CVE-2011-0226

EPSS 10.65% · P93 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2011-0226

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Integer signedness error in psaux/t1decode.c in FreeType before 2.4.6, as used in CoreGraphics in Apple iOS before 4.2.9 and 4.3.x before 4.3.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Type 1 font in a PDF document, as exploited in the wild in July 2011.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

FreeType psaux/t1decode.c Type 1字体解析漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

FreeType是FreeType团队开发的一个基于C语言的、高质量的且可移植的开源字体引擎库，它可用来将字符栅格化并映射成位图以及提供其他字体相关业务的支持。在Apple iOS 4.2.9之前版本和4.3.4之前的4.3.x版本及其他产品的CoreGraphics中使用的FreeType 2.4.6之前版本中的psaux/t1decode.c中存在整数符号错误漏洞。远程攻击者可借助PDF文档中的特制Type 1字体执行任意代码或导致拒绝服务（内存破坏和应用程序崩溃）。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2011-0226

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2011-0226

Please Login to view more intelligence information

http://support.apple.com/kb/HT5002x_refsource_CONFIRM
http://www.appleinsider.com/articles/11/07/06/hackers_release_new_browser_based_ios_jailbreak_based_on_pdf_exploit.htmlx_refsource_MISC
http://support.apple.com/kb/HT4803x_refsource_CONFIRM
http://support.apple.com/kb/HT4802x_refsource_CONFIRM
http://secunia.com/advisories/45167third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/48619vdb-entryx_refsource_BID
http://secunia.com/advisories/45224third-party-advisoryx_refsource_SECUNIA
http://www.debian.org/security/2011/dsa-2294vendor-advisoryx_refsource_DEBIAN
http://www.mandriva.com/security/advisories?name=MDVSA-2011:120vendor-advisoryx_refsource_MANDRIVA
http://www.redhat.com/support/errata/RHSA-2011-1085.htmlvendor-advisoryx_refsource_REDHAT
http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00016.htmlvendor-advisoryx_refsource_SUSE
http://lists.apple.com/archives/security-announce/2011//Jul/msg00001.htmlvendor-advisoryx_refsource_APPLE
http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00015.htmlvendor-advisoryx_refsource_SUSE
http://lists.apple.com/archives/security-announce/2011//Jul/msg00000.htmlvendor-advisoryx_refsource_APPLE
http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.htmlvendor-advisoryx_refsource_APPLE
http://lists.nongnu.org/archive/html/freetype-devel/2011-07/msg00020.htmlmailing-listx_refsource_MLIST
http://lists.nongnu.org/archive/html/freetype-devel/2011-07/msg00028.htmlmailing-listx_refsource_MLIST
http://lists.nongnu.org/archive/html/freetype-devel/2011-07/msg00026.htmlmailing-listx_refsource_MLIST
http://lists.nongnu.org/archive/html/freetype-devel/2011-07/msg00015.htmlmailing-listx_refsource_MLIST
https://nvd.nist.gov/vuln/detail/CVE-2011-0226

Same Patch Batch · n/a · 2011-07-19 · 12 CVEs total

CVE-2011-0227		Apple iOS IOMobileFrameBuffer本地权限提升漏洞
CVE-2011-2743		Chyrp多个跨站脚本攻击漏洞
CVE-2011-2779		HP ArcSight Connector Appliance Windows Event Log SmartConnector权限许可和访问控制漏洞
CVE-2011-2780		Chyrp includes/lib/gz.php目录遍历漏洞
CVE-2011-0770		HP ArcSight Connectors Windows Event Log SmartConnector跨站脚本攻击漏洞
CVE-2011-1355		IBM WebSphere Application Server 'logoutExitPage'参数开放重定向漏洞
CVE-2011-1356		IBM WebSphere Application Server管理控制台本地信息泄露漏洞
CVE-2011-1741		EMC Documentum eRoom Indexing Server OpenText Hummingbird Client Connector缓冲区溢出漏洞
CVE-2011-2385		OTRS iPhoneHandle包权限提升漏洞
CVE-2011-2528		Zope和PloneHotfix20110720权限提升漏洞
CVE-2011-2744		Chyrp目录遍历漏洞

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2011-0226

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2011-0226

I. Basic Information for CVE-2011-0226

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2011-0226

III. Intelligence Information for CVE-2011-0226

Same Patch Batch · n/a · 2011-07-19 · 12 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2011-0226

Leave a comment