You are here

CVE-2012-5670

Vincent (CVE) Danen's picture
The _bdf_parse_glyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) via vectors related to BDF fonts and an ENCODING field with a negative value.

Details Source

Mitre

Statement

Not Vulnerable. This issue did not affect the version of freetype as shipped with Red Hat Enterprise Linux 5 and 6.

Public Date

2012-12-15 00:00:00

Impact

Important

Bugzilla

CVE-2012-5670 freetype: Out-of-bounds write in _bdf_parse_glyphs() (#37907)

Bugzilla ID

890 094

CVSS Status

draft

Base Score

6.80

Base Metrics

AV:N/AC:M/Au:N/C:P/I:P/A:P

External References

http://seclists.org/oss-sec/2012/q4/511

Affected Packages State

Platform Package State
Red Hat Enterprise Linux 6 freetype Not affected
Red Hat Enterprise Linux 5 freetype Not affected