Vulnerability CVE-2011-1552: Information

Description

t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, reads from invalid memory locations, which allows remote attackers to cause a denial of service (application crash) via a crafted Type 1 font in a PDF document, a different vulnerability than CVE-2011-0764.

Severity: MEDIUM (4.3)

URL: https://nvd.nist.gov/vuln/detail/CVE-2011-1552
Published: April 1, 2011
Modified: March 6, 2019
Error type identifier: CWE-119

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
t1libsisyphus5.1.2-alt65.1.2-alt7ALT-PU-2020-3095-1260177Fixed
t1libp105.1.2-alt65.1.2-alt6ALT-PU-2020-3095-1260177Fixed
t1libp95.1.2-alt65.1.2-alt6ALT-PU-2020-3114-1260178Fixed
t1libc10f15.1.2-alt65.1.2-alt6ALT-PU-2020-3095-1260177Fixed
t1libc9f25.1.2-alt65.1.2-alt6ALT-PU-2022-1925-1300244Fixed
t1libp115.1.2-alt65.1.2-alt7ALT-PU-2020-3095-1260177Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
VU#376500
  • US Government Resource
http://www.foolabs.com/xpdf/download.html
  • Patch
http://www.kb.cert.org/vuls/id/MAPG-8ECL8X
  • US Government Resource
ADV-2011-0728
  • Vendor Advisory
http://www.toucan-system.com/advisories/tssa-2011-01.txt
    43823
    • Vendor Advisory
    1025266
      8171
        MDVSA-2012:144
          RHSA-2012:1201
            48985
              GLSA-201701-57
                20110327 TSSA-2011-01 xpdf : multiple vulnerabilities allow remote code execution

                    1. Configuration 1

                      cpe:2.3:a:t1lib:t1lib:*:*:*:*:*:*:*:*
                      cpe:2.3:a:t1lib:t1lib:0.1:alpha:*:*:*:*:*:*
                      cpe:2.3:a:t1lib:t1lib:0.2:beta:*:*:*:*:*:*
                      cpe:2.3:a:t1lib:t1lib:0.3:beta:*:*:*:*:*:*
                      cpe:2.3:a:t1lib:t1lib:0.4:beta:*:*:*:*:*:*
                      cpe:2.3:a:t1lib:t1lib:0.5:beta:*:*:*:*:*:*
                      cpe:2.3:a:t1lib:t1lib:0.6:beta:*:*:*:*:*:*
                      cpe:2.3:a:t1lib:t1lib:0.7:beta:*:*:*:*:*:*
                      cpe:2.3:a:t1lib:t1lib:0.8:beta:*:*:*:*:*:*
                      cpe:2.3:a:t1lib:t1lib:0.9:*:*:*:*:*:*:*
                      cpe:2.3:a:t1lib:t1lib:0.9.1:*:*:*:*:*:*:*
                      cpe:2.3:a:t1lib:t1lib:0.9.2:*:*:*:*:*:*:*
                      cpe:2.3:a:t1lib:t1lib:1.0:*:*:*:*:*:*:*
                      cpe:2.3:a:t1lib:t1lib:1.0.1:*:*:*:*:*:*:*
                      cpe:2.3:a:t1lib:t1lib:1.1.0:*:*:*:*:*:*:*
                      cpe:2.3:a:t1lib:t1lib:1.1.1:*:*:*:*:*:*:*
                      cpe:2.3:a:t1lib:t1lib:1.2:*:*:*:*:*:*:*
                      cpe:2.3:a:t1lib:t1lib:1.3:*:*:*:*:*:*:*
                      cpe:2.3:a:t1lib:t1lib:1.3.1:*:*:*:*:*:*:*
                      cpe:2.3:a:t1lib:t1lib:5.0.0:*:*:*:*:*:*:*
                      cpe:2.3:a:t1lib:t1lib:5.0.1:*:*:*:*:*:*:*
                      cpe:2.3:a:t1lib:t1lib:5.0.2:*:*:*:*:*:*:*
                      cpe:2.3:a:t1lib:t1lib:5.1.0:*:*:*:*:*:*:*
                      cpe:2.3:a:t1lib:t1lib:5.1.1:*:*:*:*:*:*:*
                      cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*
                      cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*
                      cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*
                      cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*
                      cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*
                      cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*
                      cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*
                      cpe:2.3:a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*
                      cpe:2.3:a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*
                      cpe:2.3:a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*
                      cpe:2.3:a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*
                      cpe:2.3:a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*
                      cpe:2.3:a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*
                      cpe:2.3:a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*
                      cpe:2.3:a:foolabs:xpdf:3.0.1:*:*:*:*:*:*:*
                      cpe:2.3:a:foolabs:xpdf:3.02pl1:*:*:*:*:*:*:*
                      cpe:2.3:a:foolabs:xpdf:3.02pl2:*:*:*:*:*:*:*
                      cpe:2.3:a:foolabs:xpdf:3.02pl3:*:*:*:*:*:*:*
                      cpe:2.3:a:foolabs:xpdf:3.02pl4:*:*:*:*:*:*:*
                      cpe:2.3:a:glyphandcog:xpdfreader:*:*:*:*:*:*:*:*
                      cpe:2.3:a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*
                      cpe:2.3:a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*
                      cpe:2.3:a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*
                      cpe:2.3:a:glyphandcog:xpdfreader:0.5:*:*:*:*:*:*:*
                      cpe:2.3:a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*
                      cpe:2.3:a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*
                      cpe:2.3:a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*
                      cpe:2.3:a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*
                      cpe:2.3:a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*
                      cpe:2.3:a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*
                      cpe:2.3:a:glyphandcog:xpdfreader:0.93:*:*:*:*:*:*:*
                      cpe:2.3:a:glyphandcog:xpdfreader:1.00:*:*:*:*:*:*:*
                      cpe:2.3:a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*
                      cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*
                      cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*
                      cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*
                      cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*
                      cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*
                      cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*
                      cpe:2.3:a:glyphandcog:xpdfreader:3.02:*:*:*:*:*:*:*
                  VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
                  Version: v24.5.3
                  Back to top