MiracleLinux 4 : t1lib-5.1.2-6.AXS4.1 (AXSA:2012-77:01)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2012-77:01 advisory. T1lib is a rasterizer library for Adobe Type 1 Fonts. It supports rotation and transformation, kerning underlining and antialiasing. It does not depen...

EUVD-2011-1554

Malware in sbrugna...

EUVD-2011-1555

Malware in sbrugna...

EUVD-2011-5144

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2011-0764

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, uses an invalid pointer in conjunction with a dereference operation, which...

Linux Distros Unpatched Vulnerability : CVE-2011-1552

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, reads from invalid memory locations, which allows remote attackers to cause ...

CVE-2010-2642 affecting package t1lib 5.1.2-28

CVE-2010-2642 affecting package t1lib 5.1.2-28. No patch is available currently...

CVE-2011-5244 affecting package t1lib 5.1.2-28

CVE-2011-5244 affecting package t1lib 5.1.2-28. No patch is available currently...

CVE-2011-0433 affecting package t1lib 5.1.2-28

CVE-2011-0433 affecting package t1lib 5.1.2-28. No patch is available currently...

RHSA-2012:0062 Red Hat Security Advisory: t1lib security update

Bulletin has no description...

SUSE CVE-2007-4033

Buffer overflow in the intT1EnvGetCompletePath function in lib/t1lib/t1env.c in t1lib 5.1.1 allows context-dependent attackers to execute arbitrary code via a long FileName parameter. NOTE: this issue was originally reported to be in the imagepsloadfont function in phpgd2.dll in the gd PHPGD2...

SUSE CVE-2011-0433

Heap-based buffer overflow in the linetoken function in afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a DVI file containing a crafted Adobe Font Metrics AFM...

SUSE CVE-2011-0764

t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, uses an invalid pointer in conjunction with a dereference operation, which allows remote attackers to execute arbitrary code via a crafted Type 1 font in a PDF document, as demonstrated by testz.2184122398.pdf...

SUSE CVE-2011-1553

Use-after-free vulnerability in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers to cause a denial of service application crash via a PDF document containing a crafted Type 1 font that triggers an invalid memory write, a different...

SUSE CVE-2011-1554

Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers to cause a denial of service application crash via a PDF document containing a crafted Type 1 font that triggers an invalid memory read, integer overflow, and invalid...

SUSE CVE-2011-1552

t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, reads from invalid memory locations, which allows remote attackers to cause a denial of service application crash via a crafted Type 1 font in a PDF document, a different vulnerability than CVE-2011-0764...

SUSE CVE-2011-5244

Multiple off-by-one errors in the 1 token and 2 linetoken functions in backend/dvi/mdvi-lib/afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via a DVI file containi...

SUSE: Security Advisory (SUSE-SU-2012:0744-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2012:0740-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Denial Of Service (DoS)

TeX Live is vulnerable to denial of service DoS. A use-after-free flaw was found in t1lib. A specially-crafted font file could, when opened, cause a TeX Live utility to crash or, potentially, execute arbitrary code with the privileges of the user running the utility...