Lucene search

[email protected]CVE-2011-1552

HistoryMar 31, 2011 - 11:55 p.m.

CVE-2011-1552

2011-03-3123:55:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2011-1552

t1lib

xpdf

tetex

denial of service

application crash

type 1 font

pdf document

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.3 Medium

AI Score

Confidence

Low

0.278 Low

EPSS

Percentile

96.8%

JSON

t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, reads from invalid memory locations, which allows remote attackers to cause a denial of service (application crash) via a crafted Type 1 font in a PDF document, a different vulnerability than CVE-2011-0764.

Affected configurations

NVD

Node

t1libt1libRange≤5.1.2

t1libt1libMatch0.1alpha

t1libt1libMatch0.2beta

t1libt1libMatch0.3beta

t1libt1libMatch0.4beta

t1libt1libMatch0.5beta

t1libt1libMatch0.6beta

t1libt1libMatch0.7beta

t1libt1libMatch0.8beta

t1libt1libMatch0.9

t1libt1libMatch0.9.1

t1libt1libMatch0.9.2

t1libt1libMatch1.0

t1libt1libMatch1.0.1

t1libt1libMatch1.1.0

t1libt1libMatch1.1.1

t1libt1libMatch1.2

t1libt1libMatch1.3

t1libt1libMatch1.3.1

t1libt1libMatch5.0.0

t1libt1libMatch5.0.1

t1libt1libMatch5.0.2

t1libt1libMatch5.1.0

t1libt1libMatch5.1.1

AND

foolabsxpdfMatch0.5a

foolabsxpdfMatch0.7a

foolabsxpdfMatch0.91a

foolabsxpdfMatch0.91b

foolabsxpdfMatch0.91c

foolabsxpdfMatch0.92a

foolabsxpdfMatch0.92b

foolabsxpdfMatch0.92c

foolabsxpdfMatch0.92d

foolabsxpdfMatch0.92e

foolabsxpdfMatch0.93a

foolabsxpdfMatch0.93b

foolabsxpdfMatch0.93c

foolabsxpdfMatch1.00a

foolabsxpdfMatch3.0.1

foolabsxpdfMatch3.02pl1

foolabsxpdfMatch3.02pl2

foolabsxpdfMatch3.02pl3

foolabsxpdfMatch3.02pl4

glyphandcogxpdfreaderRange≤3.02

glyphandcogxpdfreaderMatch0.2

glyphandcogxpdfreaderMatch0.3

glyphandcogxpdfreaderMatch0.4

glyphandcogxpdfreaderMatch0.5

glyphandcogxpdfreaderMatch0.6

glyphandcogxpdfreaderMatch0.7

glyphandcogxpdfreaderMatch0.80

glyphandcogxpdfreaderMatch0.90

glyphandcogxpdfreaderMatch0.91

glyphandcogxpdfreaderMatch0.92

glyphandcogxpdfreaderMatch0.93

glyphandcogxpdfreaderMatch1.00

glyphandcogxpdfreaderMatch1.01

glyphandcogxpdfreaderMatch2.00

glyphandcogxpdfreaderMatch2.01

glyphandcogxpdfreaderMatch2.02

glyphandcogxpdfreaderMatch2.03

glyphandcogxpdfreaderMatch3.00

glyphandcogxpdfreaderMatch3.01

glyphandcogxpdfreaderMatch3.02

CPENameOperatorVersion
t1lib:t1libt1lible5.1.2
t1lib:t1libt1libeq0.1
t1lib:t1libt1libeq0.2
t1lib:t1libt1libeq0.3
t1lib:t1libt1libeq0.4
t1lib:t1libt1libeq0.5
t1lib:t1libt1libeq0.6
t1lib:t1libt1libeq0.7
t1lib:t1libt1libeq0.8
t1lib:t1libt1libeq0.9

CPE	Name	Operator	Version
t1lib:t1lib	t1lib	le	5.1.2
t1lib:t1lib	t1lib	eq	0.1
t1lib:t1lib	t1lib	eq	0.2
t1lib:t1lib	t1lib	eq	0.3
t1lib:t1lib	t1lib	eq	0.4
t1lib:t1lib	t1lib	eq	0.5
t1lib:t1lib	t1lib	eq	0.6
t1lib:t1lib	t1lib	eq	0.7
t1lib:t1lib	t1lib	eq	0.8
t1lib:t1lib	t1lib	eq	0.9