Mozilla » Firefox Mobile : Security Vulnerabilities, CVEs, Published In 2012 (Denial of service)
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via a crafted TrueType font.
Max CVSS
9.3
EPSS Score
5.24%
Published
2012-04-25
Updated
2023-02-13
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted font.
Max CVSS
4.3
EPSS Score
5.28%
Published
2012-04-25
Updated
2023-02-13
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph-outline data in a font.
Max CVSS
9.3
EPSS Score
5.49%
Published
2012-04-25
Updated
2023-02-13
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted ASCII string in a BDF font.
Max CVSS
9.3
EPSS Score
5.24%
Published
2012-04-25
Updated
2023-02-13
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted PostScript font object.
Max CVSS
9.3
EPSS Score
4.73%
Published
2012-04-25
Updated
2023-02-13
Array index error in FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid stack read operation and memory corruption) or possibly execute arbitrary code via crafted glyph data in a BDF font.
Max CVSS
9.3
EPSS Score
5.24%
Published
2012-04-25
Updated
2023-02-13
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors involving the MIRP instruction in a TrueType font.
Max CVSS
9.3
EPSS Score
5.24%
Published
2012-04-25
Updated
2021-01-26
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted header in a BDF font.
Max CVSS
9.3
EPSS Score
5.24%
Published
2012-04-25
Updated
2023-02-13
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font that lacks an ENCODING field.
Max CVSS
9.3
EPSS Score
5.49%
Published
2012-04-25
Updated
2023-02-13
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors involving the NPUSHB and NPUSHW instructions in a TrueType font.
Max CVSS
9.3
EPSS Score
5.24%
Published
2012-04-25
Updated
2021-01-26
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted private-dictionary data in a Type 1 font.
Max CVSS
9.3
EPSS Score
5.49%
Published
2012-04-25
Updated
2023-02-13
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font.
Max CVSS
9.3
EPSS Score
5.24%
Published
2012-04-25
Updated
2021-01-26
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted dictionary data in a Type 1 font.
Max CVSS
9.3
EPSS Score
5.24%
Published
2012-04-25
Updated
2023-02-13
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, on 64-bit platforms allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors related to the cell table of a font.
Max CVSS
9.3
EPSS Score
5.24%
Published
2012-04-25
Updated
2023-02-13
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted property data in a PCF font.
Max CVSS
9.3
EPSS Score
5.24%
Published
2012-04-25
Updated
2023-02-13
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted SFNT string in a Type 42 font.
Max CVSS
9.3
EPSS Score
5.24%
Published
2012-04-25
Updated
2021-01-26
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and memory corruption) or possibly execute arbitrary code via a crafted TrueType font.
Max CVSS
9.3
EPSS Score
5.14%
Published
2012-04-25
Updated
2021-01-26
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font.
Max CVSS
9.3
EPSS Score
5.24%
Published
2012-04-25
Updated
2023-02-13
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted property data in a BDF font.
Max CVSS
10.0
EPSS Score
24.57%
Published
2012-04-25
Updated
2023-02-13
19 vulnerabilities found