6.8 - VU#376500

Executive Summary

This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.

Summary
Title	Foolabs Xpdf contains a denial of service vulnerability

Informations
Name	VU#376500	First vendor Publication	2011-03-21
Vendor	VU-CERT	Last vendor Modification	2011-04-05
Severity (Vendor)	N/A	Revision	M

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Cvss Base Score	6.8	Attack Range	Network
Cvss Impact Score	6.4	Attack Complexity	Medium
Cvss Expoit Score	8.6	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Vulnerability Note VU#376500

Foolabs Xpdf contains a denial of service vulnerability

Overview

Foolabs Xpdf contains a denial of service vulnerability caused by the t1lib library incorrectly parsing Type 1 fonts.

I. Description

According to Foolabs: Xpdf is an open source viewer for Portable Document Format (PDF) files. (These are sometimes also called 'Acrobat' files, from the name of Adobe's PDF software.) The Xpdf project also includes a PDF text extractor, PDF-to-PostScript converter, and various other utilities. Foolabs Xpdf contains a denial of service vulnerability caused by the t1lib library incorrectly parsing Type 1 fonts. This vulnerability may allow an attacker to execute arbitrary code.

II. Impact

A remote attacker can cause the device to crash and may be able to execute arbitrary code.

III. Solution

The vendor has stated they will stop using t1lib in their product and users should build Xpdf without t1lib.

To build Xpdf without t1lib, add the "--with-t1-library=no" flag to the
configure command:

./configure --with-t1-library=no .....

To double-check, run "xpdf --help". The "-freetype" option should be
listed, and the "-t1lib" option should NOT be listed. That indicates
that Xpdf was built with FreeType and without t1lib.

With this setting, Xpdf will use FreeType instead of t1lib to rasterize
Type 1 fonts. With recent versions of FreeType, the Type 1 quality is
as good or better than t1lib, so this should not present any problems.

Vendor Information

Vendor	Status	Date Notified	Date Updated
Debian GNU/Linux	Unknown		2011-03-21
FreeBSD Project	Unknown		2011-03-21
NetBSD	Unknown		2011-03-21
SUSE Linux	Unknown		2011-03-21
Ubuntu	Unknown		2011-03-21
xpdf	Affected	2011-02-23	2011-02-25

References

http://www.toucan-system.eu/advisories/tssa-2011-01.txt

Credit

Thanks to Jonathan Brossard for reporting this vulnerability.

This document was written by Michael Orlando.

Other Information

Date Public:	2011-03-21
Date First Published:	2011-03-21
Date Last Updated:	2011-04-05
CERT Advisory:
CVE-ID(s):	CVE-2011-0764
NVD-ID(s):	CVE-2011-0764
US-CERT Technical Alerts:
Severity Metric:	0.06
Document Revision:	12

Original Source

Url : http://www.kb.cert.org/vuls/id/376500

CWE : Common Weakness Enumeration

%	Id	Name
25 %	CWE-399	Resource Management Errors
25 %	CWE-189	Numeric Errors (CWE/SANS Top 25)
25 %	CWE-119	Failure to Constrain Operations within the Bounds of a Memory Buffer
25 %	CWE-20	Improper Input Validation

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:15060

Oval ID:	oval:org.mitre.oval:def:15060
Title:	USN-1335-1 -- t1lib vulnerabilities
Description:	t1lib: Type 1 font rasterizer library - runtime t1lib could be made to crash or run programs as your login if it opened a specially crafted font file.
Family:	unix	Class:	patch
Reference(s):	USN-1335-1 CVE-2010-2642 CVE-2011-0433 CVE-2011-1552 CVE-2011-1553 CVE-2011-1554	Version:	5
Platform(s):	Ubuntu 11.04 Ubuntu 11.10 Ubuntu 10.04 Ubuntu 10.10	Product(s):	t1lib
Definition Synopsis:
Release section Ubuntu 11.04 is installed AND Installed architecture is all AND libt1-5 DPKG is earlier than 5.1.2-3ubuntu0.11.04.2 OR Release section Ubuntu 11.10 is installed AND Installed architecture is all AND libt1-5 DPKG is earlier than 5.1.2-3ubuntu0.11.10.2 OR Release section Ubuntu 10.04 is installed AND Installed architecture is all AND libt1-5 DPKG is earlier than 5.1.2-3ubuntu0.10.04.2 OR Release section Ubuntu 10.10 is installed AND Installed architecture is all AND libt1-5 DPKG is earlier than 5.1.2-3ubuntu0.10.10.2

Definition Id: oval:org.mitre.oval:def:15180

Oval ID:	oval:org.mitre.oval:def:15180
Title:	DSA-2388-1 t1lib -- several
Description:	Several vulnerabilities were discovered in t1lib, a Postscript Type 1 font rasterizer library, some of which might lead to code execution through the opening of files embedding bad fonts. CVE-2010-2642 A heap-based buffer overflow in the AFM font metrics parser potentially leads to the execution of arbitrary code. CVE-2011-0433 Another heap-based buffer overflow in the AFM font metrics parser potentially leads to the execution of arbitrary code. CVE-2011-0764 An invalid pointer dereference allows execution of arbitrary code using crafted Type 1 fonts. CVE-2011-1552 Another invalid pointer dereference results in an application crash, triggered by crafted Type 1 fonts. CVE-2011-1553 A use-after-free vulnerability results in an application crash, triggered by crafted Type 1 fonts. CVE-2011-1554 An off-by-one error results in an invalid memory read and application crash, triggered by crafted Type 1 fonts.
Family:	unix	Class:	patch
Reference(s):	DSA-2388-1 CVE-2010-2642 CVE-2011-0433 CVE-2011-0764 CVE-2011-1552 CVE-2011-1553 CVE-2011-1554	Version:	5
Platform(s):	Debian GNU/Linux 5.0 Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0	Product(s):	t1lib
Definition Synopsis:
Release section Debian GNU/Linux 5.0 is installed AND Installed architecture is all AND t1lib DPKG is earlier than 5.1.2-3+lenny1 OR Release section Debian 6.0 is installed AND GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND Installed architecture is all AND t1lib DPKG is earlier than 5.1.2-3+squeeze1

Definition Id: oval:org.mitre.oval:def:15436

Oval ID:	oval:org.mitre.oval:def:15436
Title:	USN-1316-1 -- t1lib vulnerability
Description:	t1lib: Type 1 font rasterizer library - runtime t1lib could be made to crash or run programs as your login if it opened a specially crafted font file.
Family:	unix	Class:	patch
Reference(s):	USN-1316-1 CVE-2011-0764	Version:	5
Platform(s):	Ubuntu 11.04 Ubuntu 11.10 Ubuntu 10.04 Ubuntu 10.10	Product(s):	t1lib
Definition Synopsis:
Release section Ubuntu 11.04 is installed AND Installed architecture is all AND libt1-5 DPKG is earlier than 5.1.2-3ubuntu0.11.04.1 OR Release section Ubuntu 11.10 is installed AND Installed architecture is all AND libt1-5 DPKG is earlier than 5.1.2-3ubuntu0.11.10.1 OR Release section Ubuntu 10.04 is installed AND Installed architecture is all AND libt1-5 DPKG is earlier than 5.1.2-3ubuntu0.10.04.1 OR Release section Ubuntu 10.10 is installed AND Installed architecture is all AND libt1-5 DPKG is earlier than 5.1.2-3ubuntu0.10.10.1

Definition Id: oval:org.mitre.oval:def:20633

Oval ID:	oval:org.mitre.oval:def:20633
Title:	RHSA-2012:0137: texlive security update (Moderate)
Description:	Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers to cause a denial of service (application crash) via a PDF document containing a crafted Type 1 font that triggers an invalid memory read, integer overflow, and invalid pointer dereference, a different vulnerability than CVE-2011-0764.
Family:	unix	Class:	patch
Reference(s):	RHSA-2012:0137-01 CESA-2012:0137 CVE-2010-2642 CVE-2011-0433 CVE-2011-0764 CVE-2011-1552 CVE-2011-1553 CVE-2011-1554	Version:	81
Platform(s):	Red Hat Enterprise Linux 6 CentOS Linux 6	Product(s):	texlive
Definition Synopsis:
Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6 AND The operating system installed on the system is CentOS Linux 6.x Packages section texlive-dvips is earlier than 0:2007-57.el6_2 AND texlive-latex is earlier than 0:2007-57.el6_2 AND kpathsea is earlier than 0:2007-57.el6_2 AND texlive-context is earlier than 0:2007-57.el6_2 AND texlive-afm is earlier than 0:2007-57.el6_2 AND mendexk is earlier than 0:2.6e-57.el6_2 AND texlive-dviutils is earlier than 0:2007-57.el6_2 AND texlive-east-asian is earlier than 0:2007-57.el6_2 AND texlive-utils is earlier than 0:2007-57.el6_2 AND texlive-xetex is earlier than 0:2007-57.el6_2 AND kpathsea-devel is earlier than 0:2007-57.el6_2 AND texlive is earlier than 0:2007-57.el6_2

Definition Id: oval:org.mitre.oval:def:20742

Oval ID:	oval:org.mitre.oval:def:20742
Title:	RHSA-2012:0062: t1lib security update (Moderate)
Description:	Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers to cause a denial of service (application crash) via a PDF document containing a crafted Type 1 font that triggers an invalid memory read, integer overflow, and invalid pointer dereference, a different vulnerability than CVE-2011-0764.
Family:	unix	Class:	patch
Reference(s):	RHSA-2012:0062-01 CESA-2012:0062 CVE-2010-2642 CVE-2011-0433 CVE-2011-0764 CVE-2011-1552 CVE-2011-1553 CVE-2011-1554	Version:	81
Platform(s):	Red Hat Enterprise Linux 6 CentOS Linux 6	Product(s):	t1lib
Definition Synopsis:
Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6 AND The operating system installed on the system is CentOS Linux 6.x Packages section t1lib is earlier than 0:5.1.2-6.el6_2.1 AND t1lib-apps is earlier than 0:5.1.2-6.el6_2.1 AND t1lib-devel is earlier than 0:5.1.2-6.el6_2.1 AND t1lib-static is earlier than 0:5.1.2-6.el6_2.1

Definition Id: oval:org.mitre.oval:def:21325

Oval ID:	oval:org.mitre.oval:def:21325
Title:	RHSA-2012:1201: tetex security update (Moderate)
Description:	Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers to cause a denial of service (application crash) via a PDF document containing a crafted Type 1 font that triggers an invalid memory read, integer overflow, and invalid pointer dereference, a different vulnerability than CVE-2011-0764.
Family:	unix	Class:	patch
Reference(s):	RHSA-2012:1201-00 CESA-2012:1201 CVE-2010-2642 CVE-2010-3702 CVE-2010-3704 CVE-2011-0433 CVE-2011-0764 CVE-2011-1552 CVE-2011-1553 CVE-2011-1554	Version:	107
Platform(s):	Red Hat Enterprise Linux 5 CentOS Linux 5	Product(s):	tetex
Definition Synopsis:
Redhat 5 or Centos 5 release The operating system installed on the system is Red Hat Enterprise Linux 5 AND The operating system installed on the system is CentOS Linux 5.x Packages section tetex-latex is earlier than 0:3.0-33.15.el5_8.1 AND tetex-doc is earlier than 0:3.0-33.15.el5_8.1 AND tetex is earlier than 0:3.0-33.15.el5_8.1 AND tetex-xdvi is earlier than 0:3.0-33.15.el5_8.1 AND tetex-afm is earlier than 0:3.0-33.15.el5_8.1 AND tetex-dvips is earlier than 0:3.0-33.15.el5_8.1 AND tetex-fonts is earlier than 0:3.0-33.15.el5_8.1

Definition Id: oval:org.mitre.oval:def:23118

Oval ID:	oval:org.mitre.oval:def:23118
Title:	ELSA-2012:1201: tetex security update (Moderate)
Description:	Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers to cause a denial of service (application crash) via a PDF document containing a crafted Type 1 font that triggers an invalid memory read, integer overflow, and invalid pointer dereference, a different vulnerability than CVE-2011-0764.
Family:	unix	Class:	patch
Reference(s):	ELSA-2012:1201-00 CVE-2010-2642 CVE-2010-3702 CVE-2010-3704 CVE-2011-0433 CVE-2011-0764 CVE-2011-1552 CVE-2011-1553 CVE-2011-1554	Version:	37
Platform(s):	Oracle Linux 5	Product(s):	tetex
Definition Synopsis:
Oracle Linux 5.x rpm test tetex-latex is earlier than 0:3.0-33.15.el5_8.1 AND tetex-doc is earlier than 0:3.0-33.15.el5_8.1 AND tetex is earlier than 0:3.0-33.15.el5_8.1 AND tetex-xdvi is earlier than 0:3.0-33.15.el5_8.1 AND tetex-afm is earlier than 0:3.0-33.15.el5_8.1 AND tetex-dvips is earlier than 0:3.0-33.15.el5_8.1 AND tetex-fonts is earlier than 0:3.0-33.15.el5_8.1

Definition Id: oval:org.mitre.oval:def:23773

Oval ID:	oval:org.mitre.oval:def:23773
Title:	ELSA-2012:0062: t1lib security update (Moderate)
Description:	Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers to cause a denial of service (application crash) via a PDF document containing a crafted Type 1 font that triggers an invalid memory read, integer overflow, and invalid pointer dereference, a different vulnerability than CVE-2011-0764.
Family:	unix	Class:	patch
Reference(s):	ELSA-2012:0062-01 CVE-2010-2642 CVE-2011-0433 CVE-2011-0764 CVE-2011-1552 CVE-2011-1553 CVE-2011-1554	Version:	29
Platform(s):	Oracle Linux 6	Product(s):	t1lib
Definition Synopsis:
Oracle Linux 6.x rpm test t1lib is earlier than 0:5.1.2-6.el6_2.1 AND t1lib-apps is earlier than 0:5.1.2-6.el6_2.1 AND t1lib-devel is earlier than 0:5.1.2-6.el6_2.1 AND t1lib-static is earlier than 0:5.1.2-6.el6_2.1

Definition Id: oval:org.mitre.oval:def:23808

Oval ID:	oval:org.mitre.oval:def:23808
Title:	ELSA-2012:0137: texlive security update (Moderate)
Description:	Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers to cause a denial of service (application crash) via a PDF document containing a crafted Type 1 font that triggers an invalid memory read, integer overflow, and invalid pointer dereference, a different vulnerability than CVE-2011-0764.
Family:	unix	Class:	patch
Reference(s):	ELSA-2012:0137-01 CVE-2010-2642 CVE-2011-0433 CVE-2011-0764 CVE-2011-1552 CVE-2011-1553 CVE-2011-1554	Version:	29
Platform(s):	Oracle Linux 6	Product(s):	texlive
Definition Synopsis:
Oracle Linux 6.x rpm test texlive-dvips is earlier than 0:2007-57.el6_2 AND texlive-latex is earlier than 0:2007-57.el6_2 AND kpathsea is earlier than 0:2007-57.el6_2 AND texlive-context is earlier than 0:2007-57.el6_2 AND texlive-afm is earlier than 0:2007-57.el6_2 AND mendexk is earlier than 0:2.6e-57.el6_2 AND texlive-dviutils is earlier than 0:2007-57.el6_2 AND texlive-east-asian is earlier than 0:2007-57.el6_2 AND texlive-utils is earlier than 0:2007-57.el6_2 AND texlive-xetex is earlier than 0:2007-57.el6_2 AND kpathsea-devel is earlier than 0:2007-57.el6_2 AND texlive is earlier than 0:2007-57.el6_2

Definition Id: oval:org.mitre.oval:def:27492

Oval ID:	oval:org.mitre.oval:def:27492
Title:	DEPRECATED: ELSA-2012-0062 -- t1lib security update (moderate)
Description:	[5.1.2-6.1] - Fixed CVE-2010-2642, CVE-2011-0433, CVE-2011-0764, CVE-2011-1552, CVE-2011-1553, CVE-2011-1554 Resolves: rhbz#772900
Family:	unix	Class:	patch
Reference(s):	ELSA-2012-0062 CVE-2010-2642 CVE-2011-0433 CVE-2011-0764 CVE-2011-1552 CVE-2011-1553 CVE-2011-1554	Version:	4
Platform(s):	Oracle Linux 6	Product(s):	t1lib
Definition Synopsis:
Oracle Linux 6.x Packages match section t1lib is earlier than 0:5.1.2-6.el6_2.1 AND t1lib-apps is earlier than 0:5.1.2-6.el6_2.1 AND t1lib-devel is earlier than 0:5.1.2-6.el6_2.1 AND t1lib-static is earlier than 0:5.1.2-6.el6_2.1

Definition Id: oval:org.mitre.oval:def:27783

Oval ID:	oval:org.mitre.oval:def:27783
Title:	DEPRECATED: ELSA-2012-0137 -- texlive security update (moderate)
Description:	[2007-57] - fix CVE-2010-2642 CVE-2011-0433 CVE-2011-0764 CVE-2011-1552 CVE-2011-1553 CVE-2011-1554, texlive various flaws (#773183)
Family:	unix	Class:	patch
Reference(s):	ELSA-2012-0137 CVE-2010-2642 CVE-2011-0433 CVE-2011-0764 CVE-2011-1552 CVE-2011-1553 CVE-2011-1554	Version:	4
Platform(s):	Oracle Linux 6	Product(s):	texlive
Definition Synopsis:
Oracle Linux 6.x Packages match section texlive is earlier than 0:2007-57.el6_2 AND kpathsea is earlier than 0:2007-57.el6_2 AND kpathsea-devel is earlier than 0:2007-57.el6_2 AND mendexk is earlier than 0:2.6e-57.el6_2 AND texlive-afm is earlier than 0:2007-57.el6_2 AND texlive-context is earlier than 0:2007-57.el6_2 AND texlive-dvips is earlier than 0:2007-57.el6_2 AND texlive-dviutils is earlier than 0:2007-57.el6_2 AND texlive-east-asian is earlier than 0:2007-57.el6_2 AND texlive-latex is earlier than 0:2007-57.el6_2 AND texlive-utils is earlier than 0:2007-57.el6_2 AND texlive-xetex is earlier than 0:2007-57.el6_2

Definition Id: oval:org.mitre.oval:def:27817

Oval ID:	oval:org.mitre.oval:def:27817
Title:	DEPRECATED: ELSA-2012-1201 -- tetex security update (moderate)
Description:	[3.0-33.15.el5_9.1] - more robust fix for CVE-2010-3702 (#773178) [3.0-33.15] - apply patch for CVE-2010-3702,3704 (#773180) [3.0-33.14] - fix CVE-2010-2642 CVE-2011-0433 CVE-2011-0764 CVE-2011-1552 CVE-2011-1553 CVE-2011-1554, texlive various flaws (#773180)
Family:	unix	Class:	patch
Reference(s):	ELSA-2012-1201 CVE-2010-3702 CVE-2010-3704 CVE-2010-2642 CVE-2011-0433 CVE-2011-0764 CVE-2011-1552 CVE-2011-1553 CVE-2011-1554	Version:	4
Platform(s):	Oracle Linux 5	Product(s):	tetex
Definition Synopsis:
Oracle Linux 5.x Packages match section tetex is earlier than 0:3.0-33.15.el5_8.1 AND tetex-afm is earlier than 0:3.0-33.15.el5_8.1 AND tetex-doc is earlier than 0:3.0-33.15.el5_8.1 AND tetex-dvips is earlier than 0:3.0-33.15.el5_8.1 AND tetex-fonts is earlier than 0:3.0-33.15.el5_8.1 AND tetex-latex is earlier than 0:3.0-33.15.el5_8.1 AND tetex-xdvi is earlier than 0:3.0-33.15.el5_8.1

CPE : Common Platform Enumeration

Type	Description	Count
Application	Foolabs Xpdf cpe:2.3:a:foolabs:xpdf:3.02pl4:::::::* cpe:2.3:a:foolabs:xpdf:3.02pl3:::::::* cpe:2.3:a:foolabs:xpdf:3.02pl2:::::::* cpe:2.3:a:foolabs:xpdf:3.02pl1:::::::* cpe:2.3:a:foolabs:xpdf:3.0.1:::::::* cpe:2.3:a:foolabs:xpdf:1.00a:::::::* cpe:2.3:a:foolabs:xpdf:0.93c:::::::* cpe:2.3:a:foolabs:xpdf:0.93b:::::::* cpe:2.3:a:foolabs:xpdf:0.93a:::::::* cpe:2.3:a:foolabs:xpdf:0.92e:::::::* cpe:2.3:a:foolabs:xpdf:0.92d:::::::* cpe:2.3:a:foolabs:xpdf:0.92c:::::::* cpe:2.3:a:foolabs:xpdf:0.92b:::::::* cpe:2.3:a:foolabs:xpdf:0.92a:::::::* cpe:2.3:a:foolabs:xpdf:0.91c:::::::* cpe:2.3:a:foolabs:xpdf:0.91b:::::::* cpe:2.3:a:foolabs:xpdf:0.91a:::::::* cpe:2.3:a:foolabs:xpdf:0.7a:::::::* cpe:2.3:a:foolabs:xpdf:0.5a:::::::*	19
Application	Glyphandcog Xpdfreader cpe:2.3:a:glyphandcog:xpdfreader:3.02:::::::* cpe:2.3:a:glyphandcog:xpdfreader:3.01:::::::* cpe:2.3:a:glyphandcog:xpdfreader:3.00:::::::* cpe:2.3:a:glyphandcog:xpdfreader:2.03:::::::* cpe:2.3:a:glyphandcog:xpdfreader:2.02:::::::* cpe:2.3:a:glyphandcog:xpdfreader:2.01:::::::* cpe:2.3:a:glyphandcog:xpdfreader:2.00:::::::* cpe:2.3:a:glyphandcog:xpdfreader:1.01:::::::* cpe:2.3:a:glyphandcog:xpdfreader:1.00:::::::* cpe:2.3:a:glyphandcog:xpdfreader:0.93:::::::* cpe:2.3:a:glyphandcog:xpdfreader:0.92:::::::* cpe:2.3:a:glyphandcog:xpdfreader:0.91:::::::* cpe:2.3:a:glyphandcog:xpdfreader:0.90:::::::* cpe:2.3:a:glyphandcog:xpdfreader:0.80:::::::* cpe:2.3:a:glyphandcog:xpdfreader:0.7:::::::* cpe:2.3:a:glyphandcog:xpdfreader:0.6:::::::* cpe:2.3:a:glyphandcog:xpdfreader:0.5:::::::* cpe:2.3:a:glyphandcog:xpdfreader:0.4:::::::* cpe:2.3:a:glyphandcog:xpdfreader:0.3:::::::* cpe:2.3:a:glyphandcog:xpdfreader:0.2:::::::* cpe:2.3:a:glyphandcog:xpdfreader::::::::	21
Application	t1lib cpe:2.3:a:t1lib:t1lib:5.1.2:::::::* cpe:2.3:a:t1lib:t1lib:5.1.1:::::::* cpe:2.3:a:t1lib:t1lib:5.1.0:::::::* cpe:2.3:a:t1lib:t1lib:5.0.2:::::::* cpe:2.3:a:t1lib:t1lib:5.0.1:::::::* cpe:2.3:a:t1lib:t1lib:5.0.0:::::::* cpe:2.3:a:t1lib:t1lib:1.3.1:::::::* cpe:2.3:a:t1lib:t1lib:1.3:::::::* cpe:2.3:a:t1lib:t1lib:1.2:::::::* cpe:2.3:a:t1lib:t1lib:1.1.1:::::::* cpe:2.3:a:t1lib:t1lib:1.1.0:::::::* cpe:2.3:a:t1lib:t1lib:1.0.1:::::::* cpe:2.3:a:t1lib:t1lib:1.0:::::::* cpe:2.3:a:t1lib:t1lib:0.9.2:::::::* cpe:2.3:a:t1lib:t1lib:0.9.1:::::::* cpe:2.3:a:t1lib:t1lib:0.9:::::::* cpe:2.3:a:t1lib:t1lib:0.8:beta:::::: cpe:2.3:a:t1lib:t1lib:0.7:beta:::::: cpe:2.3:a:t1lib:t1lib:0.6:beta:::::: cpe:2.3:a:t1lib:t1lib:0.5:beta:::::: cpe:2.3:a:t1lib:t1lib:0.4:beta:::::: cpe:2.3:a:t1lib:t1lib:0.3:beta:::::: cpe:2.3:a:t1lib:t1lib:0.2:beta:::::: cpe:2.3:a:t1lib:t1lib:0.1:alpha:::::: cpe:2.3:a:t1lib:t1lib::::::::	25

OpenVAS Exploits

Date	Description
2012-09-10	Name : Slackware Advisory SSA:2012-228-01 t1lib File : nvt/esoft_slk_ssa_2012_228_01.nasl
2012-08-24	Name : CentOS Update for tetex CESA-2012:1201 centos5 File : nvt/gb_CESA-2012_1201_tetex_centos5.nasl
2012-08-24	Name : RedHat Update for tetex RHSA-2012:1201-01 File : nvt/gb_RHSA-2012_1201-01_tetex.nasl
2012-07-30	Name : CentOS Update for t1lib CESA-2012:0062 centos6 File : nvt/gb_CESA-2012_0062_t1lib_centos6.nasl
2012-07-30	Name : CentOS Update for kpathsea CESA-2012:0137 centos6 File : nvt/gb_CESA-2012_0137_kpathsea_centos6.nasl
2012-07-09	Name : RedHat Update for t1lib RHSA-2012:0062-01 File : nvt/gb_RHSA-2012_0062-01_t1lib.nasl
2012-07-09	Name : RedHat Update for texlive RHSA-2012:0137-01 File : nvt/gb_RHSA-2012_0137-01_texlive.nasl
2012-03-19	Name : Fedora Update for t1lib FEDORA-2012-0289 File : nvt/gb_fedora_2012_0289_t1lib_fc16.nasl
2012-02-11	Name : Debian Security Advisory DSA 2388-1 (t1lib) File : nvt/deb_2388_1.nasl
2012-02-01	Name : Fedora Update for t1lib FEDORA-2012-0266 File : nvt/gb_fedora_2012_0266_t1lib_fc15.nasl
2012-01-20	Name : Ubuntu Update for t1lib USN-1335-1 File : nvt/gb_ubuntu_USN_1335_1.nasl
2012-01-13	Name : Mandriva Update for t1lib MDVSA-2012:004 (t1lib) File : nvt/gb_mandriva_MDVSA_2012_004.nasl
2012-01-09	Name : Mandriva Update for t1lib MDVSA-2012:002 (t1lib) File : nvt/gb_mandriva_MDVSA_2012_002.nasl
2011-12-23	Name : Ubuntu Update for t1lib USN-1316-1 File : nvt/gb_ubuntu_USN_1316_1.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
74528	t1lib PDF Type 1 Font Handling Invalid Memory Write Use-after-free DoS
74527	t1lib PDF Type 1 Font Handling Invalid Memory Location DoS
74526	t1lib PDF Type 1 Font Handling Off-by-one Overflow DoS
72302	t1lib PDF Type 1 Font Handling Invalid Pointer Code Execution A memory corruption flaw exists in t1lib. The font handling function fails to sanitize user-supplied input using Type 1 fonts resulting in memory corruption. With a specially crafted PDF file, a context-dependent attacker can execute arbitrary code.

Nessus® Vulnerability Scanner

Date	Description
2017-01-24	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201701-57.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-249.nasl - Type : ACT_GATHER_INFO
2013-09-04	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-40.nasl - Type : ACT_GATHER_INFO
2013-09-04	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-48.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0062.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0137.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1201.nasl - Type : ACT_GATHER_INFO
2013-01-25	Name : The remote SuSE 11 host is missing a security update. File : suse_11_t1lib-120423.nasl - Type : ACT_GATHER_INFO
2012-08-24	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1201.nasl - Type : ACT_GATHER_INFO
2012-08-24	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120823_tetex_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-24	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1201.nasl - Type : ACT_GATHER_INFO
2012-08-16	Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2012-228-01.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120215_texlive_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120124_t1lib_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-02-17	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0137.nasl - Type : ACT_GATHER_INFO
2012-02-16	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0137.nasl - Type : ACT_GATHER_INFO
2012-01-31	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0062.nasl - Type : ACT_GATHER_INFO
2012-01-30	Name : The remote Fedora host is missing a security update. File : fedora_2012-0289.nasl - Type : ACT_GATHER_INFO
2012-01-30	Name : The remote Fedora host is missing a security update. File : fedora_2012-0266.nasl - Type : ACT_GATHER_INFO
2012-01-25	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0062.nasl - Type : ACT_GATHER_INFO
2012-01-20	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1335-1.nasl - Type : ACT_GATHER_INFO
2012-01-16	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2388.nasl - Type : ACT_GATHER_INFO
2012-01-13	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-004.nasl - Type : ACT_GATHER_INFO
2012-01-03	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-002.nasl - Type : ACT_GATHER_INFO
2011-12-22	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1316-1.nasl - Type : ACT_GATHER_INFO

Global Informations

Type	Count
CWE ID(s)	4
Oval ID(s)	12
CPE ID(s)	65
osvdb(s)	4
Openvas Exploit(s)	14
Nessus® Exploit(s)	25

	Related
6.8	CVE-2011-0764
4.3	CVE-2011-1554
4.3	CVE-2011-1553
4.3	CVE-2011-1552
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 4 more Alert(s)