Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-1335-1
HistoryJan 19, 2012 - 12:00 a.m.

t1lib vulnerabilities

2012-01-1900:00:00
ubuntu.com
35

7.6 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

7.9 High

AI Score

Confidence

Low

0.086 Low

EPSS

Percentile

94.5%

JSON

Releases

  • Ubuntu 11.10
  • Ubuntu 11.04
  • Ubuntu 10.10
  • Ubuntu 10.04

Packages

  • t1lib - Type 1 font rasterizer library - runtime

Details

Jon Larimer discovered that t1lib did not properly parse AFM fonts. If a
user were tricked into using a specially crafted font file, a remote
attacker could cause t1lib to crash or possibly execute arbitrary code with
user privileges. (CVE-2010-2642, CVE-2011-0433)

Jonathan Brossard discovered that t1lib did not correctly handle certain
malformed font files. If a user were tricked into using a specially crafted
font file, a remote attacker could cause t1lib to crash. (CVE-2011-1552,
CVE-2011-1553, CVE-2011-1554)

OSVersionArchitecturePackageVersionFilename
Ubuntu11.10noarchlibt1-5< 5.1.2-3ubuntu0.11.10.2UNKNOWN
Ubuntu11.10noarchlibt1-5-dbg< 5.1.2-3ubuntu0.11.10.2UNKNOWN
Ubuntu11.10noarchlibt1-dev< 5.1.2-3ubuntu0.11.10.2UNKNOWN
Ubuntu11.10noarcht1lib-bin< 5.1.2-3ubuntu0.11.10.2UNKNOWN
Ubuntu11.04noarchlibt1-5< 5.1.2-3ubuntu0.11.04.2UNKNOWN
Ubuntu11.04noarchlibt1-5-dbg< 5.1.2-3ubuntu0.11.04.2UNKNOWN
Ubuntu11.04noarchlibt1-dev< 5.1.2-3ubuntu0.11.04.2UNKNOWN
Ubuntu11.04noarcht1lib-bin< 5.1.2-3ubuntu0.11.04.2UNKNOWN
Ubuntu10.10noarchlibt1-5< 5.1.2-3ubuntu0.10.10.2UNKNOWN
Ubuntu10.10noarchlibt1-5-dbg< 5.1.2-3ubuntu0.10.10.2UNKNOWN
Rows per page:
1-10 of 161

Related

openvas 51
nessus 50
centos 3
osv 2
debian 2
amazon 2
oraclelinux 4
redhat 4
fedora 4
slackware 1
gentoo 2
securityvulns 3
prion 6
cvelist 6
nvd 6
debiancve 6
ubuntucve 6
cve 6
veracode 5
cbl_mariner 2
ubuntu 2
openvas
openvas
Ubuntu: Security Advisory (USN-1335-1)
2012-01-20 00:00:00
Ubuntu Update for t1lib USN-1335-1
2012-01-20 00:00:00
RedHat Update for texlive RHSA-2012:0137-01
2012-07-09 00:00:00
nessus
nessus
Ubuntu 10.04 LTS / 10.10 / 11.04 / 11.10 : t1lib vulnerabilities (USN-1335-1)
2012-01-20 00:00:00
Oracle Linux 6 : texlive (ELSA-2012-0137)
2013-07-12 00:00:00
CentOS 6 : t1lib (CESA-2012:0062)
2012-01-31 00:00:00
centos
centos
t1lib security update
2012-01-30 20:25:25
kpathsea, mendexk, texlive security update
2012-02-16 13:36:55
tetex security update
2012-08-23 23:12:26
osv
osv
t1lib - several
2012-01-14 00:00:00
evince - several
2011-12-03 00:00:00
debian
debian
[SECURITY] [DSA 2388-1] t1lib security update
2012-01-15 10:25:21
[SECURITY] [DSA 2357-1] evince security update
2011-12-04 10:54:13
amazon
amazon
Medium: texlive
2012-03-04 16:08:00
Medium: t1lib
2012-02-02 14:26:00
oraclelinux
oraclelinux
texlive security update
2012-02-15 00:00:00
t1lib security update
2012-01-24 00:00:00
tetex security update
2012-08-23 00:00:00
redhat
redhat
(RHSA-2012:0137) Moderate: texlive security update
2012-02-15 00:00:00
(RHSA-2012:0062) Moderate: t1lib security update
2012-01-24 00:00:00
(RHSA-2012:1201) Moderate: tetex security update
2012-08-23 00:00:00
fedora
fedora
[SECURITY] Fedora 15 Update: t1lib-5.1.2-9.fc15
2012-01-28 03:28:44
[SECURITY] Fedora 16 Update: t1lib-5.1.2-9.fc16
2012-01-28 03:23:39
[SECURITY] Fedora 14 Update: evince-2.32.0-3.fc14
2011-01-08 21:26:09
slackware
slackware
[slackware-security] t1lib
2012-08-16 06:32:38
gentoo
gentoo
T1Lib: : Multiple vulnerabilities
2017-01-23 00:00:00
Evince: Multiple vulnerabilities
2011-11-20 00:00:00
securityvulns
securityvulns
t1lib / xpdf library multiple security vulnerabilities
2012-01-16 00:00:00
[USN-1035-1] Evince vulnerabilities
2011-01-07 00:00:00
evince buffer overflows
2011-01-07 00:00:00
prion
prion
Heap overflow
2012-11-19 12:10:00
Code injection
2012-11-19 12:10:00
Heap overflow
2011-01-07 19:00:00
cvelist
cvelist
CVE-2011-0433
2012-11-19 11:00:00
CVE-2011-5244
2012-11-19 11:00:00
CVE-2010-2642
2011-01-07 18:00:00
nvd
nvd
CVE-2011-0433
2012-11-19 12:10:48
CVE-2011-5244
2012-11-19 12:10:49
CVE-2010-2642
2011-01-07 19:00:17
debiancve
debiancve
CVE-2011-0433
2012-11-19 12:10:48
CVE-2011-5244
2012-11-19 12:10:49
CVE-2010-2642
2011-01-07 19:00:17
ubuntucve
ubuntucve
CVE-2011-0433
2012-01-13 00:00:00
CVE-2011-5244
2012-11-19 00:00:00
CVE-2010-2642
2011-01-05 00:00:00
cve
cve
CVE-2011-0433
2012-11-19 12:10:48
CVE-2011-5244
2012-11-19 12:10:49
CVE-2010-2642
2011-01-07 19:00:17
veracode
veracode
Denial Of Service (DoS)
2020-04-10 01:07:02
Denial Of Service (DoS)
2020-04-10 01:07:01
Denial Of Service (DoS)
2020-04-10 01:07:02
cbl_mariner
cbl_mariner
CVE-2010-2642 affecting package t1lib 5.1.2-28
2024-07-01 09:08:36
CVE-2011-0433 affecting package t1lib 5.1.2-28
2024-07-01 09:08:36
ubuntu
ubuntu
Evince vulnerability
2012-01-25 00:00:00
Evince vulnerabilities
2011-01-05 00:00:00

7.6 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

7.9 High

AI Score

Confidence

Low

0.086 Low

EPSS

Percentile

94.5%

JSON
Related for USN-1335-1
openvas51nessus50centos3osv2debian2amazon2oraclelinux4redhat4fedora4slackware1gentoo2securityvulns3prion6cvelist6nvd6debiancve6ubuntucve6cve6veracode5cbl_mariner2ubuntu2