1
PublicDateAtUSN: 2012-03-07
2
Candidate: CVE-2012-1140
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1140
6
https://usn.ubuntu.com/usn/usn-1403-1
8
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and
9
other products, allows remote attackers to cause a denial of service
10
(invalid heap read operation and memory corruption) or possibly execute
11
arbitrary code via a crafted PostScript font object.
15
https://savannah.nongnu.org/bugs/?35657
16
https://bugzilla.redhat.com/show_bug.cgi?id=800600
18
Discovered-by: Mateusz Jurczyk
22
upstream: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=292144b44a15c1a72f2ef76475d65b7a3a3fba67
23
upstream_freetype: released (2.4.9)
24
hardy_freetype: released (2.3.5-1ubuntu4.8.04.9)
25
lucid_freetype: released (2.3.11-1ubuntu2.6)
26
maverick_freetype: released (2.4.2-2ubuntu0.4)
27
natty_freetype: released (2.4.4-1ubuntu2.3)
28
oneiric_freetype: released (2.4.4-2ubuntu1.2)
29
devel_freetype: released (2.4.8-1ubuntu1)