What is the severity of CVE-2012-1141?

CVE-2012-1141 is considered to have a medium severity due to the potential for remote code execution through crafted BDF files.

How do I fix CVE-2012-1141?

To fix CVE-2012-1141, update FreeType to version 2.4.9 or later, which addresses the vulnerability.

Which versions of FreeType are affected by CVE-2012-1141?

Versions of FreeType before 2.4.9 and including 1.3.1 to 2.4.7 are affected by CVE-2012-1141.

Can CVE-2012-1141 be exploited remotely?

Yes, CVE-2012-1141 can be exploited remotely if a user opens a maliciously crafted BDF file.

What kind of attacks can CVE-2012-1141 facilitate?

CVE-2012-1141 can facilitate attacks leading to buffer overflow, which may result in arbitrary code execution.

Vulnerability/
CVE-2012-1141

critical

9.3

CWE

119

6/3/2012

25/4/2012

11/5/2023

CVE-2012-1141: Buffer Overflow

First published: Tue Mar 06 2012(Updated: )

An out-of heap-based buffer read flaw was found in the way FreeType font rendering engine performed conversion of ASCII string objects, contained within glyph bitmap distribution format (BDF) font file, into signed short integers. A remote attacker could provide a specially-crafted BDF file, which once processed by an application linked against FreeType would lead to that application crash. Upstream bug report: [1] <a href="https://savannah.nongnu.org/bugs/?35658">https://savannah.nongnu.org/bugs/?35658</a> Upstream patch: [2] <a href="http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=d9c1659610f9cd5e103790cb5963483d65cf0d2d">http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=d9c1659610f9cd5e103790cb5963483d65cf0d2d</a> Acknowledgements: Red Hat would like to thank Mateusz Jurczyk of the Google Security Team for reporting this issue.

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
FreeType	<=2.4.8
FreeType	=1.3.1
FreeType	=2.0.0
FreeType	=2.0.1
FreeType	=2.0.2
FreeType	=2.0.3
FreeType	=2.0.4
FreeType	=2.0.5
FreeType	=2.0.6
FreeType	=2.0.7
FreeType	=2.0.8
FreeType	=2.0.9
FreeType	=2.1
FreeType	=2.1.3
FreeType	=2.1.4
FreeType	=2.1.5
FreeType	=2.1.6
FreeType	=2.1.7
FreeType	=2.1.8
FreeType	=2.1.8-rc1
FreeType	=2.1.9
FreeType	=2.1.10
FreeType	=2.2.0
FreeType	=2.2.1
FreeType	=2.3.0
FreeType	=2.3.1
FreeType	=2.3.2
FreeType	=2.3.3
FreeType	=2.3.4
FreeType	=2.3.5
FreeType	=2.3.6
FreeType	=2.3.7
FreeType	=2.3.8
FreeType	=2.3.9
FreeType	=2.3.10
FreeType	=2.3.11
FreeType	=2.3.12
FreeType	=2.4.0
FreeType	=2.4.1
FreeType	=2.4.2
FreeType	=2.4.3
FreeType	=2.4.4
FreeType	=2.4.5
FreeType	=2.4.6
FreeType	=2.4.7
Mozilla Firefox	<=10.0.3
Mozilla Firefox	=1.0
Mozilla Firefox	=4.0
Mozilla Firefox	=4.0-beta1
Mozilla Firefox	=4.0-beta2
Mozilla Firefox	=4.0-beta3
Mozilla Firefox	=4.0-beta4
Mozilla Firefox	=5.0
Mozilla Firefox	=6.0
Mozilla Firefox	=6.0.1
Mozilla Firefox	=6.0.2
Mozilla Firefox	=7.0
Mozilla Firefox	=8.0
Mozilla Firefox	=9.0
Mozilla Firefox	=10.0
Mozilla Firefox	=10.0.1
Mozilla Firefox	=10.0.2

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2012-1141?
CVE-2012-1141 is considered to have a medium severity due to the potential for remote code execution through crafted BDF files.
How do I fix CVE-2012-1141?
To fix CVE-2012-1141, update FreeType to version 2.4.9 or later, which addresses the vulnerability.
Which versions of FreeType are affected by CVE-2012-1141?
Versions of FreeType before 2.4.9 and including 1.3.1 to 2.4.7 are affected by CVE-2012-1141.
Can CVE-2012-1141 be exploited remotely?
Yes, CVE-2012-1141 can be exploited remotely if a user opens a maliciously crafted BDF file.
What kind of attacks can CVE-2012-1141 facilitate?
CVE-2012-1141 can facilitate attacks leading to buffer overflow, which may result in arbitrary code execution.

collector/redhat-bugzilla
alias/CVE-2012-1141
agent/type
agent/last-modified-date
agent/first-publish-date
agent/event
agent/severity
agent/weakness
agent/references
agent/author
agent/description
agent/tags
agent/softwarecombine
collector/nvd-index
agent/software-canonical-lookup-request
vendor/freetype
canonical/freetype
version/freetype/2.4.8
version/freetype/1.3.1
version/freetype/2.0.0
version/freetype/2.0.1
version/freetype/2.0.2
version/freetype/2.0.3
version/freetype/2.0.4
version/freetype/2.0.5
version/freetype/2.0.6
version/freetype/2.0.7
version/freetype/2.0.8
version/freetype/2.0.9
version/freetype/2.1
version/freetype/2.1.3
version/freetype/2.1.4
version/freetype/2.1.5
version/freetype/2.1.6
version/freetype/2.1.7
version/freetype/2.1.8
version/freetype/2.1.8-rc1
version/freetype/2.1.9
version/freetype/2.1.10
version/freetype/2.2.0
version/freetype/2.2.1
version/freetype/2.3.0
version/freetype/2.3.1
version/freetype/2.3.2
version/freetype/2.3.3
version/freetype/2.3.4
version/freetype/2.3.5
version/freetype/2.3.6
version/freetype/2.3.7
version/freetype/2.3.8
version/freetype/2.3.9
version/freetype/2.3.10
version/freetype/2.3.11
version/freetype/2.3.12
version/freetype/2.4.0
version/freetype/2.4.1
version/freetype/2.4.2
version/freetype/2.4.3
version/freetype/2.4.4
version/freetype/2.4.5
version/freetype/2.4.6
version/freetype/2.4.7
vendor/mozilla
canonical/mozilla firefox
version/mozilla firefox/10.0.3
version/mozilla firefox/1.0
version/mozilla firefox/4.0
version/mozilla firefox/4.0-beta1
version/mozilla firefox/4.0-beta2
version/mozilla firefox/4.0-beta3
version/mozilla firefox/4.0-beta4
version/mozilla firefox/5.0
version/mozilla firefox/6.0
version/mozilla firefox/6.0.1
version/mozilla firefox/6.0.2
version/mozilla firefox/7.0
version/mozilla firefox/8.0
version/mozilla firefox/9.0
version/mozilla firefox/10.0
version/mozilla firefox/10.0.1
version/mozilla firefox/10.0.2