CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
94.5%
Jon Larimer discovered that t1lib did not properly parse AFM fonts. If a
user were tricked into using a specially crafted font file, a remote
attacker could cause t1lib to crash or possibly execute arbitrary code with
user privileges. (CVE-2010-2642, CVE-2011-0433)
Jonathan Brossard discovered that t1lib did not correctly handle certain
malformed font files. If a user were tricked into using a specially crafted
font file, a remote attacker could cause t1lib to crash. (CVE-2011-1552,
CVE-2011-1553, CVE-2011-1554)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 11.10 | noarch | libt1-5 | < 5.1.2-3ubuntu0.11.10.2 | UNKNOWN |
Ubuntu | 11.10 | noarch | libt1-5-dbg | < 5.1.2-3ubuntu0.11.10.2 | UNKNOWN |
Ubuntu | 11.10 | noarch | libt1-dev | < 5.1.2-3ubuntu0.11.10.2 | UNKNOWN |
Ubuntu | 11.10 | noarch | t1lib-bin | < 5.1.2-3ubuntu0.11.10.2 | UNKNOWN |
Ubuntu | 11.04 | noarch | libt1-5 | < 5.1.2-3ubuntu0.11.04.2 | UNKNOWN |
Ubuntu | 11.04 | noarch | libt1-5-dbg | < 5.1.2-3ubuntu0.11.04.2 | UNKNOWN |
Ubuntu | 11.04 | noarch | libt1-dev | < 5.1.2-3ubuntu0.11.04.2 | UNKNOWN |
Ubuntu | 11.04 | noarch | t1lib-bin | < 5.1.2-3ubuntu0.11.04.2 | UNKNOWN |
Ubuntu | 10.10 | noarch | libt1-5 | < 5.1.2-3ubuntu0.10.10.2 | UNKNOWN |
Ubuntu | 10.10 | noarch | libt1-5-dbg | < 5.1.2-3ubuntu0.10.10.2 | UNKNOWN |