CVE-2011-1554

Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers to cause a denial of service (application crash) via a PDF document containing a crafted Type 1 font that triggers an invalid memory read, integer overflow, and invalid pointer dereference, a different vulnerability than CVE-2011-0764.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 90%
VendorProductVersion
t1libt1lib
𝑥
≤ 5.1.2
t1libt1lib
0.1:alpha
t1libt1lib
0.2:beta
t1libt1lib
0.3:beta
t1libt1lib
0.4:beta
t1libt1lib
0.5:beta
t1libt1lib
0.6:beta
t1libt1lib
0.7:beta
t1libt1lib
0.8:beta
t1libt1lib
0.9
t1libt1lib
0.9.1
t1libt1lib
0.9.2
t1libt1lib
1.0
t1libt1lib
1.0.1
t1libt1lib
1.1.0
t1libt1lib
1.1.1
t1libt1lib
1.2
t1libt1lib
1.3
t1libt1lib
1.3.1
t1libt1lib
5.0.0
t1libt1lib
5.0.1
t1libt1lib
5.0.2
t1libt1lib
5.1.0
t1libt1lib
5.1.1
foolabsxpdf
0.5a:a
foolabsxpdf
0.7a:a
foolabsxpdf
0.91a:a
foolabsxpdf
0.91b:b
foolabsxpdf
0.91c:c
foolabsxpdf
0.92a:a
foolabsxpdf
0.92b:b
foolabsxpdf
0.92c:c
foolabsxpdf
0.92d:d
foolabsxpdf
0.92e:e
foolabsxpdf
0.93a:a
foolabsxpdf
0.93b:b
foolabsxpdf
0.93c:c
foolabsxpdf
1.00a:a
foolabsxpdf
3.0.1
foolabsxpdf
3.02pl1:pl1
foolabsxpdf
3.02pl2:pl2
foolabsxpdf
3.02pl3:pl3
foolabsxpdf
3.02pl4:pl4
glyphandcogxpdfreader
𝑥
≤ 3.02
glyphandcogxpdfreader
0.2
glyphandcogxpdfreader
0.3
glyphandcogxpdfreader
0.4
glyphandcogxpdfreader
0.5
glyphandcogxpdfreader
0.6
glyphandcogxpdfreader
0.7
glyphandcogxpdfreader
0.80
glyphandcogxpdfreader
0.90
glyphandcogxpdfreader
0.91
glyphandcogxpdfreader
0.92
glyphandcogxpdfreader
0.93
glyphandcogxpdfreader
1.00
glyphandcogxpdfreader
1.01
glyphandcogxpdfreader
2.00
glyphandcogxpdfreader
2.01
glyphandcogxpdfreader
2.02
glyphandcogxpdfreader
2.03
glyphandcogxpdfreader
3.00
glyphandcogxpdfreader
3.01
glyphandcogxpdfreader
3.02
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
poppler
bullseye (security)
20.09.0-3.1+deb11u1
fixed
bullseye
20.09.0-3.1+deb11u1
fixed
bookworm
22.12.0-2
fixed
sid
24.08.0-3
fixed
trixie
24.08.0-3
fixed
xpdf
bullseye
3.04+git20210103-3
fixed
bookworm
3.04+git20220601-1
fixed
sid
3.04+git20240613-1
fixed
trixie
3.04+git20240613-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
t1lib
oneiric
Fixed 5.1.2-3ubuntu0.11.10.2
released
natty
Fixed 5.1.2-3ubuntu0.11.04.2
released
maverick
Fixed 5.1.2-3ubuntu0.10.10.2
released
lucid
Fixed 5.1.2-3ubuntu0.10.04.2
released
karmic
ignored
hardy
ignored
dapper
ignored
Common Weakness Enumeration
References
http://rhn.redhat.com/errata/RHSA-2012-1201.html
http://secunia.com/advisories/43823
http://secunia.com/advisories/48985
http://securityreason.com/securityalert/8171
http://securitytracker.com/id?1025266
http://www.foolabs.com/xpdf/download.html
http://www.kb.cert.org/vuls/id/376500
http://www.kb.cert.org/vuls/id/MAPG-8ECL8X
http://www.mandriva.com/security/advisories?name=MDVSA-2012:144
http://www.securityfocus.com/archive/1/517205/100/0/threaded
http://www.toucan-system.com/advisories/tssa-2011-01.txt
http://www.vupen.com/english/advisories/2011/0728
https://security.gentoo.org/glsa/201701-57
http://rhn.redhat.com/errata/RHSA-2012-1201.html
http://secunia.com/advisories/43823
http://secunia.com/advisories/48985
http://securityreason.com/securityalert/8171
http://securitytracker.com/id?1025266
http://www.foolabs.com/xpdf/download.html
http://www.kb.cert.org/vuls/id/376500
http://www.kb.cert.org/vuls/id/MAPG-8ECL8X
http://www.mandriva.com/security/advisories?name=MDVSA-2012:144
http://www.securityfocus.com/archive/1/517205/100/0/threaded
http://www.toucan-system.com/advisories/tssa-2011-01.txt
http://www.vupen.com/english/advisories/2011/0728
https://security.gentoo.org/glsa/201701-57