REDHAT-BUG-800602
First published: Tue Mar 06 2012(Updated: )
An out-of heap-based buffer read flaw was found in the way FreeType font rendering engine performed conversion of ASCII string objects, contained within glyph bitmap distribution format (BDF) font file, into signed short integers. A remote attacker could provide a specially-crafted BDF file, which once processed by an application linked against FreeType would lead to that application crash. Upstream bug report: [1] <a href="https://savannah.nongnu.org/bugs/?35658">https://savannah.nongnu.org/bugs/?35658</a> Upstream patch: [2] <a href="http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=d9c1659610f9cd5e103790cb5963483d65cf0d2d">http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=d9c1659610f9cd5e103790cb5963483d65cf0d2d</a> Acknowledgements: Red Hat would like to thank Mateusz Jurczyk of the Google Security Team for reporting this issue.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| FreeType |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://savannah.nongnu.org/bugs/?35658
- http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=d9c1659610f9cd5e103790cb5963483d65cf0d2d
- http://www.openwall.com/lists/oss-security/2012/03/06/16
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=800602#c0
- http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=649c673a8fc1795536c5b9a48503568d9e2a75c6
- https://rhn.redhat.com/errata/RHSA-2012-0467.html
- https://bugzilla.redhat.com/show_bug.cgi?id=800602
- collector/redhat-bugzilla
- alias/CVE-2012-1141
- agent/last-modified-date
- agent/type
- agent/first-publish-date
- agent/severity
- agent/references
- agent/description
- agent/event
- agent/tags
- agent/softwarecombine
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/freetype
- canonical/freetype