REDHAT-BUG-800606: Divide by Zero
First published: Tue Mar 06 2012(Updated: )
An integer divide by zero was found in the way FreeType font rendering engine performed arithmetic computations for certain fonts. A remote attacker could provide a specially-crafted font file, which once opened in an application linked against FreeType would lead to that application crash. Upstream bug report: [1] <a href="https://savannah.nongnu.org/bugs/?35660">https://savannah.nongnu.org/bugs/?35660</a> Upstream patch: [2] <a href="http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=ba67957d5ead443f4b6b31805d6e780d54361ca4">http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=ba67957d5ead443f4b6b31805d6e780d54361ca4</a> Acknowledgements: Red Hat would like to thank Mateusz Jurczyk of the Google Security Team for reporting this issue.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| FreeType |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://savannah.nongnu.org/bugs/?35660
- http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=ba67957d5ead443f4b6b31805d6e780d54361ca4
- http://www.openwall.com/lists/oss-security/2012/03/06/16
- https://rhn.redhat.com/errata/RHSA-2012-0467.html
- https://bugzilla.redhat.com/show_bug.cgi?id=800606
- collector/redhat-bugzilla
- alias/CVE-2012-1143
- agent/last-modified-date
- agent/type
- agent/first-publish-date
- agent/event
- agent/description
- agent/severity
- agent/references
- agent/weakness
- agent/tags
- agent/softwarecombine
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/freetype
- canonical/freetype