Denial of Service Vulnerability in FreeType Affects Mozilla Firefox Mobile
CVE-2012-1140

Currently unrated

Key Information:

Vendor

Freetype

Status
Freetype
Firefox Mobile
Vendor
CVE Published:
25 April 2012

What is CVE-2012-1140?

Earlier versions of FreeType, particularly those before 2.4.9, have been identified to allow attackers to exploit a memory handling flaw within Mozilla Firefox Mobile versions prior to 10.0.4. This vulnerability may lead to remote denial of service, enabling the execution of arbitrary code, caused by crafted PostScript font objects which trigger invalid heap read operations and memory corruptions. It underscores the need for proficient font parsing to safeguard against malicious attacks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/48508
third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/48822
third-party-advisoryx_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDVSA-20...
vendor-advisoryx_refsource_MANDRIVA

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.