[Bug 800600] CVE-2012-1140 freetype: multiple buffer over-read in PS parser conversion functions (#35657)

bugzilla at redhat.com bugzilla at redhat.com
Mon Mar 19 10:57:35 UTC 2012

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.


Tomas Hoger <thoger at redhat.com> changed:

           What    |Removed                     |Added
            Summary|CVE-2012-1140 freetype:     |CVE-2012-1140 freetype:
                   |Out-of heap-based buffer    |multiple buffer over-read
                   |read by conversion of       |in PS parser conversion
                   |PostScript font objects     |functions (#35657)
                   |(FU#35657)                  |
  Status Whiteboard|impact=low,public=20120228, |impact=low,public=20120228,
                   |reported=20120302,source=go |reported=20120302,source=se
                   |ogle,cvss2=4.3/AV:N/AC:M/Au |calert,cvss2=4.3/AV:N/AC:M/
                   |:N/C:N/I:N/A:P,rhel-5/freet |Au:N/C:N/I:N/A:P,rhel-5/fre
                   |ype=affected,rhel-6/freetyp |etype=affected,rhel-6/freet
                   |e=affected,fedora-all/freet |ype=affected,fedora-all/fre
                   |ype=affected                |etype=affected,fedora-all/m
                   |                            |ingw32-freetype=affected

Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

More information about the fonts-bugs mailing list