Lucene search
Ubuntu.comUB:CVE-2011-0764HistoryMar 31, 2011 - 12:00 a.m.
CVE-2011-0764
2011-03-3100:00:00
ubuntu.com
ubuntu.com
18
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
0.278
Percentile
96.8%
t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other
products, uses an invalid pointer in conjunction with a dereference
operation, which allows remote attackers to execute arbitrary code via a
crafted Type 1 font in a PDF document, as demonstrated by
testz.2184122398.pdf.
Notes
| Author | Note |
|---|---|
| mdeslaur | xpdf in natty is now built with the poppler engine xpdf in earlier releases seems to use system t1lib |
| jdstrand | requested reproducers from report on 2011-10-13 |
Related
ubuntu
ubuntu
t1lib vulnerability
2011-12-21 00:00:00
cvelist
cvelist
debiancve
debiancve
openvas
openvas
Ubuntu Update for t1lib USN-1316-1
2011-12-23 00:00:00
Mandriva Update for t1lib MDVSA-2012:002 (t1lib)
2012-01-09 00:00:00
Ubuntu: Security Advisory (USN-1316-1)
2011-12-23 00:00:00
nvd
nvd
veracode
veracode
Denial Of Service (DoS)
2020-04-10 01:07:02
nessus
nessus
Ubuntu 10.04 LTS / 10.10 / 11.04 / 11.10 : t1lib vulnerability (USN-1316-1)
2011-12-22 00:00:00
Mandriva Linux Security Advisory : t1lib (MDVSA-2012:002)
2012-01-03 00:00:00
SuSE 10 Security Update : t1lib (ZYPP Patch Number 8089)
2012-06-15 00:00:00
prion
prion
Design/Logic Flaw
2011-03-31 22:55:00
Code injection
2011-03-31 23:55:00
Integer overflow
2011-03-31 23:55:00
securityvulns
securityvulns
TSSA-2011-01 xpdf : multiple vulnerabilities allow remote code execution
2011-03-29 00:00:00
t1lib / xpdf library multiple security vulnerabilities
2012-01-16 00:00:00
cve
cve
cert
cert
Foolabs Xpdf contains a denial of service vulnerability
2011-03-21 00:00:00
ubuntucve
ubuntucve
slackware
slackware
[slackware-security] t1lib
2012-08-16 06:32:38
centos
centos
kpathsea, mendexk, texlive security update
2012-02-16 13:36:55
t1lib security update
2012-01-30 20:25:25
tetex security update
2012-08-23 23:12:26
debian
debian
[SECURITY] [DSA 2388-1] t1lib security update
2012-01-15 10:25:21
fedora
fedora
[SECURITY] Fedora 15 Update: t1lib-5.1.2-9.fc15
2012-01-28 03:28:44
[SECURITY] Fedora 16 Update: t1lib-5.1.2-9.fc16
2012-01-28 03:23:39
redhat
redhat
(RHSA-2012:0137) Moderate: texlive security update
2012-02-15 00:00:00
(RHSA-2012:0062) Moderate: t1lib security update
2012-01-24 00:00:00
(RHSA-2012:1201) Moderate: tetex security update
2012-08-23 00:00:00
oraclelinux
oraclelinux
t1lib security update
2012-01-24 00:00:00
texlive security update
2012-02-15 00:00:00
tetex security update
2012-08-23 00:00:00
amazon
amazon
Medium: t1lib
2012-02-02 14:26:00
Medium: texlive
2012-03-04 16:08:00
osv
osv
t1lib - several
2012-01-14 00:00:00
gentoo
gentoo
T1Lib: : Multiple vulnerabilities
2017-01-23 00:00:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
0.278
Percentile
96.8%
Related for UB:CVE-2011-0764