CVE-2012-5669

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2012-5669 at MITRE

Description

The _bdf_parse_glyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to BDF fonts and an incorrect calculation that triggers an out-of-bounds read.

SUSE information

CVSS v2 Scores
  National Vulnerability Database
Base Score 4.30
Vector AV:N/AC:M/Au:N/C:N/I:N/A:P
Access Vector Network
Access Complexity Medium
Authentication None
Confidentiality Impact None
Integrity Impact None
Availability Impact Partial
SUSE Bugzilla entry: 795826 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Desktop 11 SP2
  • freetype2 >= 2.3.7-25.32.1
  • freetype2-32bit >= 2.3.7-25.32.1
  • freetype2-devel >= 2.3.7-25.32.1
  • ft2demos >= 2.3.7-25.32.1
Patchnames:
sledsp2-freetype2
SUSE Linux Enterprise Server 11 SP2
  • freetype2 >= 2.3.7-25.32.1
  • freetype2-32bit >= 2.3.7-25.32.1
  • freetype2-x86 >= 2.3.7-25.32.1
  • ft2demos >= 2.3.7-25.32.1
Patchnames:
slessp2-freetype2
SUSE Linux Enterprise Server for VMWare 11 SP2
  • freetype2 >= 2.3.7-25.32.1
  • freetype2-32bit >= 2.3.7-25.32.1
  • freetype2-x86 >= 2.3.7-25.32.1
  • ft2demos >= 2.3.7-25.32.1
Patchnames:
slessp2-freetype2
SUSE Linux Enterprise Software Development Kit 11 SP2
  • freetype2-devel >= 2.3.7-25.32.1
  • freetype2-devel-32bit >= 2.3.7-25.32.1
Patchnames:
sdksp2-freetype2
SUSE Linux Enterprise Software Development Kit 11 SP2
  • freetype2-devel >= 2.3.7-25.32.1
Builds
SAT Patch Nr: 7232
SUSE Linux Enterprise Software Development Kit 11 SP2
  • freetype2-devel >= 2.3.7-25.32.1
  • freetype2-devel-32bit >= 2.3.7-25.32.1
Builds
SAT Patch Nr: 7232
SUSE Linux Enterprise Desktop 11 SP2
  • freetype2 >= 2.3.7-25.32.1
  • freetype2-devel >= 2.3.7-25.32.1
  • ft2demos >= 2.3.7-25.32.1
Builds
SAT Patch Nr: 7232
SUSE Linux Enterprise Desktop 11 SP2
  • freetype2 >= 2.3.7-25.32.1
  • freetype2-32bit >= 2.3.7-25.32.1
  • freetype2-devel >= 2.3.7-25.32.1
  • ft2demos >= 2.3.7-25.32.1
Builds
SAT Patch Nr: 7232
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 11 SP2 for VMware
  • freetype2 >= 2.3.7-25.32.1
  • ft2demos >= 2.3.7-25.32.1
Builds
SAT Patch Nr: 7232
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 11 SP2 for VMware
  • freetype2 >= 2.3.7-25.32.1
  • freetype2-32bit >= 2.3.7-25.32.1
  • ft2demos >= 2.3.7-25.32.1
Builds
SAT Patch Nr: 7232
SUSE Linux Enterprise Server 11 SP2
  • freetype2 >= 2.3.7-25.32.1
  • freetype2-x86 >= 2.3.7-25.32.1
  • ft2demos >= 2.3.7-25.32.1
Builds
SAT Patch Nr: 7232
openSUSE Evergreen 11.4
  • freetype2 >= 2.4.4-7.27.1
  • freetype2-debugsource >= 2.4.4-7.27.1
  • freetype2-devel >= 2.4.4-7.27.1
  • freetype2-devel-32bit >= 2.4.4-7.27.1
  • libfreetype6 >= 2.4.4-7.27.1
  • libfreetype6-32bit >= 2.4.4-7.27.1
  • libfreetype6-debuginfo >= 2.4.4-7.27.1
  • libfreetype6-debuginfo-32bit >= 2.4.4-7.27.1
  • libfreetype6-debuginfo-x86 >= 2.4.4-7.27.1
  • libfreetype6-x86 >= 2.4.4-7.27.1
Patchnames:
2013-12