreeType prior to version 2.4.9, utilized in Mozilla Firefox Mobile before version 10.0.4, permits remote attackers to exploit specific crafted BDF fonts. This can lead to a denial of service through invalid heap read operations and potential memory corruption, which may allow for arbitrary code execution, compromising system integrity.

References

http://secunia.com/advisories/48797

third-party-advisoryx_refsource_SECUNIA

http://secunia.com/advisories/48508

third-party-advisoryx_refsource_SECUNIA

http://secunia.com/advisories/48822

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Apr 25, 2012
Vulnerability Reserved
Feb 14, 2012

Freetype

What is CVE-2012-1137?

References

Timeline