CVE-2011-0764

🗓️ 31 Mar 2011 22:00:00Reported by Debian Security Bug TrackerType

debiancve

debiancve🔗 security-tracker.debian.org👁 27 Views

t1lib 5.1.2 allows remote code execution via crafted Type 1 font in PD

Reporter	Title	Published	Views	Family All 123
Amazon	Medium: t1lib	2 Feb 201200:00	–	amazon
Amazon	Medium: texlive	4 Mar 201200:00	–	amazon
Tenable Nessus	Amazon Linux AMI : t1lib (ALAS-2012-40)	4 Sep 201300:00	–	nessus
Tenable Nessus	Amazon Linux AMI : texlive (ALAS-2012-48)	4 Sep 201300:00	–	nessus
Tenable Nessus	CentOS 6 : t1lib (CESA-2012:0062)	31 Jan 201200:00	–	nessus
Tenable Nessus	CentOS 6 : texlive (CESA-2012:0137)	17 Feb 201200:00	–	nessus
Tenable Nessus	CentOS 5 : tetex (CESA-2012:1201)	24 Aug 201200:00	–	nessus
Tenable Nessus	Debian DSA-2388-1 : t1lib - several vulnerabilities	16 Jan 201200:00	–	nessus
Tenable Nessus	Fedora 15 : t1lib-5.1.2-9.fc15 (2012-0266)	30 Jan 201200:00	–	nessus
Tenable Nessus	Fedora 16 : t1lib-5.1.2-9.fc16 (2012-0289)	30 Jan 201200:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
Debian	11	any	poppler	0	poppler_0_any.deb
Debian	12	any	poppler	0	poppler_0_any.deb
Debian	13	any	poppler	0	poppler_0_any.deb
Debian	14	any	poppler	0	poppler_0_any.deb
Debian	999	any	poppler	0	poppler_0_any.deb
Debian	11	any	xpdf	3.02-9	xpdf_3.02-9_any.deb
Debian	12	any	xpdf	3.02-9	xpdf_3.02-9_any.deb
Debian	13	any	xpdf	3.02-9	xpdf_3.02-9_any.deb
Debian	14	any	xpdf	3.02-9	xpdf_3.02-9_any.deb
Debian	999	any	xpdf	3.02-9	xpdf_3.02-9_any.deb

31 Mar 2011 22:00Current

7.2High risk

Vulners AI Score7.2

CVSS 26.8

EPSS0.13055

t1lib 5.1.2 remote code execution crafted font type 1 pdf xpdf tetex invalid pointer arbitrary code