2011-04-01 01:55:00 2019-03-06 17:30:38

Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers to cause a denial of service (application crash) via a PDF document containing a crafted Type 1 font that triggers an invalid memory read, integer overflow, and invalid pointer dereference, a different vulnerability than CVE-2011-0764.

Vector

NETWORK

Complexity

MEDIUM

Authentication

NONE

Confidentiality

NONE

Integrity

NONE

Availability

PARTIAL
t1lib 0.9.2 t1lib 0.9.1 t1lib 0.9 t1lib 0.8 Beta t1lib 0.7 Beta t1lib 0.6 Beta t1lib 0.5 Beta t1lib 0.4 Beta t1lib 0.3 Beta t1lib 0.2 Beta t1lib 0.1 Alpha Glyphandcog Xpdfreader 3.02 (not an official CPE) Glyphandcog Xpdfreader 3.01 (not an official CPE) Glyphandcog Xpdfreader 3.00 (not an official CPE) Glyphandcog Xpdfreader 2.03 (not an official CPE) Glyphandcog Xpdfreader 2.02 (not an official CPE) Glyphandcog Xpdfreader 2.01 (not an official CPE) Glyphandcog Xpdfreader 2.00 (not an official CPE) Glyphandcog Xpdfreader 1.01 (not an official CPE) Glyphandcog Xpdfreader 1.00 (not an official CPE) Glyphandcog Xpdfreader 0.93 (not an official CPE) Glyphandcog Xpdfreader 0.92 (not an official CPE) Glyphandcog Xpdfreader 0.91 (not an official CPE) Glyphandcog Xpdfreader 0.90 (not an official CPE) Glyphandcog Xpdfreader 0.80 (not an official CPE) Glyphandcog Xpdfreader 0.7 (not an official CPE) Glyphandcog Xpdfreader 0.6 (not an official CPE) Glyphandcog Xpdfreader 0.5 (not an official CPE) Glyphandcog Xpdfreader 0.4 (not an official CPE) Glyphandcog Xpdfreader 0.3 (not an official CPE) Glyphandcog Xpdfreader 0.2 (not an official CPE) Foolabs Xpdf 3.02pl4 (not an official CPE) Foolabs Xpdf 3.02pl3 (not an official CPE) Foolabs Xpdf 3.02pl2 (not an official CPE) Foolabs Xpdf 3.02pl1 (not an official CPE) foolabs Xpdf 3.0.1 Foolabs Xpdf 1.00a (not an official CPE) Foolabs Xpdf 0.93c (not an official CPE) Foolabs Xpdf 0.93b (not an official CPE) Foolabs Xpdf 0.93a (not an official CPE) Foolabs Xpdf 0.92e (not an official CPE) Foolabs Xpdf 0.92d (not an official CPE) Foolabs Xpdf 0.92c (not an official CPE) Foolabs Xpdf 0.92b (not an official CPE) Foolabs Xpdf 0.92a (not an official CPE) Foolabs Xpdf 0.91c (not an official CPE) Foolabs Xpdf 0.91b (not an official CPE) Foolabs Xpdf 0.91a (not an official CPE) Foolabs Xpdf 0.7a (not an official CPE) Foolabs Xpdf 0.5a (not an official CPE) t1lib 1.0 t1lib 1.0.1 t1lib 1.1.0 t1lib 1.1.1 t1lib 1.2 t1lib 1.3 t1lib 1.3.1 t1lib 5.0.0 t1lib 5.0.1 t1lib 5.0.2 t1lib 5.1.0 t1lib 5.1.1 t1lib 5.1.2