CVE-2011-1554

EUVD-2011-1555
Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers to cause a denial of service (application crash) via a PDF document containing a crafted Type 1 font that triggers an invalid memory read, integer overflow, and invalid pointer dereference, a different vulnerability than CVE-2011-0764.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 90%
Affected Products (NVD)
VendorProductVersion
t1libt1lib
𝑥
≤ 5.1.2
t1libt1lib
0.1:alpha
t1libt1lib
0.2:beta
t1libt1lib
0.3:beta
t1libt1lib
0.4:beta
t1libt1lib
0.5:beta
t1libt1lib
0.6:beta
t1libt1lib
0.7:beta
t1libt1lib
0.8:beta
t1libt1lib
0.9
t1libt1lib
0.9.1
t1libt1lib
0.9.2
t1libt1lib
1.0
t1libt1lib
1.0.1
t1libt1lib
1.1.0
t1libt1lib
1.1.1
t1libt1lib
1.2
t1libt1lib
1.3
t1libt1lib
1.3.1
t1libt1lib
5.0.0
t1libt1lib
5.0.1
t1libt1lib
5.0.2
t1libt1lib
5.1.0
t1libt1lib
5.1.1
foolabsxpdf
0.5a:a
foolabsxpdf
0.7a:a
foolabsxpdf
0.91a:a
foolabsxpdf
0.91b:b
foolabsxpdf
0.91c:c
foolabsxpdf
0.92a:a
foolabsxpdf
0.92b:b
foolabsxpdf
0.92c:c
foolabsxpdf
0.92d:d
foolabsxpdf
0.92e:e
foolabsxpdf
0.93a:a
foolabsxpdf
0.93b:b
foolabsxpdf
0.93c:c
foolabsxpdf
1.00a:a
foolabsxpdf
3.0.1
foolabsxpdf
3.02pl1:pl1
foolabsxpdf
3.02pl2:pl2
foolabsxpdf
3.02pl3:pl3
foolabsxpdf
3.02pl4:pl4
glyphandcogxpdfreader
𝑥
≤ 3.02
glyphandcogxpdfreader
0.2
glyphandcogxpdfreader
0.3
glyphandcogxpdfreader
0.4
glyphandcogxpdfreader
0.5
glyphandcogxpdfreader
0.6
glyphandcogxpdfreader
0.7
glyphandcogxpdfreader
0.80
glyphandcogxpdfreader
0.90
glyphandcogxpdfreader
0.91
glyphandcogxpdfreader
0.92
glyphandcogxpdfreader
0.93
glyphandcogxpdfreader
1.00
glyphandcogxpdfreader
1.01
glyphandcogxpdfreader
2.00
glyphandcogxpdfreader
2.01
glyphandcogxpdfreader
2.02
glyphandcogxpdfreader
2.03
glyphandcogxpdfreader
3.00
glyphandcogxpdfreader
3.01
glyphandcogxpdfreader
3.02
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
poppler
bookworm
22.12.0-2
fixed
bullseye
20.09.0-3.1+deb11u1
fixed
bullseye (security)
20.09.0-3.1+deb11u1
fixed
sid
24.08.0-3
fixed
trixie
24.08.0-3
fixed
xpdf
bookworm
3.04+git20220601-1
fixed
bullseye
3.04+git20210103-3
fixed
sid
3.04+git20240613-1
fixed
trixie
3.04+git20240613-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
t1lib
dapper
ignored
hardy
ignored
karmic
ignored
lucid
Fixed 5.1.2-3ubuntu0.10.04.2
released
maverick
Fixed 5.1.2-3ubuntu0.10.10.2
released
natty
Fixed 5.1.2-3ubuntu0.11.04.2
released
oneiric
Fixed 5.1.2-3ubuntu0.11.10.2
released
Common Weakness Enumeration
References
http://rhn.redhat.com/errata/RHSA-2012-1201.html
http://secunia.com/advisories/43823
http://secunia.com/advisories/48985
http://securityreason.com/securityalert/8171
http://securitytracker.com/id?1025266
http://www.foolabs.com/xpdf/download.html
http://www.kb.cert.org/vuls/id/376500
http://www.kb.cert.org/vuls/id/MAPG-8ECL8X
http://www.mandriva.com/security/advisories?name=MDVSA-2012:144
http://www.securityfocus.com/archive/1/517205/100/0/threaded
http://www.toucan-system.com/advisories/tssa-2011-01.txt
http://www.vupen.com/english/advisories/2011/0728
https://security.gentoo.org/glsa/201701-57
http://rhn.redhat.com/errata/RHSA-2012-1201.html
http://secunia.com/advisories/43823
http://secunia.com/advisories/48985
http://securityreason.com/securityalert/8171
http://securitytracker.com/id?1025266
http://www.foolabs.com/xpdf/download.html
http://www.kb.cert.org/vuls/id/376500
http://www.kb.cert.org/vuls/id/MAPG-8ECL8X
http://www.mandriva.com/security/advisories?name=MDVSA-2012:144
http://www.securityfocus.com/archive/1/517205/100/0/threaded
http://www.toucan-system.com/advisories/tssa-2011-01.txt
http://www.vupen.com/english/advisories/2011/0728
https://security.gentoo.org/glsa/201701-57