U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:mozilla:firefox_mobile:10.0.2:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 20 matching records.
Displaying matches 1 through 20.
Vuln ID Summary CVSS Severity
CVE-2012-3979

Mozilla Firefox before 15.0 on Android does not properly implement unspecified callers of the __android_log_print function, which allows remote attackers to execute arbitrary code via a crafted web page that calls the JavaScript dump function.

Published: August 29, 2012; 6:56:41 AM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2012-1144

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via a crafted TrueType font.

Published: April 25, 2012; 6:10:18 AM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2012-1143

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted font.

Published: April 25, 2012; 6:10:18 AM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2012-1142

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph-outline data in a font.

Published: April 25, 2012; 6:10:18 AM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2012-1141

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted ASCII string in a BDF font.

Published: April 25, 2012; 6:10:18 AM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2012-1140

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted PostScript font object.

Published: April 25, 2012; 6:10:18 AM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2012-1139

Array index error in FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid stack read operation and memory corruption) or possibly execute arbitrary code via crafted glyph data in a BDF font.

Published: April 25, 2012; 6:10:18 AM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2012-1138

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors involving the MIRP instruction in a TrueType font.

Published: April 25, 2012; 6:10:18 AM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2012-1137

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted header in a BDF font.

Published: April 25, 2012; 6:10:18 AM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2012-1136

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font that lacks an ENCODING field.

Published: April 25, 2012; 6:10:18 AM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2012-1135

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors involving the NPUSHB and NPUSHW instructions in a TrueType font.

Published: April 25, 2012; 6:10:18 AM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2012-1134

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted private-dictionary data in a Type 1 font.

Published: April 25, 2012; 6:10:18 AM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2012-1133

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font.

Published: April 25, 2012; 6:10:18 AM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2012-1132

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted dictionary data in a Type 1 font.

Published: April 25, 2012; 6:10:18 AM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2012-1131

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, on 64-bit platforms allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors related to the cell table of a font.

Published: April 25, 2012; 6:10:18 AM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2012-1130

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted property data in a PCF font.

Published: April 25, 2012; 6:10:18 AM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2012-1129

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted SFNT string in a Type 42 font.

Published: April 25, 2012; 6:10:18 AM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2012-1128

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and memory corruption) or possibly execute arbitrary code via a crafted TrueType font.

Published: April 25, 2012; 6:10:18 AM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2012-1127

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font.

Published: April 25, 2012; 6:10:17 AM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2012-1126

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted property data in a BDF font.

Published: April 25, 2012; 6:10:17 AM -0400
V3.x:(not available)
V2.0: 10.0 HIGH