info
discussion
exploit
solution
references
FreeType Versions Prior to 2.4.9 Multiple Remote Vulnerabilities
References:
Bug 800581 - freetype: Out-of heap-based buffer read by parsing, adding properti
(Red Hat Bugzilla)
Bug 800583 - freetype: Out-of heap-based buffer read by parsing glyph informatio
(Red Hat Bugzilla)
Bug 800584 - freetype: NULL pointer dereference by moving zone2 pointer point fo
(Red Hat Bugzilla)
Bug 800585 - freetype: Out-of heap-based buffer read when parsing certain SFNT s
(Red Hat Bugzilla)
Bug 800587 - freetype: Out-of heap-based buffer read by loading properties of PC
(Red Hat Bugzilla)
Bug 800589 - freetype (64-bit specific): Out-of heap-based buffer read by attemp
(Red Hat Bugzilla)
Bug 800590 - freetype: Out-of heap-based buffer read flaw in Type1 font loader b
(Red Hat Bugzilla)
Bug 800591 - freetype: Out-of heap-based buffer write by parsing BDF glyph infor
(Red Hat Bugzilla)
Bug 800592 - freetype: Out-of heap-based buffer write in Type1 font parser by re
(Red Hat Bugzilla)
Bug 800593 - freetype: Out-of heap-based buffer read in TrueType bytecode interp
(Red Hat Bugzilla)
Bug 800594 - freetype: Out-of heap-based buffer write by parsing BDF glyph and b
(Red Hat Bugzilla)
Bug 800595 - freetype: Out-of heap-based buffer read by parsing BDF font header
(Red Hat Bugzilla)
Bug 800597 - freetype: Out-of heap-based buffer read in the TrueType bytecode in
(Red Hat Bugzilla)
Bug 800598 - freetype: Array index error, leading to out-of stack based buffer r
(Red Hat Bugzilla)
Bug 800600 - freetype: Out-of heap-based buffer read by conversion of PostScript
(Red Hat Bugzilla)
Bug 800602 - freetype: Out-of heap-based buffer read flaw by conversion of an AS
(Red Hat Bugzilla)
Bug 800604 - freetype: Out-of heap-based buffer write by retrieval of advance va
(Red Hat Bugzilla)
Bug 800606 - freetype: Integer divide by zero by performing arithmetic computati
(Red Hat Bugzilla)
Bug 800607 - freetype: Out-of heap-based buffer write in the TrueType bytecode i
(Red Hat Bugzilla)
CVE Request -- FreeType: Multiple security flaws to be fixed in v2.4.9
(Jan Lieskovsky)
FreeType Homepage
(FreeType)
ASA-2012-202 freetype security update (RHSA-2012-0467)
(Avaya)
Mozilla Foundation Security Advisory 2012-21
(Mozilla)
Privacy Statement
Copyright 2010, SecurityFocus