CVE-2011-0764

t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, uses an invalid pointer in conjunction with a dereference operation, which allows remote attackers to execute arbitrary code via a crafted Type 1 font in a PDF document, as demonstrated by testz.2184122398.pdf.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 96%
Affected Products (NVD)
VendorProductVersion
t1libt1lib
𝑥
≤ 5.1.2
t1libt1lib
0.1:alpha
t1libt1lib
0.2:beta
t1libt1lib
0.3:beta
t1libt1lib
0.4:beta
t1libt1lib
0.5:beta
t1libt1lib
0.6:beta
t1libt1lib
0.7:beta
t1libt1lib
0.8:beta
t1libt1lib
0.9
t1libt1lib
0.9.1
t1libt1lib
0.9.2
t1libt1lib
1.0
t1libt1lib
1.0.1
t1libt1lib
1.1.0
t1libt1lib
1.1.1
t1libt1lib
1.2
t1libt1lib
1.3
t1libt1lib
1.3.1
t1libt1lib
5.0.0
t1libt1lib
5.0.1
t1libt1lib
5.0.2
t1libt1lib
5.1.0
t1libt1lib
5.1.1
foolabsxpdf
0.5a:a
foolabsxpdf
0.7a:a
foolabsxpdf
0.91a:a
foolabsxpdf
0.91b:b
foolabsxpdf
0.91c:c
foolabsxpdf
0.92a:a
foolabsxpdf
0.92b:b
foolabsxpdf
0.92c:c
foolabsxpdf
0.92d:d
foolabsxpdf
0.92e:e
foolabsxpdf
0.93a:a
foolabsxpdf
0.93b:b
foolabsxpdf
0.93c:c
foolabsxpdf
1.00a:a
foolabsxpdf
3.0.1
foolabsxpdf
3.02pl1:pl1
foolabsxpdf
3.02pl2:pl2
foolabsxpdf
3.02pl3:pl3
foolabsxpdf
3.02pl4:pl4
glyphandcogxpdfreader
𝑥
≤ 3.02
glyphandcogxpdfreader
0.2
glyphandcogxpdfreader
0.3
glyphandcogxpdfreader
0.4
glyphandcogxpdfreader
0.5
glyphandcogxpdfreader
0.6
glyphandcogxpdfreader
0.7
glyphandcogxpdfreader
0.80
glyphandcogxpdfreader
0.90
glyphandcogxpdfreader
0.91
glyphandcogxpdfreader
0.92
glyphandcogxpdfreader
0.93
glyphandcogxpdfreader
1.00
glyphandcogxpdfreader
1.01
glyphandcogxpdfreader
2.00
glyphandcogxpdfreader
2.01
glyphandcogxpdfreader
2.02
glyphandcogxpdfreader
2.03
glyphandcogxpdfreader
3.00
glyphandcogxpdfreader
3.01
glyphandcogxpdfreader
3.02
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
poppler
bookworm
22.12.0-2
fixed
bullseye
20.09.0-3.1+deb11u1
fixed
bullseye (security)
20.09.0-3.1+deb11u1
fixed
sid
24.08.0-3
fixed
trixie
24.08.0-3
fixed
xpdf
bookworm
3.04+git20220601-1
fixed
bullseye
3.04+git20210103-3
fixed
sid
3.04+git20240613-1
fixed
trixie
3.04+git20240613-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
t1lib
dapper
ignored
hardy
ignored
karmic
ignored
lucid
Fixed 5.1.2-3ubuntu0.10.04.1
released
maverick
Fixed 5.1.2-3ubuntu0.10.10.1
released
natty
Fixed 5.1.2-3ubuntu0.11.04.1
released
oneiric
Fixed 5.1.2-3ubuntu0.11.10.1
released
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
kpathsea
RHEL 6
0:2007-57.el6_2
fixed
kpathsea-devel
RHEL 6
0:2007-57.el6_2
fixed
mendexk
RHEL 6
0:2.6e-57.el6_2
fixed
t1lib
RHEL 6
0:5.1.2-6.el6_2.1
fixed
t1lib-apps
RHEL 6
0:5.1.2-6.el6_2.1
fixed
t1lib-devel
RHEL 6
0:5.1.2-6.el6_2.1
fixed
t1lib-static
RHEL 6
0:5.1.2-6.el6_2.1
fixed
texlive
RHEL 6
0:2007-57.el6_2
fixed
texlive-afm
RHEL 6
0:2007-57.el6_2
fixed
texlive-context
RHEL 6
0:2007-57.el6_2
fixed
texlive-dvips
RHEL 6
0:2007-57.el6_2
fixed
texlive-dviutils
RHEL 6
0:2007-57.el6_2
fixed
texlive-east-asian
RHEL 6
0:2007-57.el6_2
fixed
texlive-latex
RHEL 6
0:2007-57.el6_2
fixed
texlive-utils
RHEL 6
0:2007-57.el6_2
fixed
texlive-xetex
RHEL 6
0:2007-57.el6_2
fixed
Common Weakness Enumeration
References
http://rhn.redhat.com/errata/RHSA-2012-1201.html
http://secunia.com/advisories/43823
http://secunia.com/advisories/47347
http://secunia.com/advisories/48985
http://securityreason.com/securityalert/8171
http://securitytracker.com/id?1025266
http://www.foolabs.com/xpdf/download.html
http://www.kb.cert.org/vuls/id/376500
http://www.kb.cert.org/vuls/id/MAPG-8ECL8X
http://www.mandriva.com/security/advisories?name=MDVSA-2012:002
http://www.mandriva.com/security/advisories?name=MDVSA-2012:144
http://www.securityfocus.com/archive/1/517205/100/0/threaded
http://www.securityfocus.com/bid/46941
http://www.toucan-system.com/advisories/tssa-2011-01.txt
http://www.ubuntu.com/usn/USN-1316-1
http://www.vupen.com/english/advisories/2011/0728
https://exchange.xforce.ibmcloud.com/vulnerabilities/66208
https://security.gentoo.org/glsa/201701-57
http://rhn.redhat.com/errata/RHSA-2012-1201.html
http://secunia.com/advisories/43823
http://secunia.com/advisories/47347
http://secunia.com/advisories/48985
http://securityreason.com/securityalert/8171
http://securitytracker.com/id?1025266
http://www.foolabs.com/xpdf/download.html
http://www.kb.cert.org/vuls/id/376500
http://www.kb.cert.org/vuls/id/MAPG-8ECL8X
http://www.mandriva.com/security/advisories?name=MDVSA-2012:002
http://www.mandriva.com/security/advisories?name=MDVSA-2012:144
http://www.securityfocus.com/archive/1/517205/100/0/threaded
http://www.securityfocus.com/bid/46941
http://www.toucan-system.com/advisories/tssa-2011-01.txt
http://www.ubuntu.com/usn/USN-1316-1
http://www.vupen.com/english/advisories/2011/0728
https://exchange.xforce.ibmcloud.com/vulnerabilities/66208
https://security.gentoo.org/glsa/201701-57