CVE-2011-1554

Current Description

Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers to cause a denial of service (application crash) via a PDF document containing a crafted Type 1 font that triggers an invalid memory read, integer overflow, and invalid pointer dereference, a different vulnerability than CVE-2011-0764.

Basic Data

PublishedMarch 31, 2011
Last ModifiedMarch 06, 2019
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeCWE-189
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:M/Au:N/C:N/I:N/A:P
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityMEDIUM
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactNONE
CVSS 2 - Availability ImpactPARTIAL
CVSS 2 - Base Score4.3
SeverityMEDIUM
Exploitability Score8.6
Impact Score2.9
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • AND
    • OR - Configuration 1
      Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
      2.3ApplicationT1libT1lib0.1alpha******
      2.3ApplicationT1libT1lib0.2beta******
      2.3ApplicationT1libT1lib0.3beta******
      2.3ApplicationT1libT1lib0.4beta******
      2.3ApplicationT1libT1lib0.5beta******
      2.3ApplicationT1libT1lib0.6beta******
      2.3ApplicationT1libT1lib0.7beta******
      2.3ApplicationT1libT1lib0.8beta******
      2.3ApplicationT1libT1lib0.9*******
      2.3ApplicationT1libT1lib0.9.1*******
      2.3ApplicationT1libT1lib0.9.2*******
      2.3ApplicationT1libT1lib1.0*******
      2.3ApplicationT1libT1lib1.0.1*******
      2.3ApplicationT1libT1lib1.1.0*******
      2.3ApplicationT1libT1lib1.1.1*******
      2.3ApplicationT1libT1lib1.2*******
      2.3ApplicationT1libT1lib1.3*******
      2.3ApplicationT1libT1lib1.3.1*******
      2.3ApplicationT1libT1lib5.0.0*******
      2.3ApplicationT1libT1lib5.0.1*******
      2.3ApplicationT1libT1lib5.0.2*******
      2.3ApplicationT1libT1lib5.1.0*******
      2.3ApplicationT1libT1lib5.1.1*******
      2.3ApplicationT1libT1lib********5.1.2
    • OR Running on/with:
      Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
      2.3ApplicationFoolabsXpdf0.5a*******
      2.3ApplicationFoolabsXpdf0.7a*******
      2.3ApplicationFoolabsXpdf0.91a*******
      2.3ApplicationFoolabsXpdf0.91b*******
      2.3ApplicationFoolabsXpdf0.91c*******
      2.3ApplicationFoolabsXpdf0.92a*******
      2.3ApplicationFoolabsXpdf0.92b*******
      2.3ApplicationFoolabsXpdf0.92c*******
      2.3ApplicationFoolabsXpdf0.92d*******
      2.3ApplicationFoolabsXpdf0.92e*******
      2.3ApplicationFoolabsXpdf0.93a*******
      2.3ApplicationFoolabsXpdf0.93b*******
      2.3ApplicationFoolabsXpdf0.93c*******
      2.3ApplicationFoolabsXpdf1.00a*******
      2.3ApplicationFoolabsXpdf3.0.1*******
      2.3ApplicationFoolabsXpdf3.02pl1*******
      2.3ApplicationFoolabsXpdf3.02pl2*******
      2.3ApplicationFoolabsXpdf3.02pl3*******
      2.3ApplicationFoolabsXpdf3.02pl4*******
      2.3ApplicationGlyphandcogXpdfreader0.2*******
      2.3ApplicationGlyphandcogXpdfreader0.3*******
      2.3ApplicationGlyphandcogXpdfreader0.4*******
      2.3ApplicationGlyphandcogXpdfreader0.5*******
      2.3ApplicationGlyphandcogXpdfreader0.6*******
      2.3ApplicationGlyphandcogXpdfreader0.7*******
      2.3ApplicationGlyphandcogXpdfreader0.80*******
      2.3ApplicationGlyphandcogXpdfreader0.90*******
      2.3ApplicationGlyphandcogXpdfreader0.91*******
      2.3ApplicationGlyphandcogXpdfreader0.92*******
      2.3ApplicationGlyphandcogXpdfreader0.93*******
      2.3ApplicationGlyphandcogXpdfreader1.00*******
      2.3ApplicationGlyphandcogXpdfreader1.01*******
      2.3ApplicationGlyphandcogXpdfreader2.00*******
      2.3ApplicationGlyphandcogXpdfreader2.01*******
      2.3ApplicationGlyphandcogXpdfreader2.02*******
      2.3ApplicationGlyphandcogXpdfreader2.03*******
      2.3ApplicationGlyphandcogXpdfreader3.00*******
      2.3ApplicationGlyphandcogXpdfreader3.01*******
      2.3ApplicationGlyphandcogXpdfreader********3.02

Vulnerable Software List

VendorProductVersions
Foolabs Xpdf 0.5a, 0.7a, 0.91a, 0.91b, 0.91c, 0.92a, 0.92b, 0.92c, 0.92d, 0.92e, 0.93a, 0.93b, 0.93c, 1.00a, 3.0.1, 3.02pl1, 3.02pl2, 3.02pl3, 3.02pl4
Glyphandcog Xpdfreader *, 0.2, 0.3, 0.4, 0.5, 0.6, 0.7, 0.80, 0.90, 0.91, 0.92, 0.93, 1.00, 1.01, 2.00, 2.01, 2.02, 2.03, 3.00, 3.01
T1lib T1lib *, 0.1, 0.2, 0.3, 0.4, 0.5, 0.6, 0.7, 0.8, 0.9, 0.9.1, 0.9.2, 1.0, 1.0.1, 1.1.0, 1.1.1, 1.2, 1.3, 1.3.1, 5.0.0, 5.0.1, 5.0.2, 5.1.0, 5.1.1

References

NameSourceURLTags
RHSA-2012:1201http://rhn.redhat.com/errata/RHSA-2012-1201.htmlREDHAT
43823http://secunia.com/advisories/43823SECUNIAVendor Advisory
48985http://secunia.com/advisories/48985SECUNIA
8171http://securityreason.com/securityalert/8171SREASON
1025266http://securitytracker.com/id?1025266SECTRACK
http://www.foolabs.com/xpdf/download.htmlhttp://www.foolabs.com/xpdf/download.htmlCONFIRMPatch
VU#376500http://www.kb.cert.org/vuls/id/376500CERT-VNUS Government Resource
http://www.kb.cert.org/vuls/id/MAPG-8ECL8Xhttp://www.kb.cert.org/vuls/id/MAPG-8ECL8XCONFIRMUS Government Resource
MDVSA-2012:144http://www.mandriva.com/security/advisories?name=MDVSA-2012:144MANDRIVA
20110327 TSSA-2011-01 xpdf : multiple vulnerabilities allow remote code executionhttp://www.securityfocus.com/archive/1/517205/100/0/threadedBUGTRAQ
http://www.toucan-system.com/advisories/tssa-2011-01.txthttp://www.toucan-system.com/advisories/tssa-2011-01.txtMISC
ADV-2011-0728http://www.vupen.com/english/advisories/2011/0728VUPENVendor Advisory
GLSA-201701-57https://security.gentoo.org/glsa/201701-57GENTOO