Lucene search
AmazonALAS-2012-066HistoryApr 30, 2012 - 2:46 p.m.
Important: freetype
2012-04-3014:46:00
alas.aws.amazon.com
10
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.244 Low
EPSS
Percentile
96.6%
Issue Overview:
Multiple flaws were found in the way FreeType handled fonts in various formats. If a specially-crafted font file was loaded by an application linked against FreeType, it could cause the application to crash.
Affected Packages:
freetype
Issue Correction:
Run yum update freetype to update your system.
New Packages:
i686:
freetype-2.3.11-6.12.amzn1.i686
freetype-demos-2.3.11-6.12.amzn1.i686
freetype-devel-2.3.11-6.12.amzn1.i686
freetype-debuginfo-2.3.11-6.12.amzn1.i686
src:
freetype-2.3.11-6.12.amzn1.src
x86_64:
freetype-demos-2.3.11-6.12.amzn1.x86_64
freetype-debuginfo-2.3.11-6.12.amzn1.x86_64
freetype-devel-2.3.11-6.12.amzn1.x86_64
freetype-2.3.11-6.12.amzn1.x86_64
Additional References
Red Hat: CVE-2012-1126, CVE-2012-1134
Mitre: CVE-2012-1126, CVE-2012-1134
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Amazon Linux | 1 | i686 | freetype | < 2.3.11-6.12.amzn1 | freetype-2.3.11-6.12.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | freetype-demos | < 2.3.11-6.12.amzn1 | freetype-demos-2.3.11-6.12.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | freetype-devel | < 2.3.11-6.12.amzn1 | freetype-devel-2.3.11-6.12.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | freetype-debuginfo | < 2.3.11-6.12.amzn1 | freetype-debuginfo-2.3.11-6.12.amzn1.i686.rpm |
| Amazon Linux | 1 | x86_64 | freetype-demos | < 2.3.11-6.12.amzn1 | freetype-demos-2.3.11-6.12.amzn1.x86_64.rpm |
| Amazon Linux | 1 | x86_64 | freetype-debuginfo | < 2.3.11-6.12.amzn1 | freetype-debuginfo-2.3.11-6.12.amzn1.x86_64.rpm |
| Amazon Linux | 1 | x86_64 | freetype-devel | < 2.3.11-6.12.amzn1 | freetype-devel-2.3.11-6.12.amzn1.x86_64.rpm |
| Amazon Linux | 1 | x86_64 | freetype | < 2.3.11-6.12.amzn1 | freetype-2.3.11-6.12.amzn1.x86_64.rpm |
Related
openvas
openvas
Amazon Linux: Security Advisory (ALAS-2012-66)
2015-09-08 00:00:00
Slackware Advisory SSA:2012-176-01 freetype
2012-09-10 00:00:00
Slackware: Security Advisory (SSA:2012-176-01)
2012-09-10 00:00:00
nessus
nessus
Amazon Linux AMI : freetype (ALAS-2012-66)
2013-09-04 00:00:00
Debian DSA-2428-1 : freetype - several vulnerabilities
2012-03-09 00:00:00
Oracle Linux 5 / 6 : freetype (ELSA-2012-0467)
2013-07-12 00:00:00
nvd
nvd
CVE-2012-1134
2012-04-25 10:10:18
CVE-2012-1126
2012-04-25 10:10:17
veracode
veracode
Arbitrary Code Execution
2020-04-10 01:09:33
Arbitrary Code Execution
2020-04-10 01:09:31
debiancve
debiancve
CVE-2012-1134
2012-04-25 10:10:18
CVE-2012-1126
2012-04-25 10:10:17
cve
cve
CVE-2012-1134
2012-04-25 10:10:18
CVE-2012-1126
2012-04-25 10:10:17
prion
prion
Heap overflow
2012-04-25 10:10:00
Memory corruption
2012-04-25 10:10:00
ubuntucve
ubuntucve
CVE-2012-1134
2012-03-07 00:00:00
CVE-2012-1126
2012-03-07 00:00:00
cvelist
cvelist
CVE-2012-1134
2012-04-25 10:00:00
CVE-2012-1126
2012-04-25 10:00:00
slackware
slackware
[slackware-security] freetype
2012-06-25 15:27:37
debian
debian
[SECURITY] [DSA 2428-1] freetype security update
2012-03-08 20:48:00
securityvulns
securityvulns
FreeType multiple security vulnerabilitiles
2012-03-09 00:00:00
[SECURITY] [DSA 2428-1] freetype security update
2012-03-09 00:00:00
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2012-05-09 00:00:00
oraclelinux
oraclelinux
freetype security update
2012-04-10 00:00:00
centos
centos
freetype security update
2012-04-10 21:09:43
redhat
redhat
(RHSA-2012:0467) Important: freetype security update
2012-04-10 00:00:00
suse
suse
Security update for freetype2 (important)
2012-04-18 18:08:39
Security update for freetype2 (important)
2012-04-11 20:08:18
Security update for freetype2 (important)
2012-04-23 15:08:12
ubuntu
ubuntu
FreeType vulnerabilities
2012-03-23 00:00:00
freebsd
freebsd
freetype -- multiple vulnerabilities
2012-03-08 00:00:00
mozilla -- multiple vulnerabilities
2012-04-24 00:00:00
gentoo
gentoo
FreeType: Multiple vulnerabilities
2012-04-17 00:00:00
mozilla
mozilla
Multiple security flaws fixed in FreeType v2.4.9 — Mozilla
2012-04-24 00:00:00
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.244 Low
EPSS
Percentile
96.6%
Related for ALAS-2012-066