CVE-2011-1554

🗓️ 31 Mar 2011 00:00:00Reported by ubuntu.comType

ubuntucve

ubuntucve🔗 ubuntu.com👁 24 Views

Off-by-one error in t1lib 5.1.2 leads to application crash via crafted Type 1 font in PD

Reporter	Title	Published	Views	Family All 117
Amazon	Medium: t1lib	2 Feb 201200:00	–	amazon
Amazon	Medium: texlive	4 Mar 201200:00	–	amazon
Tenable Nessus	Amazon Linux AMI : t1lib (ALAS-2012-40)	4 Sep 201300:00	–	nessus
Tenable Nessus	Amazon Linux AMI : texlive (ALAS-2012-48)	4 Sep 201300:00	–	nessus
Tenable Nessus	CentOS 6 : t1lib (CESA-2012:0062)	31 Jan 201200:00	–	nessus
Tenable Nessus	CentOS 6 : texlive (CESA-2012:0137)	17 Feb 201200:00	–	nessus
Tenable Nessus	CentOS 5 : tetex (CESA-2012:1201)	24 Aug 201200:00	–	nessus
Tenable Nessus	Debian DSA-2388-1 : t1lib - several vulnerabilities	16 Jan 201200:00	–	nessus
Tenable Nessus	Fedora 15 : t1lib-5.1.2-9.fc15 (2012-0266)	30 Jan 201200:00	–	nessus
Tenable Nessus	Fedora 16 : t1lib-5.1.2-9.fc16 (2012-0289)	30 Jan 201200:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
Ubuntu	10.04	any	t1lib	5.1.2-3ubuntu0.10.04.2	t1lib_5.1.2-3ubuntu0.10.04.2_any.deb
Ubuntu	10.10	any	t1lib	5.1.2-3ubuntu0.10.10.2	t1lib_5.1.2-3ubuntu0.10.10.2_any.deb
Ubuntu	11.04	any	t1lib	5.1.2-3ubuntu0.11.04.2	t1lib_5.1.2-3ubuntu0.11.04.2_any.deb
Ubuntu	11.10	any	t1lib	5.1.2-3ubuntu0.11.10.2	t1lib_5.1.2-3ubuntu0.11.10.2_any.deb

Source	Link
toucan-system	www.toucan-system.com/advisories/tssa-2011-01.txt
ubuntu	www.ubuntu.com/security/notices/USN-1335-1
cve	www.cve.org/CVERecord

24 Jul 2024 15:57Current

5.9Medium risk

Vulners AI Score5.9

CVSS 24.3

EPSS0.04256

t1lib v5.1.2 xpdf before 3.02pl6 tetex pdf document type 1 font memory read integer overflow pointer dereference