Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2011-1554

Опубликовано: 28 мар. 2011
Источник: redhat
CVSS2: 6.8

Описание

Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers to cause a denial of service (application crash) via a PDF document containing a crafted Type 1 font that triggers an invalid memory read, integer overflow, and invalid pointer dereference, a different vulnerability than CVE-2011-0764.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 4tetexAffected
Red Hat Enterprise Linux 4xpdfNot affected
Red Hat Enterprise Linux 5tetexFixedRHSA-2012:120123.08.2012
Red Hat Enterprise Linux 6t1libFixedRHSA-2012:006224.01.2012
Red Hat Enterprise Linux 6texliveFixedRHSA-2012:013715.02.2012

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-193
https://bugzilla.redhat.com/show_bug.cgi?id=692856t1lib: Off-by-one via crafted Type 1 font

6.8 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2011-1554

ubuntu
около 14 лет назад

Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers to cause a denial of service (application crash) via a PDF document containing a crafted Type 1 font that triggers an invalid memory read, integer overflow, and invalid pointer dereference, a different vulnerability than CVE-2011-0764.

nvd логотип

CVE-2011-1554

nvd
около 14 лет назад

Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers to cause a denial of service (application crash) via a PDF document containing a crafted Type 1 font that triggers an invalid memory read, integer overflow, and invalid pointer dereference, a different vulnerability than CVE-2011-0764.

debian логотип

CVE-2011-1554

debian
около 14 лет назад

Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf before 3. ...

github логотип

GHSA-23f5-whxg-92j5

github
около 3 лет назад

Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers to cause a denial of service (application crash) via a PDF document containing a crafted Type 1 font that triggers an invalid memory read, integer overflow, and invalid pointer dereference, a different vulnerability than CVE-2011-0764.

oracle-oval логотип

ELSA-2012-0137

oracle-oval
больше 13 лет назад

ELSA-2012-0137: texlive security update (MODERATE)

6.8 Medium

CVSS2