Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-75xz-zpmu-1ugk
Vulnerability ID VCID-75xz-zpmu-1ugk
Aliases CVE-2012-5669
Summary The _bdf_parse_glyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to BDF fonts and an incorrect calculation that triggers an out-of-bounds read.
Status Published
Exploitability 0.5
Weighted Severity 0.0
Risk None
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.01687 https://api.first.org/data/v1/epss?cve=CVE-2012-5669
epss 0.01687 https://api.first.org/data/v1/epss?cve=CVE-2012-5669
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5669.json
https://api.first.org/data/v1/epss?cve=CVE-2012-5669
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5669
696691 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=696691
890088 https://bugzilla.redhat.com/show_bug.cgi?id=890088
GLSA-201402-16 https://security.gentoo.org/glsa/201402-16
RHSA-2013:0216 https://access.redhat.com/errata/RHSA-2013:0216
USN-1686-1 https://usn.ubuntu.com/1686-1/
No exploits are available.
There are no known vectors.
Exploit Prediction Scoring System (EPSS)
Percentile 0.82557
EPSS Score 0.01687
Published At June 4, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-06-04T16:37:32.901466+00:00 Debian Importer Import https://security-tracker.debian.org/tracker/data/json 38.6.0