Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-edag-8pt8-jqdw
Vulnerability ID VCID-edag-8pt8-jqdw
Aliases CVE-2012-1137
Summary Multiple vulnerabilities have been found in FreeType, allowing remote attackers to possibly execute arbitrary code or cause Denial of Service.
Status Published
Exploitability 0.5
Weighted Severity 9.0
Risk 4.5
Affected and Fixed Packages Package Details
Weaknesses (2)
CWE-122 Heap-based Buffer Overflow
CWE-125 Out-of-bounds Read
System Score Found at
epss 0.02967 https://api.first.org/data/v1/epss?cve=CVE-2012-1137
epss 0.02967 https://api.first.org/data/v1/epss?cve=CVE-2012-1137
epss 0.02967 https://api.first.org/data/v1/epss?cve=CVE-2012-1137
epss 0.02967 https://api.first.org/data/v1/epss?cve=CVE-2012-1137
epss 0.02967 https://api.first.org/data/v1/epss?cve=CVE-2012-1137
epss 0.02967 https://api.first.org/data/v1/epss?cve=CVE-2012-1137
epss 0.02967 https://api.first.org/data/v1/epss?cve=CVE-2012-1137
epss 0.02967 https://api.first.org/data/v1/epss?cve=CVE-2012-1137
epss 0.02967 https://api.first.org/data/v1/epss?cve=CVE-2012-1137
epss 0.02967 https://api.first.org/data/v1/epss?cve=CVE-2012-1137
generic_textual critical https://www.mozilla.org/en-US/security/advisories/mfsa2012-21
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1137.json
https://api.first.org/data/v1/epss?cve=CVE-2012-1137
662864 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662864
800595 https://bugzilla.redhat.com/show_bug.cgi?id=800595
CVE-2012-1137 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1137
GLSA-201204-04 https://security.gentoo.org/glsa/201204-04
mfsa2012-21 https://www.mozilla.org/en-US/security/advisories/mfsa2012-21
RHSA-2012:0467 https://access.redhat.com/errata/RHSA-2012:0467
USN-1403-1 https://usn.ubuntu.com/1403-1/
No exploits are available.
Exploit Prediction Scoring System (EPSS)
Percentile 0.86433
EPSS Score 0.02967
Published At April 1, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T12:58:38.586026+00:00 Gentoo Importer Import https://security.gentoo.org/glsa/201204-04 38.0.0