[Bug 800589] CVE-2012-1131 freetype: incorrect type cast allowing input sanity check bypass in ft_smooth_render_generic() (#35604)

bugzilla at redhat.com bugzilla at redhat.com
Thu Mar 22 17:23:29 UTC 2012

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.


Tomas Hoger <thoger at redhat.com> changed:

           What    |Removed                     |Added
            Summary|CVE-2012-1131 freetype      |CVE-2012-1131 freetype:
                   |(64-bit specific): Out-of   |incorrect type cast
                   |heap-based buffer read by   |allowing input sanity check
                   |attempt to record current   |bypass in
                   |cell into the cell table    |ft_smooth_render_generic()
                   |(FU#35604)                  |(#35604)
  Status Whiteboard|impact=low,public=20120226, |impact=low,public=20120226,
                   |reported=20120302,source=go |reported=20120302,source=go
                   |ogle,cvss2=4.3/AV:N/AC:M/Au |ogle,cvss2=4.3/AV:N/AC:M/Au
                   |:N/C:N/I:N/A:P,rhel-5/freet |:N/C:N/I:N/A:P,rhel-5/freet
                   |ype=notaffected,rhel-6/free |ype=affected,rhel-6/freetyp
                   |type=notaffected,fedora-15/ |e=affected,fedora-all/freet
                   |freetype=notaffected,fedora |ype=affected,fedora-all/min
                   |-16/freetype=affected       |gw32-freetype=affected

Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

More information about the fonts-bugs mailing list