CVE-2011-0764

t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, uses an invalid pointer in conjunction with a dereference operation, which allows remote attackers to execute arbitrary code via a crafted Type 1 font in a PDF document, as demonstrated by testz.2184122398.pdf.
Severity
UNKNOWN
AV:N/AC:M/Au:N/C:P/I:P/A:P
Atk. Vector
NETWORK
Atk. Complexity
MEDIUM
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
VendorProductVersion
t1libt1lib
𝑥
≤ 5.1.2
t1libt1lib
0.1
t1libt1lib
0.2
t1libt1lib
0.3
t1libt1lib
0.4
t1libt1lib
0.5
t1libt1lib
0.6
t1libt1lib
0.7
t1libt1lib
0.8
t1libt1lib
0.9
t1libt1lib
0.9.1
t1libt1lib
0.9.2
t1libt1lib
1.0
t1libt1lib
1.0.1
t1libt1lib
1.1.0
t1libt1lib
1.1.1
t1libt1lib
1.2
t1libt1lib
1.3
t1libt1lib
1.3.1
t1libt1lib
5.0.0
t1libt1lib
5.0.1
t1libt1lib
5.0.2
t1libt1lib
5.1.0
t1libt1lib
5.1.1
foolabsxpdf
0.5a
foolabsxpdf
0.7a
foolabsxpdf
0.91a
foolabsxpdf
0.91b
foolabsxpdf
0.91c
foolabsxpdf
0.92a
foolabsxpdf
0.92b
foolabsxpdf
0.92c
foolabsxpdf
0.92d
foolabsxpdf
0.92e
foolabsxpdf
0.93a
foolabsxpdf
0.93b
foolabsxpdf
0.93c
foolabsxpdf
1.00a
foolabsxpdf
3.0.1
foolabsxpdf
3.02pl1
foolabsxpdf
3.02pl2
foolabsxpdf
3.02pl3
foolabsxpdf
3.02pl4
glyphandcogxpdfreader
𝑥
≤ 3.02
glyphandcogxpdfreader
0.2
glyphandcogxpdfreader
0.3
glyphandcogxpdfreader
0.4
glyphandcogxpdfreader
0.5
glyphandcogxpdfreader
0.6
glyphandcogxpdfreader
0.7
glyphandcogxpdfreader
0.80
glyphandcogxpdfreader
0.90
glyphandcogxpdfreader
0.91
glyphandcogxpdfreader
0.92
glyphandcogxpdfreader
0.93
glyphandcogxpdfreader
1.00
glyphandcogxpdfreader
1.01
glyphandcogxpdfreader
2.00
glyphandcogxpdfreader
2.01
glyphandcogxpdfreader
2.02
glyphandcogxpdfreader
2.03
glyphandcogxpdfreader
3.00
glyphandcogxpdfreader
3.01
glyphandcogxpdfreader
3.02
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
poppler
bullseye (security)
20.09.0-3.1+deb11u1
fixed
bullseye
20.09.0-3.1+deb11u1
fixed
bookworm
22.12.0-2
fixed
sid
24.08.0-3
fixed
trixie
24.08.0-3
fixed
xpdf
bullseye
3.04+git20210103-3
fixed
bookworm
3.04+git20220601-1
fixed
sid
3.04+git20240613-1
fixed
trixie
3.04+git20240613-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
t1lib
oneiric
Fixed 5.1.2-3ubuntu0.11.10.1
released
natty
Fixed 5.1.2-3ubuntu0.11.04.1
released
maverick
Fixed 5.1.2-3ubuntu0.10.10.1
released
lucid
Fixed 5.1.2-3ubuntu0.10.04.1
released
karmic
ignored
hardy
ignored
dapper
ignored
References