9.3

CVE-2011-0226

Integer signedness error in psaux/t1decode.c in FreeType before 2.4.6, as used in CoreGraphics in Apple iOS before 4.2.9 and 4.3.x before 4.3.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Type 1 font in a PDF document, as exploited in the wild in July 2011.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
FreetypeFreetype Version <= 2.4.5
FreetypeFreetype Version2.2.1
FreetypeFreetype Version2.2.10
FreetypeFreetype Version2.3.0
FreetypeFreetype Version2.3.1
FreetypeFreetype Version2.3.2
FreetypeFreetype Version2.3.3
FreetypeFreetype Version2.3.4
FreetypeFreetype Version2.3.5
FreetypeFreetype Version2.3.6
FreetypeFreetype Version2.3.7
FreetypeFreetype Version2.3.8
FreetypeFreetype Version2.3.9
FreetypeFreetype Version2.3.10
FreetypeFreetype Version2.3.11
FreetypeFreetype Version2.3.12
FreetypeFreetype Version2.4.0
FreetypeFreetype Version2.4.1
FreetypeFreetype Version2.4.2
FreetypeFreetype Version2.4.3
FreetypeFreetype Version2.4.4
AppleiPhone OS Version <= 4.2.8
AppleiPhone OS Version1.0.0
AppleiPhone OS Version1.0.1
AppleiPhone OS Version1.0.2
AppleiPhone OS Version1.1.0
AppleiPhone OS Version1.1.1
AppleiPhone OS Version1.1.2
AppleiPhone OS Version1.1.3
AppleiPhone OS Version1.1.4
AppleiPhone OS Version1.1.5
AppleiPhone OS Version2.0
AppleiPhone OS Version2.0.0
AppleiPhone OS Version2.0.1
AppleiPhone OS Version2.0.2
AppleiPhone OS Version2.1
AppleiPhone OS Version2.1.1
AppleiPhone OS Version2.2
AppleiPhone OS Version2.2.1
AppleiPhone OS Version3.0
AppleiPhone OS Version3.0.1
AppleiPhone OS Version3.1
AppleiPhone OS Version3.1.2
AppleiPhone OS Version3.1.3
AppleiPhone OS Version3.2
AppleiPhone OS Version3.2.1
AppleiPhone OS Version3.2.2
AppleiPhone OS Version4.0
AppleiPhone OS Version4.0.1
AppleiPhone OS Version4.0.2
AppleiPhone OS Version4.1
AppleiPhone OS Version4.2
AppleiPhone OS Version4.2.1
AppleiPhone OS Version4.2.5
AppleiPhone OS Version4.3.0
AppleiPhone OS Version4.3.1
AppleiPhone OS Version4.3.2
AppleiPhone OS Version4.3.3
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 8.45% 0.919
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C