DebianDEBIAN:DLA-256-1:F06E9[SECURITY] [DLA 256-1] t1utils security update
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.7 High
AI Score
Confidence
Low
0.076 Low
EPSS
Percentile
94.2%
Package : t1utils
Version : 1.36-1+deb6u1
CVE ID : CVE-2015-3905
Debian Bug : 779274
Jakub Wilk found a vulnerability in the Type 1 font manipulation
programs, t1utils:
CVE-2015-3905
Buffer overflow in the set_cs_start function in t1disasm.c in t1utils
before 1.39 allows remote attackers to cause a denial of service (crash)
and possibly execute arbitrary code via a crafted font file.
For Debian 6 "Squeeze", this issue has been fixed in t1utils version
1.36-1+deb6u1.
Attachment:
signature.asc
Description: Digital signature
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 6 | i386 | t1utils | < 1.36-1+deb6u1 | t1utils_1.36-1+deb6u1_i386.deb |
| Debian | 6 | amd64 | t1utils | < 1.36-1+deb6u1 | t1utils_1.36-1+deb6u1_amd64.deb |
| Debian | 6 | all | t1utils | < 1.36-1+deb6u1 | t1utils_1.36-1+deb6u1_all.deb |
Related
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.7 High
AI Score
Confidence
Low
0.076 Low
EPSS
Percentile
94.2%