Vulnerabilites related to t1lib - t1lib
cve-2011-5244
Vulnerability from cvelistv5
Published
2012-11-19 11:00
Modified
2024-08-07 00:30
Severity ?
EPSS score ?
Summary
Multiple off-by-one errors in the (1) token and (2) linetoken functions in backend/dvi/mdvi-lib/afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a DVI file containing a crafted Adobe Font Metrics (AFM) file, different vulnerabilities than CVE-2010-2642 and CVE-2011-0433.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.gnome.org/show_bug.cgi?id=643882 | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/80271 | vdb-entry, x_refsource_XF | |
| http://www.openwall.com/lists/oss-security/2011/03/04/21 | mailing-list, x_refsource_MLIST | |
| http://git.gnome.org/browse/evince/commit/?id=d4139205b010 | x_refsource_MISC | |
| https://security.gentoo.org/glsa/201701-57 | vendor-advisory, x_refsource_GENTOO | |
| http://git.gnome.org/browse/evince/commit/?id=439c5070022e | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:30:46.795Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.gnome.org/show_bug.cgi?id=643882"
},
{
"name": "evince-token-code-exec(80271)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80271"
},
{
"name": "[oss-security] 20110304 Re: Re: CVE request: More Evince overflows",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/03/04/21"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.gnome.org/browse/evince/commit/?id=d4139205b010"
},
{
"name": "GLSA-201701-57",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201701-57"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.gnome.org/browse/evince/commit/?id=439c5070022e"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-03-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple off-by-one errors in the (1) token and (2) linetoken functions in backend/dvi/mdvi-lib/afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a DVI file containing a crafted Adobe Font Metrics (AFM) file, different vulnerabilities than CVE-2010-2642 and CVE-2011-0433."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.gnome.org/show_bug.cgi?id=643882"
},
{
"name": "evince-token-code-exec(80271)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80271"
},
{
"name": "[oss-security] 20110304 Re: Re: CVE request: More Evince overflows",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/03/04/21"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.gnome.org/browse/evince/commit/?id=d4139205b010"
},
{
"name": "GLSA-201701-57",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201701-57"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.gnome.org/browse/evince/commit/?id=439c5070022e"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-5244",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple off-by-one errors in the (1) token and (2) linetoken functions in backend/dvi/mdvi-lib/afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a DVI file containing a crafted Adobe Font Metrics (AFM) file, different vulnerabilities than CVE-2010-2642 and CVE-2011-0433."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.gnome.org/show_bug.cgi?id=643882",
"refsource": "CONFIRM",
"url": "https://bugzilla.gnome.org/show_bug.cgi?id=643882"
},
{
"name": "evince-token-code-exec(80271)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80271"
},
{
"name": "[oss-security] 20110304 Re: Re: CVE request: More Evince overflows",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/03/04/21"
},
{
"name": "http://git.gnome.org/browse/evince/commit/?id=d4139205b010",
"refsource": "MISC",
"url": "http://git.gnome.org/browse/evince/commit/?id=d4139205b010"
},
{
"name": "GLSA-201701-57",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-57"
},
{
"name": "http://git.gnome.org/browse/evince/commit/?id=439c5070022e",
"refsource": "MISC",
"url": "http://git.gnome.org/browse/evince/commit/?id=439c5070022e"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-5244",
"datePublished": "2012-11-19T11:00:00",
"dateReserved": "2012-11-18T00:00:00",
"dateUpdated": "2024-08-07T00:30:46.795Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-0433
Vulnerability from cvelistv5
Published
2012-11-19 11:00
Modified
2024-08-06 21:51
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in the linetoken function in afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a DVI file containing a crafted Adobe Font Metrics (AFM) file, a different vulnerability than CVE-2010-2642.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=679732 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/48985 | third-party-advisory, x_refsource_SECUNIA | |
| http://xorl.wordpress.com/2011/02/20/cve-2011-0433-evince-linetoken-buffer-overflow/ | x_refsource_MISC | |
| http://rhn.redhat.com/errata/RHSA-2012-1201.html | vendor-advisory, x_refsource_REDHAT | |
| https://bugzilla.gnome.org/show_bug.cgi?id=640923 | x_refsource_CONFIRM | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2012:144 | vendor-advisory, x_refsource_MANDRIVA | |
| https://security.gentoo.org/glsa/201701-57 | vendor-advisory, x_refsource_GENTOO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:51:08.799Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=679732"
},
{
"name": "48985",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48985"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://xorl.wordpress.com/2011/02/20/cve-2011-0433-evince-linetoken-buffer-overflow/"
},
{
"name": "RHSA-2012:1201",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.gnome.org/show_bug.cgi?id=640923"
},
{
"name": "MDVSA-2012:144",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144"
},
{
"name": "GLSA-201701-57",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201701-57"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-01-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the linetoken function in afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a DVI file containing a crafted Adobe Font Metrics (AFM) file, a different vulnerability than CVE-2010-2642."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=679732"
},
{
"name": "48985",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48985"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://xorl.wordpress.com/2011/02/20/cve-2011-0433-evince-linetoken-buffer-overflow/"
},
{
"name": "RHSA-2012:1201",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.gnome.org/show_bug.cgi?id=640923"
},
{
"name": "MDVSA-2012:144",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144"
},
{
"name": "GLSA-201701-57",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201701-57"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-0433",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the linetoken function in afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a DVI file containing a crafted Adobe Font Metrics (AFM) file, a different vulnerability than CVE-2010-2642."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=679732",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=679732"
},
{
"name": "48985",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48985"
},
{
"name": "http://xorl.wordpress.com/2011/02/20/cve-2011-0433-evince-linetoken-buffer-overflow/",
"refsource": "MISC",
"url": "http://xorl.wordpress.com/2011/02/20/cve-2011-0433-evince-linetoken-buffer-overflow/"
},
{
"name": "RHSA-2012:1201",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html"
},
{
"name": "https://bugzilla.gnome.org/show_bug.cgi?id=640923",
"refsource": "CONFIRM",
"url": "https://bugzilla.gnome.org/show_bug.cgi?id=640923"
},
{
"name": "MDVSA-2012:144",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144"
},
{
"name": "GLSA-201701-57",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-57"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-0433",
"datePublished": "2012-11-19T11:00:00",
"dateReserved": "2011-01-12T00:00:00",
"dateUpdated": "2024-08-06T21:51:08.799Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-1554
Vulnerability from cvelistv5
Published
2011-03-31 23:00
Modified
2024-08-06 22:28
Severity ?
EPSS score ?
Summary
Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers to cause a denial of service (application crash) via a PDF document containing a crafted Type 1 font that triggers an invalid memory read, integer overflow, and invalid pointer dereference, a different vulnerability than CVE-2011-0764.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:28:41.924Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "43823",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43823"
},
{
"name": "48985",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48985"
},
{
"name": "8171",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/8171"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/MAPG-8ECL8X"
},
{
"name": "ADV-2011-0728",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0728"
},
{
"name": "RHSA-2012:1201",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.foolabs.com/xpdf/download.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.toucan-system.com/advisories/tssa-2011-01.txt"
},
{
"name": "VU#376500",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/376500"
},
{
"name": "MDVSA-2012:144",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144"
},
{
"name": "GLSA-201701-57",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201701-57"
},
{
"name": "1025266",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1025266"
},
{
"name": "20110327 TSSA-2011-01 xpdf : multiple vulnerabilities allow remote code execution",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/517205/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-03-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers to cause a denial of service (application crash) via a PDF document containing a crafted Type 1 font that triggers an invalid memory read, integer overflow, and invalid pointer dereference, a different vulnerability than CVE-2011-0764."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "43823",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43823"
},
{
"name": "48985",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48985"
},
{
"name": "8171",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/8171"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kb.cert.org/vuls/id/MAPG-8ECL8X"
},
{
"name": "ADV-2011-0728",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0728"
},
{
"name": "RHSA-2012:1201",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.foolabs.com/xpdf/download.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.toucan-system.com/advisories/tssa-2011-01.txt"
},
{
"name": "VU#376500",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/376500"
},
{
"name": "MDVSA-2012:144",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144"
},
{
"name": "GLSA-201701-57",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201701-57"
},
{
"name": "1025266",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1025266"
},
{
"name": "20110327 TSSA-2011-01 xpdf : multiple vulnerabilities allow remote code execution",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/517205/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-1554",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers to cause a denial of service (application crash) via a PDF document containing a crafted Type 1 font that triggers an invalid memory read, integer overflow, and invalid pointer dereference, a different vulnerability than CVE-2011-0764."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "43823",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43823"
},
{
"name": "48985",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48985"
},
{
"name": "8171",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8171"
},
{
"name": "http://www.kb.cert.org/vuls/id/MAPG-8ECL8X",
"refsource": "CONFIRM",
"url": "http://www.kb.cert.org/vuls/id/MAPG-8ECL8X"
},
{
"name": "ADV-2011-0728",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0728"
},
{
"name": "RHSA-2012:1201",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html"
},
{
"name": "http://www.foolabs.com/xpdf/download.html",
"refsource": "CONFIRM",
"url": "http://www.foolabs.com/xpdf/download.html"
},
{
"name": "http://www.toucan-system.com/advisories/tssa-2011-01.txt",
"refsource": "MISC",
"url": "http://www.toucan-system.com/advisories/tssa-2011-01.txt"
},
{
"name": "VU#376500",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/376500"
},
{
"name": "MDVSA-2012:144",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144"
},
{
"name": "GLSA-201701-57",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-57"
},
{
"name": "1025266",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1025266"
},
{
"name": "20110327 TSSA-2011-01 xpdf : multiple vulnerabilities allow remote code execution",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/517205/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-1554",
"datePublished": "2011-03-31T23:00:00",
"dateReserved": "2011-03-31T00:00:00",
"dateUpdated": "2024-08-06T22:28:41.924Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-1552
Vulnerability from cvelistv5
Published
2011-03-31 23:00
Modified
2024-08-06 22:28
Severity ?
EPSS score ?
Summary
t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, reads from invalid memory locations, which allows remote attackers to cause a denial of service (application crash) via a crafted Type 1 font in a PDF document, a different vulnerability than CVE-2011-0764.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:28:41.819Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "43823",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43823"
},
{
"name": "48985",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48985"
},
{
"name": "8171",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/8171"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/MAPG-8ECL8X"
},
{
"name": "ADV-2011-0728",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0728"
},
{
"name": "RHSA-2012:1201",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.foolabs.com/xpdf/download.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.toucan-system.com/advisories/tssa-2011-01.txt"
},
{
"name": "VU#376500",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/376500"
},
{
"name": "MDVSA-2012:144",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144"
},
{
"name": "GLSA-201701-57",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201701-57"
},
{
"name": "1025266",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1025266"
},
{
"name": "20110327 TSSA-2011-01 xpdf : multiple vulnerabilities allow remote code execution",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/517205/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-03-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, reads from invalid memory locations, which allows remote attackers to cause a denial of service (application crash) via a crafted Type 1 font in a PDF document, a different vulnerability than CVE-2011-0764."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "43823",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43823"
},
{
"name": "48985",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48985"
},
{
"name": "8171",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/8171"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kb.cert.org/vuls/id/MAPG-8ECL8X"
},
{
"name": "ADV-2011-0728",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0728"
},
{
"name": "RHSA-2012:1201",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.foolabs.com/xpdf/download.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.toucan-system.com/advisories/tssa-2011-01.txt"
},
{
"name": "VU#376500",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/376500"
},
{
"name": "MDVSA-2012:144",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144"
},
{
"name": "GLSA-201701-57",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201701-57"
},
{
"name": "1025266",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1025266"
},
{
"name": "20110327 TSSA-2011-01 xpdf : multiple vulnerabilities allow remote code execution",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/517205/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-1552",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, reads from invalid memory locations, which allows remote attackers to cause a denial of service (application crash) via a crafted Type 1 font in a PDF document, a different vulnerability than CVE-2011-0764."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "43823",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43823"
},
{
"name": "48985",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48985"
},
{
"name": "8171",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8171"
},
{
"name": "http://www.kb.cert.org/vuls/id/MAPG-8ECL8X",
"refsource": "CONFIRM",
"url": "http://www.kb.cert.org/vuls/id/MAPG-8ECL8X"
},
{
"name": "ADV-2011-0728",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0728"
},
{
"name": "RHSA-2012:1201",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html"
},
{
"name": "http://www.foolabs.com/xpdf/download.html",
"refsource": "CONFIRM",
"url": "http://www.foolabs.com/xpdf/download.html"
},
{
"name": "http://www.toucan-system.com/advisories/tssa-2011-01.txt",
"refsource": "MISC",
"url": "http://www.toucan-system.com/advisories/tssa-2011-01.txt"
},
{
"name": "VU#376500",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/376500"
},
{
"name": "MDVSA-2012:144",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144"
},
{
"name": "GLSA-201701-57",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-57"
},
{
"name": "1025266",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1025266"
},
{
"name": "20110327 TSSA-2011-01 xpdf : multiple vulnerabilities allow remote code execution",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/517205/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-1552",
"datePublished": "2011-03-31T23:00:00",
"dateReserved": "2011-03-31T00:00:00",
"dateUpdated": "2024-08-06T22:28:41.819Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-0764
Vulnerability from cvelistv5
Published
2011-03-31 22:00
Modified
2024-08-06 22:05
Severity ?
EPSS score ?
Summary
t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, uses an invalid pointer in conjunction with a dereference operation, which allows remote attackers to execute arbitrary code via a crafted Type 1 font in a PDF document, as demonstrated by testz.2184122398.pdf.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:05:53.382Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDVSA-2012:002",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:002"
},
{
"name": "43823",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43823"
},
{
"name": "47347",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/47347"
},
{
"name": "48985",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48985"
},
{
"name": "8171",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/8171"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/MAPG-8ECL8X"
},
{
"name": "ADV-2011-0728",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0728"
},
{
"name": "xpdf-t1lib-code-execution(66208)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66208"
},
{
"name": "RHSA-2012:1201",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.foolabs.com/xpdf/download.html"
},
{
"name": "46941",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/46941"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.toucan-system.com/advisories/tssa-2011-01.txt"
},
{
"name": "USN-1316-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1316-1"
},
{
"name": "VU#376500",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/376500"
},
{
"name": "MDVSA-2012:144",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144"
},
{
"name": "GLSA-201701-57",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201701-57"
},
{
"name": "1025266",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1025266"
},
{
"name": "20110327 TSSA-2011-01 xpdf : multiple vulnerabilities allow remote code execution",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/517205/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-03-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, uses an invalid pointer in conjunction with a dereference operation, which allows remote attackers to execute arbitrary code via a crafted Type 1 font in a PDF document, as demonstrated by testz.2184122398.pdf."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "MDVSA-2012:002",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:002"
},
{
"name": "43823",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43823"
},
{
"name": "47347",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/47347"
},
{
"name": "48985",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48985"
},
{
"name": "8171",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/8171"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kb.cert.org/vuls/id/MAPG-8ECL8X"
},
{
"name": "ADV-2011-0728",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0728"
},
{
"name": "xpdf-t1lib-code-execution(66208)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66208"
},
{
"name": "RHSA-2012:1201",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.foolabs.com/xpdf/download.html"
},
{
"name": "46941",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/46941"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.toucan-system.com/advisories/tssa-2011-01.txt"
},
{
"name": "USN-1316-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1316-1"
},
{
"name": "VU#376500",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/376500"
},
{
"name": "MDVSA-2012:144",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144"
},
{
"name": "GLSA-201701-57",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201701-57"
},
{
"name": "1025266",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1025266"
},
{
"name": "20110327 TSSA-2011-01 xpdf : multiple vulnerabilities allow remote code execution",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/517205/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2011-0764",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, uses an invalid pointer in conjunction with a dereference operation, which allows remote attackers to execute arbitrary code via a crafted Type 1 font in a PDF document, as demonstrated by testz.2184122398.pdf."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MDVSA-2012:002",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:002"
},
{
"name": "43823",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43823"
},
{
"name": "47347",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/47347"
},
{
"name": "48985",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48985"
},
{
"name": "8171",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8171"
},
{
"name": "http://www.kb.cert.org/vuls/id/MAPG-8ECL8X",
"refsource": "CONFIRM",
"url": "http://www.kb.cert.org/vuls/id/MAPG-8ECL8X"
},
{
"name": "ADV-2011-0728",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0728"
},
{
"name": "xpdf-t1lib-code-execution(66208)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66208"
},
{
"name": "RHSA-2012:1201",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html"
},
{
"name": "http://www.foolabs.com/xpdf/download.html",
"refsource": "CONFIRM",
"url": "http://www.foolabs.com/xpdf/download.html"
},
{
"name": "46941",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46941"
},
{
"name": "http://www.toucan-system.com/advisories/tssa-2011-01.txt",
"refsource": "MISC",
"url": "http://www.toucan-system.com/advisories/tssa-2011-01.txt"
},
{
"name": "USN-1316-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1316-1"
},
{
"name": "VU#376500",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/376500"
},
{
"name": "MDVSA-2012:144",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144"
},
{
"name": "GLSA-201701-57",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-57"
},
{
"name": "1025266",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1025266"
},
{
"name": "20110327 TSSA-2011-01 xpdf : multiple vulnerabilities allow remote code execution",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/517205/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2011-0764",
"datePublished": "2011-03-31T22:00:00",
"dateReserved": "2011-02-03T00:00:00",
"dateUpdated": "2024-08-06T22:05:53.382Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-1553
Vulnerability from cvelistv5
Published
2011-03-31 23:00
Modified
2024-08-06 22:28
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers to cause a denial of service (application crash) via a PDF document containing a crafted Type 1 font that triggers an invalid memory write, a different vulnerability than CVE-2011-0764.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:28:41.931Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "43823",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43823"
},
{
"name": "48985",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48985"
},
{
"name": "8171",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/8171"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/MAPG-8ECL8X"
},
{
"name": "ADV-2011-0728",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0728"
},
{
"name": "RHSA-2012:1201",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.foolabs.com/xpdf/download.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.toucan-system.com/advisories/tssa-2011-01.txt"
},
{
"name": "VU#376500",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/376500"
},
{
"name": "MDVSA-2012:144",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144"
},
{
"name": "GLSA-201701-57",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201701-57"
},
{
"name": "1025266",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1025266"
},
{
"name": "20110327 TSSA-2011-01 xpdf : multiple vulnerabilities allow remote code execution",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/517205/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-03-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers to cause a denial of service (application crash) via a PDF document containing a crafted Type 1 font that triggers an invalid memory write, a different vulnerability than CVE-2011-0764."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "43823",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43823"
},
{
"name": "48985",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48985"
},
{
"name": "8171",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/8171"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kb.cert.org/vuls/id/MAPG-8ECL8X"
},
{
"name": "ADV-2011-0728",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0728"
},
{
"name": "RHSA-2012:1201",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.foolabs.com/xpdf/download.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.toucan-system.com/advisories/tssa-2011-01.txt"
},
{
"name": "VU#376500",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/376500"
},
{
"name": "MDVSA-2012:144",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144"
},
{
"name": "GLSA-201701-57",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201701-57"
},
{
"name": "1025266",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1025266"
},
{
"name": "20110327 TSSA-2011-01 xpdf : multiple vulnerabilities allow remote code execution",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/517205/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-1553",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers to cause a denial of service (application crash) via a PDF document containing a crafted Type 1 font that triggers an invalid memory write, a different vulnerability than CVE-2011-0764."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "43823",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43823"
},
{
"name": "48985",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48985"
},
{
"name": "8171",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8171"
},
{
"name": "http://www.kb.cert.org/vuls/id/MAPG-8ECL8X",
"refsource": "CONFIRM",
"url": "http://www.kb.cert.org/vuls/id/MAPG-8ECL8X"
},
{
"name": "ADV-2011-0728",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0728"
},
{
"name": "RHSA-2012:1201",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html"
},
{
"name": "http://www.foolabs.com/xpdf/download.html",
"refsource": "CONFIRM",
"url": "http://www.foolabs.com/xpdf/download.html"
},
{
"name": "http://www.toucan-system.com/advisories/tssa-2011-01.txt",
"refsource": "MISC",
"url": "http://www.toucan-system.com/advisories/tssa-2011-01.txt"
},
{
"name": "VU#376500",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/376500"
},
{
"name": "MDVSA-2012:144",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144"
},
{
"name": "GLSA-201701-57",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-57"
},
{
"name": "1025266",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1025266"
},
{
"name": "20110327 TSSA-2011-01 xpdf : multiple vulnerabilities allow remote code execution",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/517205/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-1553",
"datePublished": "2011-03-31T23:00:00",
"dateReserved": "2011-03-31T00:00:00",
"dateUpdated": "2024-08-06T22:28:41.931Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-4033
Vulnerability from cvelistv5
Published
2007-07-27 22:00
Modified
2024-08-07 14:37
Severity ?
EPSS score ?
Summary
Buffer overflow in the intT1_EnvGetCompletePath function in lib/t1lib/t1env.c in t1lib 5.1.1 allows context-dependent attackers to execute arbitrary code via a long FileName parameter. NOTE: this issue was originally reported to be in the imagepsloadfont function in php_gd2.dll in the gd (PHP_GD2) extension in PHP 5.2.3.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:37:06.075Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-200710-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200710-12.xml"
},
{
"name": "27743",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27743"
},
{
"name": "26901",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26901"
},
{
"name": "oval:org.mitre.oval:def:10557",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10557"
},
{
"name": "php-imagepsloadfont-bo(35620)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35620"
},
{
"name": "FEDORA-2007-2343",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://fedoranews.org/updates/FEDORA-2007-234.shtml"
},
{
"name": "20070921 Re: [Full-disclosure] [USN-515-1] t1lib vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/480239/100/100/threaded"
},
{
"name": "DSA-1390",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1390"
},
{
"name": "27297",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27297"
},
{
"name": "GLSA-200805-13",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200805-13.xml"
},
{
"name": "20080105 rPSA-2008-0007-1 tetex tetex-afm tetex-dvips tetex-fonts tetex-latex tetex-xdvi",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/485823/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0007"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=303021"
},
{
"name": "FEDORA-2007-750",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html"
},
{
"name": "RHSA-2007:1031",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-1031.html"
},
{
"name": "MDKSA-2007:189",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:189"
},
{
"name": "4227",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/4227"
},
{
"name": "30168",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30168"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-1972"
},
{
"name": "27239",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27239"
},
{
"name": "26241",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26241"
},
{
"name": "20070921 Re: [USN-515-1] t1lib vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/480244/100/100/threaded"
},
{
"name": "25079",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25079"
},
{
"name": "27718",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27718"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.bugtraq.ir/adv/t1lib.txt"
},
{
"name": "GLSA-200711-34",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200711-34.xml"
},
{
"name": "28345",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28345"
},
{
"name": "27599",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27599"
},
{
"name": "USN-515-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-515-1"
},
{
"name": "27439",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27439"
},
{
"name": "1018905",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018905"
},
{
"name": "FEDORA-2007-3390",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html"
},
{
"name": "26981",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26981"
},
{
"name": "RHSA-2007:1027",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-1027.html"
},
{
"name": "RHSA-2007:1030",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-1030.html"
},
{
"name": "MDKSA-2007:230",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:230"
},
{
"name": "26992",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26992"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=193437"
},
{
"name": "SUSE-SR:2007:023",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_23_sr.html"
},
{
"name": "20080212 FLEA-2008-0006-1 tetex tetex-dvips tetex-fonts",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/487984/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the intT1_EnvGetCompletePath function in lib/t1lib/t1env.c in t1lib 5.1.1 allows context-dependent attackers to execute arbitrary code via a long FileName parameter. NOTE: this issue was originally reported to be in the imagepsloadfont function in php_gd2.dll in the gd (PHP_GD2) extension in PHP 5.2.3."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-200710-12",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200710-12.xml"
},
{
"name": "27743",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27743"
},
{
"name": "26901",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26901"
},
{
"name": "oval:org.mitre.oval:def:10557",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10557"
},
{
"name": "php-imagepsloadfont-bo(35620)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35620"
},
{
"name": "FEDORA-2007-2343",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://fedoranews.org/updates/FEDORA-2007-234.shtml"
},
{
"name": "20070921 Re: [Full-disclosure] [USN-515-1] t1lib vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/480239/100/100/threaded"
},
{
"name": "DSA-1390",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1390"
},
{
"name": "27297",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27297"
},
{
"name": "GLSA-200805-13",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200805-13.xml"
},
{
"name": "20080105 rPSA-2008-0007-1 tetex tetex-afm tetex-dvips tetex-fonts tetex-latex tetex-xdvi",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/485823/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0007"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=303021"
},
{
"name": "FEDORA-2007-750",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html"
},
{
"name": "RHSA-2007:1031",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-1031.html"
},
{
"name": "MDKSA-2007:189",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:189"
},
{
"name": "4227",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/4227"
},
{
"name": "30168",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30168"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-1972"
},
{
"name": "27239",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27239"
},
{
"name": "26241",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26241"
},
{
"name": "20070921 Re: [USN-515-1] t1lib vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/480244/100/100/threaded"
},
{
"name": "25079",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25079"
},
{
"name": "27718",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27718"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.bugtraq.ir/adv/t1lib.txt"
},
{
"name": "GLSA-200711-34",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200711-34.xml"
},
{
"name": "28345",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28345"
},
{
"name": "27599",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27599"
},
{
"name": "USN-515-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-515-1"
},
{
"name": "27439",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27439"
},
{
"name": "1018905",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018905"
},
{
"name": "FEDORA-2007-3390",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html"
},
{
"name": "26981",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26981"
},
{
"name": "RHSA-2007:1027",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-1027.html"
},
{
"name": "RHSA-2007:1030",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-1030.html"
},
{
"name": "MDKSA-2007:230",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:230"
},
{
"name": "26992",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26992"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=193437"
},
{
"name": "SUSE-SR:2007:023",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_23_sr.html"
},
{
"name": "20080212 FLEA-2008-0006-1 tetex tetex-dvips tetex-fonts",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/487984/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4033",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the intT1_EnvGetCompletePath function in lib/t1lib/t1env.c in t1lib 5.1.1 allows context-dependent attackers to execute arbitrary code via a long FileName parameter. NOTE: this issue was originally reported to be in the imagepsloadfont function in php_gd2.dll in the gd (PHP_GD2) extension in PHP 5.2.3."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-200710-12",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200710-12.xml"
},
{
"name": "27743",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27743"
},
{
"name": "26901",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26901"
},
{
"name": "oval:org.mitre.oval:def:10557",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10557"
},
{
"name": "php-imagepsloadfont-bo(35620)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35620"
},
{
"name": "FEDORA-2007-2343",
"refsource": "FEDORA",
"url": "http://fedoranews.org/updates/FEDORA-2007-234.shtml"
},
{
"name": "20070921 Re: [Full-disclosure] [USN-515-1] t1lib vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/480239/100/100/threaded"
},
{
"name": "DSA-1390",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1390"
},
{
"name": "27297",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27297"
},
{
"name": "GLSA-200805-13",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200805-13.xml"
},
{
"name": "20080105 rPSA-2008-0007-1 tetex tetex-afm tetex-dvips tetex-fonts tetex-latex tetex-xdvi",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/485823/100/0/threaded"
},
{
"name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0007",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0007"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=303021",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=303021"
},
{
"name": "FEDORA-2007-750",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html"
},
{
"name": "RHSA-2007:1031",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-1031.html"
},
{
"name": "MDKSA-2007:189",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:189"
},
{
"name": "4227",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/4227"
},
{
"name": "30168",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30168"
},
{
"name": "https://issues.rpath.com/browse/RPL-1972",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-1972"
},
{
"name": "27239",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27239"
},
{
"name": "26241",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26241"
},
{
"name": "20070921 Re: [USN-515-1] t1lib vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/480244/100/100/threaded"
},
{
"name": "25079",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25079"
},
{
"name": "27718",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27718"
},
{
"name": "http://www.bugtraq.ir/adv/t1lib.txt",
"refsource": "MISC",
"url": "http://www.bugtraq.ir/adv/t1lib.txt"
},
{
"name": "GLSA-200711-34",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200711-34.xml"
},
{
"name": "28345",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28345"
},
{
"name": "27599",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27599"
},
{
"name": "USN-515-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-515-1"
},
{
"name": "27439",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27439"
},
{
"name": "1018905",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018905"
},
{
"name": "FEDORA-2007-3390",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html"
},
{
"name": "26981",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26981"
},
{
"name": "RHSA-2007:1027",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-1027.html"
},
{
"name": "RHSA-2007:1030",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-1030.html"
},
{
"name": "MDKSA-2007:230",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:230"
},
{
"name": "26992",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26992"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=193437",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=193437"
},
{
"name": "SUSE-SR:2007:023",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_23_sr.html"
},
{
"name": "20080212 FLEA-2008-0006-1 tetex tetex-dvips tetex-fonts",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/487984/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4033",
"datePublished": "2007-07-27T22:00:00",
"dateReserved": "2007-07-27T00:00:00",
"dateUpdated": "2024-08-07T14:37:06.075Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-2642
Vulnerability from cvelistv5
Published
2011-01-07 18:00
Modified
2024-08-07 02:39
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in the AFM font parser in the dvi-backend component in Evince 2.32 and earlier, teTeX 3.0, t1lib 5.1.2, and possibly other products allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:39:37.982Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDVSA-2011:005",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://lists.mandriva.com/security-announce/2011-01/msg00006.php"
},
{
"name": "MDVSA-2011:016",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:016"
},
{
"name": "42872",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42872"
},
{
"name": "ADV-2011-0043",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0043"
},
{
"name": "ADV-2011-0029",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0029"
},
{
"name": "FEDORA-2011-0224",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052995.html"
},
{
"name": "42769",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42769"
},
{
"name": "SUSE-SR:2011:005",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
},
{
"name": "RHSA-2012:1201",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html"
},
{
"name": "ADV-2011-0097",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0097"
},
{
"name": "ADV-2011-0193",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0193"
},
{
"name": "DSA-2357",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2011/dsa-2357"
},
{
"name": "USN-1035-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1035-1"
},
{
"name": "MDVSA-2011:017",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:017"
},
{
"name": "ADV-2011-0102",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0102"
},
{
"name": "42821",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42821"
},
{
"name": "MDVSA-2012:144",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144"
},
{
"name": "ADV-2011-0056",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0056"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=666318"
},
{
"name": "RHSA-2011:0009",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0009.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.gnome.org/browse/evince/commit/?id=d4139205b010ed06310d14284e63114e88ec6de2"
},
{
"name": "1024937",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1024937"
},
{
"name": "FEDORA-2011-0208",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052910.html"
},
{
"name": "45678",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/45678"
},
{
"name": "GLSA-201701-57",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201701-57"
},
{
"name": "42847",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42847"
},
{
"name": "ADV-2011-0194",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0194"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-01-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the AFM font parser in the dvi-backend component in Evince 2.32 and earlier, teTeX 3.0, t1lib 5.1.2, and possibly other products allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "MDVSA-2011:005",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://lists.mandriva.com/security-announce/2011-01/msg00006.php"
},
{
"name": "MDVSA-2011:016",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:016"
},
{
"name": "42872",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42872"
},
{
"name": "ADV-2011-0043",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0043"
},
{
"name": "ADV-2011-0029",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0029"
},
{
"name": "FEDORA-2011-0224",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052995.html"
},
{
"name": "42769",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42769"
},
{
"name": "SUSE-SR:2011:005",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
},
{
"name": "RHSA-2012:1201",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html"
},
{
"name": "ADV-2011-0097",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0097"
},
{
"name": "ADV-2011-0193",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0193"
},
{
"name": "DSA-2357",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2011/dsa-2357"
},
{
"name": "USN-1035-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1035-1"
},
{
"name": "MDVSA-2011:017",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:017"
},
{
"name": "ADV-2011-0102",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0102"
},
{
"name": "42821",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42821"
},
{
"name": "MDVSA-2012:144",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144"
},
{
"name": "ADV-2011-0056",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0056"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=666318"
},
{
"name": "RHSA-2011:0009",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0009.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.gnome.org/browse/evince/commit/?id=d4139205b010ed06310d14284e63114e88ec6de2"
},
{
"name": "1024937",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1024937"
},
{
"name": "FEDORA-2011-0208",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052910.html"
},
{
"name": "45678",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/45678"
},
{
"name": "GLSA-201701-57",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201701-57"
},
{
"name": "42847",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42847"
},
{
"name": "ADV-2011-0194",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0194"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2642",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the AFM font parser in the dvi-backend component in Evince 2.32 and earlier, teTeX 3.0, t1lib 5.1.2, and possibly other products allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MDVSA-2011:005",
"refsource": "MANDRIVA",
"url": "http://lists.mandriva.com/security-announce/2011-01/msg00006.php"
},
{
"name": "MDVSA-2011:016",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:016"
},
{
"name": "42872",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42872"
},
{
"name": "ADV-2011-0043",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0043"
},
{
"name": "ADV-2011-0029",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0029"
},
{
"name": "FEDORA-2011-0224",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052995.html"
},
{
"name": "42769",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42769"
},
{
"name": "SUSE-SR:2011:005",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
},
{
"name": "RHSA-2012:1201",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html"
},
{
"name": "ADV-2011-0097",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0097"
},
{
"name": "ADV-2011-0193",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0193"
},
{
"name": "DSA-2357",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2357"
},
{
"name": "USN-1035-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1035-1"
},
{
"name": "MDVSA-2011:017",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:017"
},
{
"name": "ADV-2011-0102",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0102"
},
{
"name": "42821",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42821"
},
{
"name": "MDVSA-2012:144",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144"
},
{
"name": "ADV-2011-0056",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0056"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=666318",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=666318"
},
{
"name": "RHSA-2011:0009",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0009.html"
},
{
"name": "http://git.gnome.org/browse/evince/commit/?id=d4139205b010ed06310d14284e63114e88ec6de2",
"refsource": "CONFIRM",
"url": "http://git.gnome.org/browse/evince/commit/?id=d4139205b010ed06310d14284e63114e88ec6de2"
},
{
"name": "1024937",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024937"
},
{
"name": "FEDORA-2011-0208",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052910.html"
},
{
"name": "45678",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45678"
},
{
"name": "GLSA-201701-57",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-57"
},
{
"name": "42847",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42847"
},
{
"name": "ADV-2011-0194",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0194"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-2642",
"datePublished": "2011-01-07T18:00:00",
"dateReserved": "2010-07-06T00:00:00",
"dateUpdated": "2024-08-07T02:39:37.982Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2011-03-31 23:55
Modified
2024-11-21 01:26
Severity ?
Summary
Use-after-free vulnerability in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers to cause a denial of service (application crash) via a PDF document containing a crafted Type 1 font that triggers an invalid memory write, a different vulnerability than CVE-2011-0764.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:t1lib:t1lib:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9DA05E50-C6D3-4F92-A015-CB181020557A",
"versionEndIncluding": "5.1.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:0.1:alpha:*:*:*:*:*:*",
"matchCriteriaId": "B856C29C-4179-4173-87D3-1BDCC6933327",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:0.2:beta:*:*:*:*:*:*",
"matchCriteriaId": "A1EECD4E-4531-4C1D-B7F1-B5B20F79A22B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:0.3:beta:*:*:*:*:*:*",
"matchCriteriaId": "D3727A7B-2683-4D70-937F-514D38D13FE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:0.4:beta:*:*:*:*:*:*",
"matchCriteriaId": "C5E84F55-E912-424B-BC7A-8FDDD4BA0591",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:0.5:beta:*:*:*:*:*:*",
"matchCriteriaId": "C46D7084-80F5-45E5-8CBC-078D95860E01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:0.6:beta:*:*:*:*:*:*",
"matchCriteriaId": "0738DF6D-C493-4DD5-95E1-7701AA50453C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:0.7:beta:*:*:*:*:*:*",
"matchCriteriaId": "D2D7BF42-D227-460D-A90F-1E128108DB6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:0.8:beta:*:*:*:*:*:*",
"matchCriteriaId": "FC63023C-69D1-4A1D-9690-BB2FF9A209B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "E0A0A2CB-0A7B-4D06-82E3-6F949C3CE1D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:0.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F49D5478-E590-4A7C-ABFE-F9E7EC9BF5A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:0.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5CA0BDE2-1FF2-48BF-B7BB-4AE4AF236474",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "25CF5EAD-E543-4E81-AF2B-C8D9C45F0AAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CC95B6D3-8BBB-4202-89DD-12DF3FCAB0EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "85813410-9E44-4A60-907D-AE89A3F38AA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C09173A5-2FC3-46C8-80A1-5D721FBBF6D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "19AAEE8C-4013-4C1D-A19D-09549CAFF751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2FCED8EF-18BE-4820-A9D5-8CE82F9D2A40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "97E9F2F4-63A3-4DBF-9605-C3767ADB55EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "400C8A4F-D65B-4C46-9BDA-B13A864F40AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A3FE8F44-ADE5-4B4F-96F2-37E2F474B5BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "43839A3D-655A-4CA0-BB28-F8FDE95649BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE28F24A-FA4C-476E-87D3-1745E2F507F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "19DEB3FD-98C7-4288-9654-436B511C58AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "B8ABE533-8FC1-45E6-B574-A4CC7571EF7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*",
"matchCriteriaId": "1B02805E-7BD0-4563-82C8-6FFB982D4913",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*",
"matchCriteriaId": "852F526D-F388-4FF0-BDD9-DF7635DB46D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*",
"matchCriteriaId": "478D53EA-CC8C-4ECB-8410-0910505AD819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*",
"matchCriteriaId": "8C84FB90-FF1C-4502-B2D2-390438DD422F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*",
"matchCriteriaId": "13341DAE-D16D-41A7-BF17-FEC802997B15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*",
"matchCriteriaId": "3E30BAEA-231C-4A82-B014-9EE3D1E81545",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*",
"matchCriteriaId": "FE1DE5A5-6448-43F6-A612-56998D16E6B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*",
"matchCriteriaId": "35F84699-D4CF-4FD1-A959-53E316559EBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*",
"matchCriteriaId": "D820DFD5-0EF9-4C9A-B281-D553A4F63141",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*",
"matchCriteriaId": "E2EFC7E4-E513-42DB-BDA5-8D1E497971DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*",
"matchCriteriaId": "0AA5CDDC-BFDE-4C5E-920F-5DA1B3C51B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CF839D-D034-4D47-977F-7E27B36EF04F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*",
"matchCriteriaId": "F3B3E8A4-14FE-42DA-B82E-839B092B5302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "52D79ABD-202F-464F-B6C3-B225FD37DD3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl1:*:*:*:*:*:*:*",
"matchCriteriaId": "0BC500DA-7B3F-4CD5-BB0E-B244000CD19D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl2:*:*:*:*:*:*:*",
"matchCriteriaId": "9D5D9CEA-0707-46FC-AEC3-9EC540B22BC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl3:*:*:*:*:*:*:*",
"matchCriteriaId": "BD38AC59-7518-40FB-BC29-EC64142DE682",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl4:*:*:*:*:*:*:*",
"matchCriteriaId": "48541241-2EA4-4559-BB29-47A7B3466C5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "32628280-E2DB-45E0-AB8A-CFC90419A182",
"versionEndIncluding": "3.02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DEF5EC54-9145-4B51-8241-C9343160BF80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D33C2C1D-C1C1-4B1D-BDC8-6480CE8EC24B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D1344DF7-9917-4DB0-9256-9E8131C55B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "309F0CF2-4AF7-4F46-91EA-39BA07BAF312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "36FA872B-74B8-48E4-9D5C-5ACA6FCB8026",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "20311EDE-0E34-432A-AE41-F61EA68F134A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*",
"matchCriteriaId": "16FEF460-3569-4294-ABA4-D7C251D67071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*",
"matchCriteriaId": "BB41E8C2-BBCC-48CB-805B-23411D39E936",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*",
"matchCriteriaId": "16670F8A-E70B-4CDF-8C61-414D86E20C84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*",
"matchCriteriaId": "69483A91-53DB-4736-908F-7B14EFB40888",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.93:*:*:*:*:*:*:*",
"matchCriteriaId": "5B3E7962-0A95-4E7B-A983-683B02350B93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "BD1120B3-3372-417B-BCA0-FD515638FBFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "F7397645-3225-4980-8465-28F93322B58B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*",
"matchCriteriaId": "1672587F-ED28-4A8A-A6C1-AD1D6B5DF9F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*",
"matchCriteriaId": "D5A45EAF-B511-4360-A201-D588E7EEB39D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "D14637F7-DC99-4AC4-854C-DBA0B4C6BE54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "9EE03979-D564-4ABD-BEBD-E86E7C1BAF9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*",
"matchCriteriaId": "15D08CFD-BEE1-4DEE-926D-F4291F88224D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*",
"matchCriteriaId": "D244903F-5407-4C35-AE2C-1A05D3C227D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.02:*:*:*:*:*:*:*",
"matchCriteriaId": "F7D4E256-FF91-47BA-B1D4-940FB2D970AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers to cause a denial of service (application crash) via a PDF document containing a crafted Type 1 font that triggers an invalid memory write, a different vulnerability than CVE-2011-0764."
},
{
"lang": "es",
"value": "Vulnerabilidad liberar despu\u00e9s de usar (use-after-free) en t1lib v5.1.2 y anteriores, utilizado en Xpdf anterior a v3.02pl6 y otros productos, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) mediante un documento PDF con una fuente Typo 1, generando una escritura inv\u00e1lida en memoria, una vulnerabilidad diferente a CVE-2011-0764."
}
],
"id": "CVE-2011-1553",
"lastModified": "2024-11-21T01:26:34.877",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-03-31T23:55:00.817",
"references": [
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43823"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/48985"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/8171"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1025266"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.foolabs.com/xpdf/download.html"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/376500"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/MAPG-8ECL8X"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/517205/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.toucan-system.com/advisories/tssa-2011-01.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0728"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201701-57"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43823"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48985"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/8171"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1025266"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.foolabs.com/xpdf/download.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/376500"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/MAPG-8ECL8X"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/517205/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.toucan-system.com/advisories/tssa-2011-01.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0728"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201701-57"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-11-19 12:10
Modified
2024-11-21 01:23
Severity ?
Summary
Heap-based buffer overflow in the linetoken function in afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a DVI file containing a crafted Adobe Font Metrics (AFM) file, a different vulnerability than CVE-2010-2642.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnome:evince:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F97A2BB2-55C9-4F24-9155-F460649282D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6BB7CEC-0058-49F7-BDBF-110969D277D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9178B36F-41D5-4AE7-B9C8-56BDEADE76EB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the linetoken function in afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a DVI file containing a crafted Adobe Font Metrics (AFM) file, a different vulnerability than CVE-2010-2642."
},
{
"lang": "es",
"value": "Un desbordamiento de b\u00fafer basado en memoria din\u00e1mica (\u0027heap\u0027) en la funci\u00f3n linetoken en afmparse.c en t1lib, tal y como se utiliza en teTeX v3.0.x, GNOME Evince, y posiblemente otros productos, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) y posiblemente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un archivo que contiene un DVI que contiene un archivo Adobe Font Metrics (AFM) hecho a mano. Se trata de una vulnerabilidad diferente a CVE-2010-2642.\r\n"
}
],
"id": "CVE-2011-0433",
"lastModified": "2024-11-21T01:23:57.583",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-11-19T12:10:48.477",
"references": [
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/48985"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144"
},
{
"source": "cve@mitre.org",
"url": "http://xorl.wordpress.com/2011/02/20/cve-2011-0433-evince-linetoken-buffer-overflow/"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.gnome.org/show_bug.cgi?id=640923"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=679732"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201701-57"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48985"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://xorl.wordpress.com/2011/02/20/cve-2011-0433-evince-linetoken-buffer-overflow/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.gnome.org/show_bug.cgi?id=640923"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=679732"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201701-57"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-03-31 22:55
Modified
2024-11-21 01:24
Severity ?
Summary
t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, uses an invalid pointer in conjunction with a dereference operation, which allows remote attackers to execute arbitrary code via a crafted Type 1 font in a PDF document, as demonstrated by testz.2184122398.pdf.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:t1lib:t1lib:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9DA05E50-C6D3-4F92-A015-CB181020557A",
"versionEndIncluding": "5.1.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:0.1:alpha:*:*:*:*:*:*",
"matchCriteriaId": "B856C29C-4179-4173-87D3-1BDCC6933327",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:0.2:beta:*:*:*:*:*:*",
"matchCriteriaId": "A1EECD4E-4531-4C1D-B7F1-B5B20F79A22B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:0.3:beta:*:*:*:*:*:*",
"matchCriteriaId": "D3727A7B-2683-4D70-937F-514D38D13FE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:0.4:beta:*:*:*:*:*:*",
"matchCriteriaId": "C5E84F55-E912-424B-BC7A-8FDDD4BA0591",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:0.5:beta:*:*:*:*:*:*",
"matchCriteriaId": "C46D7084-80F5-45E5-8CBC-078D95860E01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:0.6:beta:*:*:*:*:*:*",
"matchCriteriaId": "0738DF6D-C493-4DD5-95E1-7701AA50453C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:0.7:beta:*:*:*:*:*:*",
"matchCriteriaId": "D2D7BF42-D227-460D-A90F-1E128108DB6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:0.8:beta:*:*:*:*:*:*",
"matchCriteriaId": "FC63023C-69D1-4A1D-9690-BB2FF9A209B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "E0A0A2CB-0A7B-4D06-82E3-6F949C3CE1D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:0.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F49D5478-E590-4A7C-ABFE-F9E7EC9BF5A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:0.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5CA0BDE2-1FF2-48BF-B7BB-4AE4AF236474",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "25CF5EAD-E543-4E81-AF2B-C8D9C45F0AAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CC95B6D3-8BBB-4202-89DD-12DF3FCAB0EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "85813410-9E44-4A60-907D-AE89A3F38AA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C09173A5-2FC3-46C8-80A1-5D721FBBF6D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "19AAEE8C-4013-4C1D-A19D-09549CAFF751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2FCED8EF-18BE-4820-A9D5-8CE82F9D2A40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "97E9F2F4-63A3-4DBF-9605-C3767ADB55EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "400C8A4F-D65B-4C46-9BDA-B13A864F40AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A3FE8F44-ADE5-4B4F-96F2-37E2F474B5BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "43839A3D-655A-4CA0-BB28-F8FDE95649BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE28F24A-FA4C-476E-87D3-1745E2F507F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "19DEB3FD-98C7-4288-9654-436B511C58AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "B8ABE533-8FC1-45E6-B574-A4CC7571EF7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*",
"matchCriteriaId": "1B02805E-7BD0-4563-82C8-6FFB982D4913",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*",
"matchCriteriaId": "852F526D-F388-4FF0-BDD9-DF7635DB46D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*",
"matchCriteriaId": "478D53EA-CC8C-4ECB-8410-0910505AD819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*",
"matchCriteriaId": "8C84FB90-FF1C-4502-B2D2-390438DD422F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*",
"matchCriteriaId": "13341DAE-D16D-41A7-BF17-FEC802997B15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*",
"matchCriteriaId": "3E30BAEA-231C-4A82-B014-9EE3D1E81545",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*",
"matchCriteriaId": "FE1DE5A5-6448-43F6-A612-56998D16E6B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*",
"matchCriteriaId": "35F84699-D4CF-4FD1-A959-53E316559EBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*",
"matchCriteriaId": "D820DFD5-0EF9-4C9A-B281-D553A4F63141",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*",
"matchCriteriaId": "E2EFC7E4-E513-42DB-BDA5-8D1E497971DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*",
"matchCriteriaId": "0AA5CDDC-BFDE-4C5E-920F-5DA1B3C51B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CF839D-D034-4D47-977F-7E27B36EF04F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*",
"matchCriteriaId": "F3B3E8A4-14FE-42DA-B82E-839B092B5302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "52D79ABD-202F-464F-B6C3-B225FD37DD3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl1:*:*:*:*:*:*:*",
"matchCriteriaId": "0BC500DA-7B3F-4CD5-BB0E-B244000CD19D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl2:*:*:*:*:*:*:*",
"matchCriteriaId": "9D5D9CEA-0707-46FC-AEC3-9EC540B22BC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl3:*:*:*:*:*:*:*",
"matchCriteriaId": "BD38AC59-7518-40FB-BC29-EC64142DE682",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl4:*:*:*:*:*:*:*",
"matchCriteriaId": "48541241-2EA4-4559-BB29-47A7B3466C5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "32628280-E2DB-45E0-AB8A-CFC90419A182",
"versionEndIncluding": "3.02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DEF5EC54-9145-4B51-8241-C9343160BF80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D33C2C1D-C1C1-4B1D-BDC8-6480CE8EC24B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D1344DF7-9917-4DB0-9256-9E8131C55B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "309F0CF2-4AF7-4F46-91EA-39BA07BAF312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "36FA872B-74B8-48E4-9D5C-5ACA6FCB8026",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "20311EDE-0E34-432A-AE41-F61EA68F134A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*",
"matchCriteriaId": "16FEF460-3569-4294-ABA4-D7C251D67071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*",
"matchCriteriaId": "BB41E8C2-BBCC-48CB-805B-23411D39E936",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*",
"matchCriteriaId": "16670F8A-E70B-4CDF-8C61-414D86E20C84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*",
"matchCriteriaId": "69483A91-53DB-4736-908F-7B14EFB40888",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.93:*:*:*:*:*:*:*",
"matchCriteriaId": "5B3E7962-0A95-4E7B-A983-683B02350B93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "BD1120B3-3372-417B-BCA0-FD515638FBFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "F7397645-3225-4980-8465-28F93322B58B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*",
"matchCriteriaId": "1672587F-ED28-4A8A-A6C1-AD1D6B5DF9F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*",
"matchCriteriaId": "D5A45EAF-B511-4360-A201-D588E7EEB39D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "D14637F7-DC99-4AC4-854C-DBA0B4C6BE54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "9EE03979-D564-4ABD-BEBD-E86E7C1BAF9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*",
"matchCriteriaId": "15D08CFD-BEE1-4DEE-926D-F4291F88224D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*",
"matchCriteriaId": "D244903F-5407-4C35-AE2C-1A05D3C227D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.02:*:*:*:*:*:*:*",
"matchCriteriaId": "F7D4E256-FF91-47BA-B1D4-940FB2D970AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, uses an invalid pointer in conjunction with a dereference operation, which allows remote attackers to execute arbitrary code via a crafted Type 1 font in a PDF document, as demonstrated by testz.2184122398.pdf."
},
{
"lang": "es",
"value": "t1lib v5.1.2 y versiones anteriores, utilizado en Xpdf anterior a v3.02pl6 y otros productos, utiliza un puntero no v\u00e1lido en una operaci\u00f3n de eliminaci\u00f3n de referencias, permitiendo a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un fuente Tipo 1 manipulada en un documento PDF, como lo demuestra el testz.2184122398.pdf"
}
],
"id": "CVE-2011-0764",
"lastModified": "2024-11-21T01:24:47.483",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-03-31T22:55:02.553",
"references": [
{
"source": "cret@cert.org",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43823"
},
{
"source": "cret@cert.org",
"url": "http://secunia.com/advisories/47347"
},
{
"source": "cret@cert.org",
"url": "http://secunia.com/advisories/48985"
},
{
"source": "cret@cert.org",
"url": "http://securityreason.com/securityalert/8171"
},
{
"source": "cret@cert.org",
"url": "http://securitytracker.com/id?1025266"
},
{
"source": "cret@cert.org",
"tags": [
"Patch"
],
"url": "http://www.foolabs.com/xpdf/download.html"
},
{
"source": "cret@cert.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/376500"
},
{
"source": "cret@cert.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/MAPG-8ECL8X"
},
{
"source": "cret@cert.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:002"
},
{
"source": "cret@cert.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144"
},
{
"source": "cret@cert.org",
"url": "http://www.securityfocus.com/archive/1/517205/100/0/threaded"
},
{
"source": "cret@cert.org",
"url": "http://www.securityfocus.com/bid/46941"
},
{
"source": "cret@cert.org",
"url": "http://www.toucan-system.com/advisories/tssa-2011-01.txt"
},
{
"source": "cret@cert.org",
"url": "http://www.ubuntu.com/usn/USN-1316-1"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0728"
},
{
"source": "cret@cert.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66208"
},
{
"source": "cret@cert.org",
"url": "https://security.gentoo.org/glsa/201701-57"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43823"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/47347"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48985"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/8171"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1025266"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.foolabs.com/xpdf/download.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/376500"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/MAPG-8ECL8X"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:002"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/517205/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/46941"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.toucan-system.com/advisories/tssa-2011-01.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1316-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0728"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66208"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201701-57"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-01-07 19:00
Modified
2024-11-21 01:17
Severity ?
Summary
Heap-based buffer overflow in the AFM font parser in the dvi-backend component in Evince 2.32 and earlier, teTeX 3.0, t1lib 5.1.2, and possibly other products allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | evince | * | |
| redhat | evince | 0.1 | |
| redhat | evince | 0.2 | |
| redhat | evince | 0.3 | |
| redhat | evince | 0.4 | |
| redhat | evince | 0.5 | |
| redhat | evince | 0.6 | |
| redhat | evince | 0.7 | |
| redhat | evince | 0.8 | |
| redhat | evince | 0.9 | |
| redhat | evince | 2.19 | |
| redhat | evince | 2.20 | |
| redhat | evince | 2.21 | |
| redhat | evince | 2.22 | |
| redhat | evince | 2.23 | |
| redhat | evince | 2.24 | |
| redhat | evince | 2.25 | |
| redhat | evince | 2.26 | |
| redhat | evince | 2.27 | |
| redhat | evince | 2.28 | |
| redhat | evince | 2.29 | |
| redhat | evince | 2.29.92 | |
| redhat | evince | 2.30 | |
| redhat | evince | 2.30.2 | |
| redhat | evince | 2.30.3 | |
| redhat | evince | 2.31 | |
| redhat | evince | 2.31.1 | |
| redhat | evince | 2.31.2 | |
| redhat | evince | 2.31.4 | |
| redhat | evince | 2.31.4.1 | |
| redhat | evince | 2.31.6 | |
| redhat | evince | 2.31.6.1 | |
| redhat | evince | 2.31.90 | |
| redhat | evince | 2.31.92 | |
| t1lib | t1lib | 5.1.2 | |
| tug | tetex | 3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:evince:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20283624-F068-45D0-ABCF-F02BAD8105FB",
"versionEndIncluding": "2.32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:evince:0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B2C4D8E2-B5D1-4229-8C4E-A5D3D45CE232",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:evince:0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D9B61463-DAAD-42B9-A9E4-7D5C0FC94A26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:evince:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "682240C5-7830-45AC-A8E8-F012519E3BB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:evince:0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9299EE95-FB9F-40A3-ACBA-9F8675D04314",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:evince:0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5C9D303A-590D-4D6E-A76E-ED05F5CA3A68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:evince:0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "06F244EC-8257-4B41-8CE1-0BE3F81C6F3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:evince:0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "774E0BE3-5F1F-4C39-9ED2-35E1A0FDE845",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:evince:0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "3D2EC73E-7AAF-4524-ABA7-5236F1FBD2C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:evince:0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6B271944-EAC3-4E79-95BB-58FA1E7EB26B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:evince:2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "47E24A04-E690-4F80-B0F6-7166B01B732A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:evince:2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "47173787-5BD5-4131-A8CD-0D00D1187C41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:evince:2.21:*:*:*:*:*:*:*",
"matchCriteriaId": "F6508CBF-FC04-441D-9D86-955E6FAA0296",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:evince:2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "CD94C302-7E99-4F0D-B6CA-9D59120DE5D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:evince:2.23:*:*:*:*:*:*:*",
"matchCriteriaId": "750B45E1-7D9D-45BE-8B0B-A5B7045DE309",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:evince:2.24:*:*:*:*:*:*:*",
"matchCriteriaId": "7E840F13-F8BC-4A99-9404-94E2292F02BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:evince:2.25:*:*:*:*:*:*:*",
"matchCriteriaId": "1EEFEFB1-A14F-4100-A4AD-0B28E6A2B84D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:evince:2.26:*:*:*:*:*:*:*",
"matchCriteriaId": "2CACCB74-DE05-4619-8E69-38686FFE9BB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:evince:2.27:*:*:*:*:*:*:*",
"matchCriteriaId": "4E72F3DA-2BA2-4D5E-96E4-8DDDBF7200DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:evince:2.28:*:*:*:*:*:*:*",
"matchCriteriaId": "2DCCF82E-BFC7-4459-98C2-54754636664B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:evince:2.29:*:*:*:*:*:*:*",
"matchCriteriaId": "6CA2BC54-6E75-493D-953D-DC41ADBCFAE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:evince:2.29.92:*:*:*:*:*:*:*",
"matchCriteriaId": "1660E63C-4CD1-4B43-9A40-0B731FC5C1C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:evince:2.30:*:*:*:*:*:*:*",
"matchCriteriaId": "9E3ED013-4381-4996-96D8-C560EB24C173",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:evince:2.30.2:*:*:*:*:*:*:*",
"matchCriteriaId": "219D9DEE-0720-4871-8DDC-C24F5F6FB056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:evince:2.30.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6456E479-7A12-4904-8054-354AC4FC32AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:evince:2.31:*:*:*:*:*:*:*",
"matchCriteriaId": "ED7BFBC3-4F4F-4E36-BE99-4E6C4CEE2B2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:evince:2.31.1:*:*:*:*:*:*:*",
"matchCriteriaId": "62F1AA5A-33FE-4C61-8311-3FE44CE9C04B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:evince:2.31.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0232A03E-43BC-4AC3-8175-BD3BAAB842A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:evince:2.31.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CAA8CD39-5229-44AF-AC3D-2713E753D782",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:evince:2.31.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8DC7981-BA67-463C-AA67-96F8EE9C6DD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:evince:2.31.6:*:*:*:*:*:*:*",
"matchCriteriaId": "4D23AD37-4BBA-4B5B-961F-89AFD892E4C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:evince:2.31.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B8783726-03D8-4DBE-8F2A-DC01B29C18F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:evince:2.31.90:*:*:*:*:*:*:*",
"matchCriteriaId": "AE5419CF-CC0A-451C-A9CE-4CA811EFDCA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:evince:2.31.92:*:*:*:*:*:*:*",
"matchCriteriaId": "DAE1D8FE-395E-4009-B91C-4CC966952837",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D1DD1554-BCD4-4D31-ACB2-3788E5CB2407",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tug:tetex:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5143077C-55B7-4D71-A508-4CB4F2BE55A2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the AFM font parser in the dvi-backend component in Evince 2.32 and earlier, teTeX 3.0, t1lib 5.1.2, and possibly other products allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en memoria din\u00e1mica en el validador de fuentes AFM (AFM font parser) en el componente dvi-backend de Evince v2.32 y anteriores, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) o puede que ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de una fuente manipulada junto con un fichero DVI que es procesado por el thumbnailer."
}
],
"id": "CVE-2010-2642",
"lastModified": "2024-11-21T01:17:04.383",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.6,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-01-07T19:00:17.313",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://git.gnome.org/browse/evince/commit/?id=d4139205b010ed06310d14284e63114e88ec6de2"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052910.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052995.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.mandriva.com/security-announce/2011-01/msg00006.php"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42769"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42821"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42847"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/42872"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2011/dsa-2357"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:016"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:017"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0009.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/45678"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1024937"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-1035-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0029"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0043"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2011/0056"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2011/0097"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2011/0102"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2011/0193"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2011/0194"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=666318"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201701-57"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://git.gnome.org/browse/evince/commit/?id=d4139205b010ed06310d14284e63114e88ec6de2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052910.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052995.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.mandriva.com/security-announce/2011-01/msg00006.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42769"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42821"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42847"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/42872"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2011/dsa-2357"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:016"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:017"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0009.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/45678"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1024937"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1035-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0029"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0043"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2011/0056"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2011/0097"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2011/0102"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2011/0193"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2011/0194"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=666318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201701-57"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-03-31 23:55
Modified
2024-11-21 01:26
Severity ?
Summary
Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers to cause a denial of service (application crash) via a PDF document containing a crafted Type 1 font that triggers an invalid memory read, integer overflow, and invalid pointer dereference, a different vulnerability than CVE-2011-0764.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:t1lib:t1lib:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9DA05E50-C6D3-4F92-A015-CB181020557A",
"versionEndIncluding": "5.1.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:0.1:alpha:*:*:*:*:*:*",
"matchCriteriaId": "B856C29C-4179-4173-87D3-1BDCC6933327",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:0.2:beta:*:*:*:*:*:*",
"matchCriteriaId": "A1EECD4E-4531-4C1D-B7F1-B5B20F79A22B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:0.3:beta:*:*:*:*:*:*",
"matchCriteriaId": "D3727A7B-2683-4D70-937F-514D38D13FE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:0.4:beta:*:*:*:*:*:*",
"matchCriteriaId": "C5E84F55-E912-424B-BC7A-8FDDD4BA0591",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:0.5:beta:*:*:*:*:*:*",
"matchCriteriaId": "C46D7084-80F5-45E5-8CBC-078D95860E01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:0.6:beta:*:*:*:*:*:*",
"matchCriteriaId": "0738DF6D-C493-4DD5-95E1-7701AA50453C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:0.7:beta:*:*:*:*:*:*",
"matchCriteriaId": "D2D7BF42-D227-460D-A90F-1E128108DB6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:0.8:beta:*:*:*:*:*:*",
"matchCriteriaId": "FC63023C-69D1-4A1D-9690-BB2FF9A209B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "E0A0A2CB-0A7B-4D06-82E3-6F949C3CE1D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:0.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F49D5478-E590-4A7C-ABFE-F9E7EC9BF5A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:0.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5CA0BDE2-1FF2-48BF-B7BB-4AE4AF236474",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "25CF5EAD-E543-4E81-AF2B-C8D9C45F0AAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CC95B6D3-8BBB-4202-89DD-12DF3FCAB0EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "85813410-9E44-4A60-907D-AE89A3F38AA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C09173A5-2FC3-46C8-80A1-5D721FBBF6D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "19AAEE8C-4013-4C1D-A19D-09549CAFF751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2FCED8EF-18BE-4820-A9D5-8CE82F9D2A40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "97E9F2F4-63A3-4DBF-9605-C3767ADB55EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "400C8A4F-D65B-4C46-9BDA-B13A864F40AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A3FE8F44-ADE5-4B4F-96F2-37E2F474B5BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "43839A3D-655A-4CA0-BB28-F8FDE95649BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE28F24A-FA4C-476E-87D3-1745E2F507F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "19DEB3FD-98C7-4288-9654-436B511C58AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "B8ABE533-8FC1-45E6-B574-A4CC7571EF7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*",
"matchCriteriaId": "1B02805E-7BD0-4563-82C8-6FFB982D4913",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*",
"matchCriteriaId": "852F526D-F388-4FF0-BDD9-DF7635DB46D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*",
"matchCriteriaId": "478D53EA-CC8C-4ECB-8410-0910505AD819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*",
"matchCriteriaId": "8C84FB90-FF1C-4502-B2D2-390438DD422F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*",
"matchCriteriaId": "13341DAE-D16D-41A7-BF17-FEC802997B15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*",
"matchCriteriaId": "3E30BAEA-231C-4A82-B014-9EE3D1E81545",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*",
"matchCriteriaId": "FE1DE5A5-6448-43F6-A612-56998D16E6B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*",
"matchCriteriaId": "35F84699-D4CF-4FD1-A959-53E316559EBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*",
"matchCriteriaId": "D820DFD5-0EF9-4C9A-B281-D553A4F63141",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*",
"matchCriteriaId": "E2EFC7E4-E513-42DB-BDA5-8D1E497971DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*",
"matchCriteriaId": "0AA5CDDC-BFDE-4C5E-920F-5DA1B3C51B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CF839D-D034-4D47-977F-7E27B36EF04F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*",
"matchCriteriaId": "F3B3E8A4-14FE-42DA-B82E-839B092B5302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "52D79ABD-202F-464F-B6C3-B225FD37DD3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl1:*:*:*:*:*:*:*",
"matchCriteriaId": "0BC500DA-7B3F-4CD5-BB0E-B244000CD19D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl2:*:*:*:*:*:*:*",
"matchCriteriaId": "9D5D9CEA-0707-46FC-AEC3-9EC540B22BC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl3:*:*:*:*:*:*:*",
"matchCriteriaId": "BD38AC59-7518-40FB-BC29-EC64142DE682",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl4:*:*:*:*:*:*:*",
"matchCriteriaId": "48541241-2EA4-4559-BB29-47A7B3466C5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "32628280-E2DB-45E0-AB8A-CFC90419A182",
"versionEndIncluding": "3.02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DEF5EC54-9145-4B51-8241-C9343160BF80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D33C2C1D-C1C1-4B1D-BDC8-6480CE8EC24B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D1344DF7-9917-4DB0-9256-9E8131C55B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "309F0CF2-4AF7-4F46-91EA-39BA07BAF312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "36FA872B-74B8-48E4-9D5C-5ACA6FCB8026",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "20311EDE-0E34-432A-AE41-F61EA68F134A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*",
"matchCriteriaId": "16FEF460-3569-4294-ABA4-D7C251D67071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*",
"matchCriteriaId": "BB41E8C2-BBCC-48CB-805B-23411D39E936",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*",
"matchCriteriaId": "16670F8A-E70B-4CDF-8C61-414D86E20C84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*",
"matchCriteriaId": "69483A91-53DB-4736-908F-7B14EFB40888",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.93:*:*:*:*:*:*:*",
"matchCriteriaId": "5B3E7962-0A95-4E7B-A983-683B02350B93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "BD1120B3-3372-417B-BCA0-FD515638FBFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "F7397645-3225-4980-8465-28F93322B58B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*",
"matchCriteriaId": "1672587F-ED28-4A8A-A6C1-AD1D6B5DF9F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*",
"matchCriteriaId": "D5A45EAF-B511-4360-A201-D588E7EEB39D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "D14637F7-DC99-4AC4-854C-DBA0B4C6BE54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "9EE03979-D564-4ABD-BEBD-E86E7C1BAF9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*",
"matchCriteriaId": "15D08CFD-BEE1-4DEE-926D-F4291F88224D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*",
"matchCriteriaId": "D244903F-5407-4C35-AE2C-1A05D3C227D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.02:*:*:*:*:*:*:*",
"matchCriteriaId": "F7D4E256-FF91-47BA-B1D4-940FB2D970AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers to cause a denial of service (application crash) via a PDF document containing a crafted Type 1 font that triggers an invalid memory read, integer overflow, and invalid pointer dereference, a different vulnerability than CVE-2011-0764."
},
{
"lang": "es",
"value": "Error Off-by-one en t1lib v5.1.2 y anteriores, como se usaba en Xpdf anterior a v3.02pl6 y otros productos, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) a trav\u00e9s de un documento PDF que contiene una fuente manipulada Tipo 1 y que provoca una lectura incorrecta de memoria, un desbordamiento de entero, y una desreferencia inv\u00e1lida a puntero, una vulnerabilidad diferente de CVE-2011-0764."
}
],
"id": "CVE-2011-1554",
"lastModified": "2024-11-21T01:26:35.057",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-03-31T23:55:00.880",
"references": [
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43823"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/48985"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/8171"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1025266"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.foolabs.com/xpdf/download.html"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/376500"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/MAPG-8ECL8X"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/517205/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.toucan-system.com/advisories/tssa-2011-01.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0728"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201701-57"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43823"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48985"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/8171"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1025266"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.foolabs.com/xpdf/download.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/376500"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/MAPG-8ECL8X"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/517205/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.toucan-system.com/advisories/tssa-2011-01.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0728"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201701-57"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-03-31 23:55
Modified
2024-11-21 01:26
Severity ?
Summary
t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, reads from invalid memory locations, which allows remote attackers to cause a denial of service (application crash) via a crafted Type 1 font in a PDF document, a different vulnerability than CVE-2011-0764.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:t1lib:t1lib:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9DA05E50-C6D3-4F92-A015-CB181020557A",
"versionEndIncluding": "5.1.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:0.1:alpha:*:*:*:*:*:*",
"matchCriteriaId": "B856C29C-4179-4173-87D3-1BDCC6933327",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:0.2:beta:*:*:*:*:*:*",
"matchCriteriaId": "A1EECD4E-4531-4C1D-B7F1-B5B20F79A22B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:0.3:beta:*:*:*:*:*:*",
"matchCriteriaId": "D3727A7B-2683-4D70-937F-514D38D13FE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:0.4:beta:*:*:*:*:*:*",
"matchCriteriaId": "C5E84F55-E912-424B-BC7A-8FDDD4BA0591",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:0.5:beta:*:*:*:*:*:*",
"matchCriteriaId": "C46D7084-80F5-45E5-8CBC-078D95860E01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:0.6:beta:*:*:*:*:*:*",
"matchCriteriaId": "0738DF6D-C493-4DD5-95E1-7701AA50453C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:0.7:beta:*:*:*:*:*:*",
"matchCriteriaId": "D2D7BF42-D227-460D-A90F-1E128108DB6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:0.8:beta:*:*:*:*:*:*",
"matchCriteriaId": "FC63023C-69D1-4A1D-9690-BB2FF9A209B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "E0A0A2CB-0A7B-4D06-82E3-6F949C3CE1D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:0.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F49D5478-E590-4A7C-ABFE-F9E7EC9BF5A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:0.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5CA0BDE2-1FF2-48BF-B7BB-4AE4AF236474",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "25CF5EAD-E543-4E81-AF2B-C8D9C45F0AAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CC95B6D3-8BBB-4202-89DD-12DF3FCAB0EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "85813410-9E44-4A60-907D-AE89A3F38AA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C09173A5-2FC3-46C8-80A1-5D721FBBF6D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "19AAEE8C-4013-4C1D-A19D-09549CAFF751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2FCED8EF-18BE-4820-A9D5-8CE82F9D2A40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "97E9F2F4-63A3-4DBF-9605-C3767ADB55EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "400C8A4F-D65B-4C46-9BDA-B13A864F40AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A3FE8F44-ADE5-4B4F-96F2-37E2F474B5BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "43839A3D-655A-4CA0-BB28-F8FDE95649BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE28F24A-FA4C-476E-87D3-1745E2F507F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "19DEB3FD-98C7-4288-9654-436B511C58AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "B8ABE533-8FC1-45E6-B574-A4CC7571EF7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*",
"matchCriteriaId": "1B02805E-7BD0-4563-82C8-6FFB982D4913",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*",
"matchCriteriaId": "852F526D-F388-4FF0-BDD9-DF7635DB46D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*",
"matchCriteriaId": "478D53EA-CC8C-4ECB-8410-0910505AD819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*",
"matchCriteriaId": "8C84FB90-FF1C-4502-B2D2-390438DD422F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*",
"matchCriteriaId": "13341DAE-D16D-41A7-BF17-FEC802997B15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*",
"matchCriteriaId": "3E30BAEA-231C-4A82-B014-9EE3D1E81545",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*",
"matchCriteriaId": "FE1DE5A5-6448-43F6-A612-56998D16E6B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*",
"matchCriteriaId": "35F84699-D4CF-4FD1-A959-53E316559EBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*",
"matchCriteriaId": "D820DFD5-0EF9-4C9A-B281-D553A4F63141",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*",
"matchCriteriaId": "E2EFC7E4-E513-42DB-BDA5-8D1E497971DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*",
"matchCriteriaId": "0AA5CDDC-BFDE-4C5E-920F-5DA1B3C51B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CF839D-D034-4D47-977F-7E27B36EF04F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*",
"matchCriteriaId": "F3B3E8A4-14FE-42DA-B82E-839B092B5302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "52D79ABD-202F-464F-B6C3-B225FD37DD3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl1:*:*:*:*:*:*:*",
"matchCriteriaId": "0BC500DA-7B3F-4CD5-BB0E-B244000CD19D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl2:*:*:*:*:*:*:*",
"matchCriteriaId": "9D5D9CEA-0707-46FC-AEC3-9EC540B22BC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl3:*:*:*:*:*:*:*",
"matchCriteriaId": "BD38AC59-7518-40FB-BC29-EC64142DE682",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl4:*:*:*:*:*:*:*",
"matchCriteriaId": "48541241-2EA4-4559-BB29-47A7B3466C5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "32628280-E2DB-45E0-AB8A-CFC90419A182",
"versionEndIncluding": "3.02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DEF5EC54-9145-4B51-8241-C9343160BF80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D33C2C1D-C1C1-4B1D-BDC8-6480CE8EC24B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D1344DF7-9917-4DB0-9256-9E8131C55B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "309F0CF2-4AF7-4F46-91EA-39BA07BAF312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "36FA872B-74B8-48E4-9D5C-5ACA6FCB8026",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "20311EDE-0E34-432A-AE41-F61EA68F134A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*",
"matchCriteriaId": "16FEF460-3569-4294-ABA4-D7C251D67071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*",
"matchCriteriaId": "BB41E8C2-BBCC-48CB-805B-23411D39E936",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*",
"matchCriteriaId": "16670F8A-E70B-4CDF-8C61-414D86E20C84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*",
"matchCriteriaId": "69483A91-53DB-4736-908F-7B14EFB40888",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.93:*:*:*:*:*:*:*",
"matchCriteriaId": "5B3E7962-0A95-4E7B-A983-683B02350B93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "BD1120B3-3372-417B-BCA0-FD515638FBFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "F7397645-3225-4980-8465-28F93322B58B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*",
"matchCriteriaId": "1672587F-ED28-4A8A-A6C1-AD1D6B5DF9F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*",
"matchCriteriaId": "D5A45EAF-B511-4360-A201-D588E7EEB39D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "D14637F7-DC99-4AC4-854C-DBA0B4C6BE54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "9EE03979-D564-4ABD-BEBD-E86E7C1BAF9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*",
"matchCriteriaId": "15D08CFD-BEE1-4DEE-926D-F4291F88224D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*",
"matchCriteriaId": "D244903F-5407-4C35-AE2C-1A05D3C227D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.02:*:*:*:*:*:*:*",
"matchCriteriaId": "F7D4E256-FF91-47BA-B1D4-940FB2D970AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, reads from invalid memory locations, which allows remote attackers to cause a denial of service (application crash) via a crafted Type 1 font in a PDF document, a different vulnerability than CVE-2011-0764."
},
{
"lang": "es",
"value": "t1lib v5.1.2 y versiones anteriores, utilizando en Xpdf anterior a v3.02pl6 y otros productos, realiza lecturas desde posiciones de memoria inv\u00e1lidas, permitiendo a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) a trav\u00e9s de una fuente Tipo 1 en un documento PDF, un vulnerabilidad diferente a CVE-2011-0764.\r\n"
}
],
"id": "CVE-2011-1552",
"lastModified": "2024-11-21T01:26:34.667",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-03-31T23:55:00.740",
"references": [
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43823"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/48985"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/8171"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1025266"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.foolabs.com/xpdf/download.html"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/376500"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/MAPG-8ECL8X"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/517205/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.toucan-system.com/advisories/tssa-2011-01.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0728"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201701-57"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43823"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48985"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/8171"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1025266"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.foolabs.com/xpdf/download.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/376500"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/MAPG-8ECL8X"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/517205/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.toucan-system.com/advisories/tssa-2011-01.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0728"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201701-57"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-07-27 22:30
Modified
2024-11-21 00:34
Severity ?
Summary
Buffer overflow in the intT1_EnvGetCompletePath function in lib/t1lib/t1env.c in t1lib 5.1.1 allows context-dependent attackers to execute arbitrary code via a long FileName parameter. NOTE: this issue was originally reported to be in the imagepsloadfont function in php_gd2.dll in the gd (PHP_GD2) extension in PHP 5.2.3.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "86767200-6C9C-4C3E-B111-0E5BE61E197B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "19DEB3FD-98C7-4288-9654-436B511C58AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the intT1_EnvGetCompletePath function in lib/t1lib/t1env.c in t1lib 5.1.1 allows context-dependent attackers to execute arbitrary code via a long FileName parameter. NOTE: this issue was originally reported to be in the imagepsloadfont function in php_gd2.dll in the gd (PHP_GD2) extension in PHP 5.2.3."
},
{
"lang": "es",
"value": "Un desbordamiento de b\u00fafer en la funci\u00f3n intTT1_EnvGetCompletePath en el archivo lib/t1lib/t1env.c en t1lib versi\u00f3n 5.1.1, permite a atacantes dependiendo del contexto ejecutar c\u00f3digo arbitrario por medio de un par\u00e1metro FileName largo. NOTA: este problema se report\u00f3 originalmente de estar en la funci\u00f3n imagepsloadfont en la biblioteca php_gd2.dll en la extensi\u00f3n gd (PHP_GD2) en PHP versi\u00f3n 5.2.3."
}
],
"id": "CVE-2007-4033",
"lastModified": "2024-11-21T00:34:37.720",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-07-27T22:30:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=193437"
},
{
"source": "cve@mitre.org",
"url": "http://fedoranews.org/updates/FEDORA-2007-234.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26241"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26901"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26981"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26992"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27239"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/27297"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27439"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27599"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/27718"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27743"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/28345"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/30168"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200710-12.xml"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200711-34.xml"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200805-13.xml"
},
{
"source": "cve@mitre.org",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0007"
},
{
"source": "cve@mitre.org",
"url": "http://www.bugtraq.ir/adv/t1lib.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2007/dsa-1390"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:189"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:230"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2007_23_sr.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2007-1027.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2007-1030.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2007-1031.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/480239/100/100/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/480244/100/100/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/485823/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/487984/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/25079"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018905"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/usn-515-1"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=303021"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35620"
},
{
"source": "cve@mitre.org",
"url": "https://issues.rpath.com/browse/RPL-1972"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10557"
},
{
"source": "cve@mitre.org",
"url": "https://www.exploit-db.com/exploits/4227"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=193437"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://fedoranews.org/updates/FEDORA-2007-234.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26241"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26901"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26981"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26992"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27239"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/27297"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27439"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27599"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/27718"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27743"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/28345"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30168"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200710-12.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200711-34.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200805-13.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0007"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.bugtraq.ir/adv/t1lib.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2007/dsa-1390"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:189"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:230"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2007_23_sr.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2007-1027.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2007-1030.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2007-1031.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/480239/100/100/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/480244/100/100/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/485823/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/487984/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/25079"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018905"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-515-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=303021"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35620"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://issues.rpath.com/browse/RPL-1972"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10557"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/4227"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Not vulnerable. Versions of PHP packages as shipped with current Red Hat products are not linked with t1lib.",
"lastModified": "2007-08-01T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-11-19 12:10
Modified
2024-11-21 01:33
Severity ?
Summary
Multiple off-by-one errors in the (1) token and (2) linetoken functions in backend/dvi/mdvi-lib/afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a DVI file containing a crafted Adobe Font Metrics (AFM) file, different vulnerabilities than CVE-2010-2642 and CVE-2011-0433.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnome:evince:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F97A2BB2-55C9-4F24-9155-F460649282D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:t1lib:t1lib:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6BB7CEC-0058-49F7-BDBF-110969D277D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tetex:tetex:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9178B36F-41D5-4AE7-B9C8-56BDEADE76EB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple off-by-one errors in the (1) token and (2) linetoken functions in backend/dvi/mdvi-lib/afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a DVI file containing a crafted Adobe Font Metrics (AFM) file, different vulnerabilities than CVE-2010-2642 and CVE-2011-0433."
},
{
"lang": "es",
"value": "Multiples errores off-by-one en las funciones (1) token y (2) linetoken en backend/dvi/MDVI-lib/afmparse.c en t1lib, tal y como se utiliza en teTeX v3.0.x, GNOME Evince, y posiblemente otros productos, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) y posiblemente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un archivo que contiene un fichero DVI hecho a mano que contiene un archivo Adobe Font Metrics (AFM). Se trata de una vulnerabilidad diferente a CVE-2010-2642 y CVE-2011-0433.\r\n"
}
],
"id": "CVE-2011-5244",
"lastModified": "2024-11-21T01:33:58.487",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-11-19T12:10:49.337",
"references": [
{
"source": "cve@mitre.org",
"url": "http://git.gnome.org/browse/evince/commit/?id=439c5070022e"
},
{
"source": "cve@mitre.org",
"url": "http://git.gnome.org/browse/evince/commit/?id=d4139205b010"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2011/03/04/21"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.gnome.org/show_bug.cgi?id=643882"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80271"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201701-57"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.gnome.org/browse/evince/commit/?id=439c5070022e"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.gnome.org/browse/evince/commit/?id=d4139205b010"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2011/03/04/21"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.gnome.org/show_bug.cgi?id=643882"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80271"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201701-57"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}