ΠΠΏΠΈΡΠ°Π½ΠΈΠ΅
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted private-dictionary data in a Type 1 font.
| Π Π΅Π»ΠΈΠ· | Π‘ΡΠ°ΡΡΡ | ΠΡΠΈΠΌΠ΅ΡΠ°Π½ΠΈΠ΅ |
|---|---|---|
| devel | released | 2.4.8-1ubuntu1 |
| hardy | released | 2.3.5-1ubuntu4.8.04.9 |
| lucid | released | 2.3.11-1ubuntu2.6 |
| maverick | released | 2.4.2-2ubuntu0.4 |
| natty | released | 2.4.4-1ubuntu2.3 |
| oneiric | released | 2.4.4-2ubuntu1.2 |
| upstream | released | 2.4.9 |
ΠΠΎΠΊΠ°Π·ΡΠ²Π°ΡΡ ΠΏΠΎ
Π‘ΡΡΠ»ΠΊΠΈ Π½Π° ΠΈΡΡΠΎΡΠ½ΠΈΠΊΠΈ
EPSS
9.3 Critical
CVSS2
Π‘Π²ΡΠ·Π°Π½Π½ΡΠ΅ ΡΡΠ·Π²ΠΈΠΌΠΎΡΡΠΈ
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted private-dictionary data in a Type 1 font.
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted private-dictionary data in a Type 1 font.
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 ...
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted private-dictionary data in a Type 1 font.
ELSA-2012-0467: freetype security update (IMPORTANT)
EPSS
9.3 Critical
CVSS2