cve-2011-0764
Vulnerability from cvelistv5
Published
2011-03-31 22:00
Modified
2024-08-06 22:05
Severity ?
Summary
t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, uses an invalid pointer in conjunction with a dereference operation, which allows remote attackers to execute arbitrary code via a crafted Type 1 font in a PDF document, as demonstrated by testz.2184122398.pdf.
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T22:05:53.382Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "MDVSA-2012:002",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:002"
          },
          {
            "name": "43823",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43823"
          },
          {
            "name": "47347",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/47347"
          },
          {
            "name": "48985",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48985"
          },
          {
            "name": "8171",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/8171"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/MAPG-8ECL8X"
          },
          {
            "name": "ADV-2011-0728",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0728"
          },
          {
            "name": "xpdf-t1lib-code-execution(66208)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66208"
          },
          {
            "name": "RHSA-2012:1201",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.foolabs.com/xpdf/download.html"
          },
          {
            "name": "46941",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/46941"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.toucan-system.com/advisories/tssa-2011-01.txt"
          },
          {
            "name": "USN-1316-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1316-1"
          },
          {
            "name": "VU#376500",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/376500"
          },
          {
            "name": "MDVSA-2012:144",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144"
          },
          {
            "name": "GLSA-201701-57",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201701-57"
          },
          {
            "name": "1025266",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1025266"
          },
          {
            "name": "20110327 TSSA-2011-01 xpdf : multiple vulnerabilities allow remote code execution",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/517205/100/0/threaded"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-03-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, uses an invalid pointer in conjunction with a dereference operation, which allows remote attackers to execute arbitrary code via a crafted Type 1 font in a PDF document, as demonstrated by testz.2184122398.pdf."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-09T18:57:01",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "name": "MDVSA-2012:002",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:002"
        },
        {
          "name": "43823",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43823"
        },
        {
          "name": "47347",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/47347"
        },
        {
          "name": "48985",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48985"
        },
        {
          "name": "8171",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/8171"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kb.cert.org/vuls/id/MAPG-8ECL8X"
        },
        {
          "name": "ADV-2011-0728",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0728"
        },
        {
          "name": "xpdf-t1lib-code-execution(66208)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66208"
        },
        {
          "name": "RHSA-2012:1201",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.foolabs.com/xpdf/download.html"
        },
        {
          "name": "46941",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/46941"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.toucan-system.com/advisories/tssa-2011-01.txt"
        },
        {
          "name": "USN-1316-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1316-1"
        },
        {
          "name": "VU#376500",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/376500"
        },
        {
          "name": "MDVSA-2012:144",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144"
        },
        {
          "name": "GLSA-201701-57",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201701-57"
        },
        {
          "name": "1025266",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1025266"
        },
        {
          "name": "20110327 TSSA-2011-01 xpdf : multiple vulnerabilities allow remote code execution",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/517205/100/0/threaded"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2011-0764",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, uses an invalid pointer in conjunction with a dereference operation, which allows remote attackers to execute arbitrary code via a crafted Type 1 font in a PDF document, as demonstrated by testz.2184122398.pdf."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "MDVSA-2012:002",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:002"
            },
            {
              "name": "43823",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43823"
            },
            {
              "name": "47347",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/47347"
            },
            {
              "name": "48985",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48985"
            },
            {
              "name": "8171",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/8171"
            },
            {
              "name": "http://www.kb.cert.org/vuls/id/MAPG-8ECL8X",
              "refsource": "CONFIRM",
              "url": "http://www.kb.cert.org/vuls/id/MAPG-8ECL8X"
            },
            {
              "name": "ADV-2011-0728",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0728"
            },
            {
              "name": "xpdf-t1lib-code-execution(66208)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66208"
            },
            {
              "name": "RHSA-2012:1201",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html"
            },
            {
              "name": "http://www.foolabs.com/xpdf/download.html",
              "refsource": "CONFIRM",
              "url": "http://www.foolabs.com/xpdf/download.html"
            },
            {
              "name": "46941",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/46941"
            },
            {
              "name": "http://www.toucan-system.com/advisories/tssa-2011-01.txt",
              "refsource": "MISC",
              "url": "http://www.toucan-system.com/advisories/tssa-2011-01.txt"
            },
            {
              "name": "USN-1316-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1316-1"
            },
            {
              "name": "VU#376500",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/376500"
            },
            {
              "name": "MDVSA-2012:144",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144"
            },
            {
              "name": "GLSA-201701-57",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201701-57"
            },
            {
              "name": "1025266",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1025266"
            },
            {
              "name": "20110327 TSSA-2011-01 xpdf : multiple vulnerabilities allow remote code execution",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/517205/100/0/threaded"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2011-0764",
    "datePublished": "2011-03-31T22:00:00",
    "dateReserved": "2011-02-03T00:00:00",
    "dateUpdated": "2024-08-06T22:05:53.382Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2011-0764\",\"sourceIdentifier\":\"cret@cert.org\",\"published\":\"2011-03-31T22:55:02.553\",\"lastModified\":\"2019-03-06T16:30:38.343\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, uses an invalid pointer in conjunction with a dereference operation, which allows remote attackers to execute arbitrary code via a crafted Type 1 font in a PDF document, as demonstrated by testz.2184122398.pdf.\"},{\"lang\":\"es\",\"value\":\"t1lib v5.1.2 y versiones anteriores, utilizado en Xpdf anterior a v3.02pl6 y otros productos, utiliza un puntero no v\u00e1lido en una operaci\u00f3n de eliminaci\u00f3n de referencias,  permitiendo a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un fuente Tipo 1 manipulada en un documento PDF, como lo demuestra el testz.2184122398.pdf\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\",\"baseScore\":6.8},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:t1lib:t1lib:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"5.1.2\",\"matchCriteriaId\":\"9DA05E50-C6D3-4F92-A015-CB181020557A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:t1lib:t1lib:0.1:alpha:*:*:*:*:*:*\",\"matchCriteriaId\":\"B856C29C-4179-4173-87D3-1BDCC6933327\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:t1lib:t1lib:0.2:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1EECD4E-4531-4C1D-B7F1-B5B20F79A22B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:t1lib:t1lib:0.3:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3727A7B-2683-4D70-937F-514D38D13FE9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:t1lib:t1lib:0.4:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5E84F55-E912-424B-BC7A-8FDDD4BA0591\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:t1lib:t1lib:0.5:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"C46D7084-80F5-45E5-8CBC-078D95860E01\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:t1lib:t1lib:0.6:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"0738DF6D-C493-4DD5-95E1-7701AA50453C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:t1lib:t1lib:0.7:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2D7BF42-D227-460D-A90F-1E128108DB6A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:t1lib:t1lib:0.8:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC63023C-69D1-4A1D-9690-BB2FF9A209B6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:t1lib:t1lib:0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0A0A2CB-0A7B-4D06-82E3-6F949C3CE1D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:t1lib:t1lib:0.9.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F49D5478-E590-4A7C-ABFE-F9E7EC9BF5A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:t1lib:t1lib:0.9.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5CA0BDE2-1FF2-48BF-B7BB-4AE4AF236474\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:t1lib:t1lib:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25CF5EAD-E543-4E81-AF2B-C8D9C45F0AAB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:t1lib:t1lib:1.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC95B6D3-8BBB-4202-89DD-12DF3FCAB0EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:t1lib:t1lib:1.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85813410-9E44-4A60-907D-AE89A3F38AA2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:t1lib:t1lib:1.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C09173A5-2FC3-46C8-80A1-5D721FBBF6D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:t1lib:t1lib:1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19AAEE8C-4013-4C1D-A19D-09549CAFF751\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:t1lib:t1lib:1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2FCED8EF-18BE-4820-A9D5-8CE82F9D2A40\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:t1lib:t1lib:1.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97E9F2F4-63A3-4DBF-9605-C3767ADB55EB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:t1lib:t1lib:5.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"400C8A4F-D65B-4C46-9BDA-B13A864F40AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:t1lib:t1lib:5.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A3FE8F44-ADE5-4B4F-96F2-37E2F474B5BE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:t1lib:t1lib:5.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"43839A3D-655A-4CA0-BB28-F8FDE95649BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:t1lib:t1lib:5.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE28F24A-FA4C-476E-87D3-1745E2F507F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:t1lib:t1lib:5.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19DEB3FD-98C7-4288-9654-436B511C58AC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8ABE533-8FC1-45E6-B574-A4CC7571EF7C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B02805E-7BD0-4563-82C8-6FFB982D4913\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"852F526D-F388-4FF0-BDD9-DF7635DB46D8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"478D53EA-CC8C-4ECB-8410-0910505AD819\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C84FB90-FF1C-4502-B2D2-390438DD422F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"13341DAE-D16D-41A7-BF17-FEC802997B15\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E30BAEA-231C-4A82-B014-9EE3D1E81545\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE1DE5A5-6448-43F6-A612-56998D16E6B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"35F84699-D4CF-4FD1-A959-53E316559EBE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D820DFD5-0EF9-4C9A-B281-D553A4F63141\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2EFC7E4-E513-42DB-BDA5-8D1E497971DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0AA5CDDC-BFDE-4C5E-920F-5DA1B3C51B52\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4CF839D-D034-4D47-977F-7E27B36EF04F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3B3E8A4-14FE-42DA-B82E-839B092B5302\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:foolabs:xpdf:3.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"52D79ABD-202F-464F-B6C3-B225FD37DD3F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:foolabs:xpdf:3.02pl1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0BC500DA-7B3F-4CD5-BB0E-B244000CD19D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:foolabs:xpdf:3.02pl2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D5D9CEA-0707-46FC-AEC3-9EC540B22BC3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:foolabs:xpdf:3.02pl3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD38AC59-7518-40FB-BC29-EC64142DE682\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:foolabs:xpdf:3.02pl4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48541241-2EA4-4559-BB29-47A7B3466C5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:glyphandcog:xpdfreader:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.02\",\"matchCriteriaId\":\"32628280-E2DB-45E0-AB8A-CFC90419A182\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEF5EC54-9145-4B51-8241-C9343160BF80\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D33C2C1D-C1C1-4B1D-BDC8-6480CE8EC24B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1344DF7-9917-4DB0-9256-9E8131C55B0A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:glyphandcog:xpdfreader:0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"309F0CF2-4AF7-4F46-91EA-39BA07BAF312\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36FA872B-74B8-48E4-9D5C-5ACA6FCB8026\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"20311EDE-0E34-432A-AE41-F61EA68F134A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16FEF460-3569-4294-ABA4-D7C251D67071\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB41E8C2-BBCC-48CB-805B-23411D39E936\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16670F8A-E70B-4CDF-8C61-414D86E20C84\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"69483A91-53DB-4736-908F-7B14EFB40888\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:glyphandcog:xpdfreader:0.93:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B3E7962-0A95-4E7B-A983-683B02350B93\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:glyphandcog:xpdfreader:1.00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD1120B3-3372-417B-BCA0-FD515638FBFB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7397645-3225-4980-8465-28F93322B58B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1672587F-ED28-4A8A-A6C1-AD1D6B5DF9F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5A45EAF-B511-4360-A201-D588E7EEB39D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D14637F7-DC99-4AC4-854C-DBA0B4C6BE54\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EE03979-D564-4ABD-BEBD-E86E7C1BAF9D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"15D08CFD-BEE1-4DEE-926D-F4291F88224D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D244903F-5407-4C35-AE2C-1A05D3C227D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:glyphandcog:xpdfreader:3.02:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7D4E256-FF91-47BA-B1D4-940FB2D970AF\"}]}]}],\"references\":[{\"url\":\"http://rhn.redhat.com/errata/RHSA-2012-1201.html\",\"source\":\"cret@cert.org\"},{\"url\":\"http://secunia.com/advisories/43823\",\"source\":\"cret@cert.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/47347\",\"source\":\"cret@cert.org\"},{\"url\":\"http://secunia.com/advisories/48985\",\"source\":\"cret@cert.org\"},{\"url\":\"http://securityreason.com/securityalert/8171\",\"source\":\"cret@cert.org\"},{\"url\":\"http://securitytracker.com/id?1025266\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.foolabs.com/xpdf/download.html\",\"source\":\"cret@cert.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/376500\",\"source\":\"cret@cert.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/MAPG-8ECL8X\",\"source\":\"cret@cert.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2012:002\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2012:144\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/517205/100/0/threaded\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.securityfocus.com/bid/46941\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.toucan-system.com/advisories/tssa-2011-01.txt\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.ubuntu.com/usn/USN-1316-1\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2011/0728\",\"source\":\"cret@cert.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/66208\",\"source\":\"cret@cert.org\"},{\"url\":\"https://security.gentoo.org/glsa/201701-57\",\"source\":\"cret@cert.org\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading...

Loading...

Loading...

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.