Lucene search

[email protected]CVE-2011-1553

HistoryMar 31, 2011 - 11:55 p.m.

CVE-2011-1553

2011-03-3123:55:00

CWE-399

[email protected]

web.nvd.nist.gov

cve-2011-1553

use-after-free vulnerability

t1lib

xpdf

tetex

denial of service

pdf

type 1 font

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.3 Medium

AI Score

Confidence

Low

0.278 Low

EPSS

Percentile

96.8%

JSON

Use-after-free vulnerability in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers to cause a denial of service (application crash) via a PDF document containing a crafted Type 1 font that triggers an invalid memory write, a different vulnerability than CVE-2011-0764.

Affected configurations

NVD

Node

t1libt1libRange≤5.1.2

t1libt1libMatch0.1alpha

t1libt1libMatch0.2beta

t1libt1libMatch0.3beta

t1libt1libMatch0.4beta

t1libt1libMatch0.5beta

t1libt1libMatch0.6beta

t1libt1libMatch0.7beta

t1libt1libMatch0.8beta

t1libt1libMatch0.9

t1libt1libMatch0.9.1

t1libt1libMatch0.9.2

t1libt1libMatch1.0

t1libt1libMatch1.0.1

t1libt1libMatch1.1.0

t1libt1libMatch1.1.1

t1libt1libMatch1.2

t1libt1libMatch1.3

t1libt1libMatch1.3.1

t1libt1libMatch5.0.0

t1libt1libMatch5.0.1

t1libt1libMatch5.0.2

t1libt1libMatch5.1.0

t1libt1libMatch5.1.1

AND

foolabsxpdfMatch0.5a

foolabsxpdfMatch0.7a

foolabsxpdfMatch0.91a

foolabsxpdfMatch0.91b

foolabsxpdfMatch0.91c

foolabsxpdfMatch0.92a

foolabsxpdfMatch0.92b

foolabsxpdfMatch0.92c

foolabsxpdfMatch0.92d

foolabsxpdfMatch0.92e

foolabsxpdfMatch0.93a

foolabsxpdfMatch0.93b

foolabsxpdfMatch0.93c

foolabsxpdfMatch1.00a

foolabsxpdfMatch3.0.1

foolabsxpdfMatch3.02pl1

foolabsxpdfMatch3.02pl2

foolabsxpdfMatch3.02pl3

foolabsxpdfMatch3.02pl4

glyphandcogxpdfreaderRange≤3.02

glyphandcogxpdfreaderMatch0.2

glyphandcogxpdfreaderMatch0.3

glyphandcogxpdfreaderMatch0.4

glyphandcogxpdfreaderMatch0.5

glyphandcogxpdfreaderMatch0.6

glyphandcogxpdfreaderMatch0.7

glyphandcogxpdfreaderMatch0.80

glyphandcogxpdfreaderMatch0.90

glyphandcogxpdfreaderMatch0.91

glyphandcogxpdfreaderMatch0.92

glyphandcogxpdfreaderMatch0.93

glyphandcogxpdfreaderMatch1.00

glyphandcogxpdfreaderMatch1.01

glyphandcogxpdfreaderMatch2.00

glyphandcogxpdfreaderMatch2.01

glyphandcogxpdfreaderMatch2.02

glyphandcogxpdfreaderMatch2.03

glyphandcogxpdfreaderMatch3.00

glyphandcogxpdfreaderMatch3.01

glyphandcogxpdfreaderMatch3.02

CPENameOperatorVersion
t1lib:t1libt1lible5.1.2
t1lib:t1libt1libeq0.1
t1lib:t1libt1libeq0.2
t1lib:t1libt1libeq0.3
t1lib:t1libt1libeq0.4
t1lib:t1libt1libeq0.5
t1lib:t1libt1libeq0.6
t1lib:t1libt1libeq0.7
t1lib:t1libt1libeq0.8
t1lib:t1libt1libeq0.9

CPE	Name	Operator	Version
t1lib:t1lib	t1lib	le	5.1.2
t1lib:t1lib	t1lib	eq	0.1
t1lib:t1lib	t1lib	eq	0.2
t1lib:t1lib	t1lib	eq	0.3
t1lib:t1lib	t1lib	eq	0.4
t1lib:t1lib	t1lib	eq	0.5
t1lib:t1lib	t1lib	eq	0.6
t1lib:t1lib	t1lib	eq	0.7
t1lib:t1lib	t1lib	eq	0.8
t1lib:t1lib	t1lib	eq	0.9