CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
Percentile
94.2%
Issue Overview:
A buffer overflow flaw was found in the way t1utils processed, for example, certain PFB (Printer Font Binary) files. An attacker could use this flaw to potentially execute arbitrary code by tricking a user into processing a specially crafted PFB file with t1utils.
Affected Packages:
t1utils
Issue Correction:
Run yum update t1utils to update your system.
New Packages:
i686:
t1utils-1.39-1.3.amzn1.i686
t1utils-debuginfo-1.39-1.3.amzn1.i686
src:
t1utils-1.39-1.3.amzn1.src
x86_64:
t1utils-debuginfo-1.39-1.3.amzn1.x86_64
t1utils-1.39-1.3.amzn1.x86_64
Red Hat: CVE-2015-3905
Mitre: CVE-2015-3905
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Amazon Linux | 1 | i686 | t1utils | < 1.39-1.3.amzn1 | t1utils-1.39-1.3.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | t1utils-debuginfo | < 1.39-1.3.amzn1 | t1utils-debuginfo-1.39-1.3.amzn1.i686.rpm |
Amazon Linux | 1 | x86_64 | t1utils-debuginfo | < 1.39-1.3.amzn1 | t1utils-debuginfo-1.39-1.3.amzn1.x86_64.rpm |
Amazon Linux | 1 | x86_64 | t1utils | < 1.39-1.3.amzn1 | t1utils-1.39-1.3.amzn1.x86_64.rpm |