CVE-2012-5669
Published: 31 December 2012
The _bdf_parse_glyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to BDF fonts and an incorrect calculation that triggers an out-of-bounds read.
Priority
Status
Package | Release | Status |
---|---|---|
freetype Launchpad, Ubuntu, Debian |
hardy |
Released
(2.3.5-1ubuntu4.8.04.10)
|
lucid |
Released
(2.3.11-1ubuntu2.7)
|
|
oneiric |
Released
(2.4.4-2ubuntu1.3)
|
|
precise |
Released
(2.4.8-1ubuntu2.1)
|
|
quantal |
Released
(2.4.10-0ubuntu1.1)
|
|
upstream |
Released
(2.4.11)
|
|
Patches: upstream: http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=07bdb6e289c7954e2a533039dc93c1c136099d2d |