Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1552

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2011-1552
Last Modified 18 Dec 2012 11:39:15
Published 31 Mar 2011 07:55:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-1552

Summary

t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, reads from invalid memory locations, which allows remote attackers to cause a denial of service (application crash) via a crafted Type 1 font in a PDF document, a different vulnerability than CVE-2011-0764.

Vulnerable Systems

Application

  • Foolabs Xpdf 0.2

  • Foolabs Xpdf 0.3

  • Foolabs Xpdf 0.4

  • Foolabs Xpdf 0.5

  • Foolabs Xpdf 0.5a

  • Foolabs Xpdf 0.6

  • Foolabs Xpdf 0.7

  • Foolabs Xpdf 0.7a

  • Foolabs Xpdf 0.80

  • Foolabs Xpdf 0.90

  • Foolabs Xpdf 0.91

  • Foolabs Xpdf 0.91a

  • Foolabs Xpdf 0.91b

  • Foolabs Xpdf 0.91c

  • Foolabs Xpdf 0.92

  • Foolabs Xpdf 0.92a

  • Foolabs Xpdf 0.92b

  • Foolabs Xpdf 0.92c

  • Foolabs Xpdf 0.92d

  • Foolabs Xpdf 0.92e

  • Foolabs Xpdf 0.93

  • Foolabs Xpdf 0.93a

  • Foolabs Xpdf 0.93b

  • Foolabs Xpdf 0.93c

  • Foolabs Xpdf 1.00

  • Foolabs Xpdf 1.00a

  • Foolabs Xpdf 1.01

  • Foolabs Xpdf 2.00

  • Foolabs Xpdf 2.01

  • Foolabs Xpdf 2.02

  • Foolabs Xpdf 2.03

  • Foolabs Xpdf 3.0.1

  • Foolabs Xpdf 3.00

  • Foolabs Xpdf 3.01

  • Foolabs Xpdf 3.02

  • Foolabs Xpdf 3.02pl1

  • Foolabs Xpdf 3.02pl2

  • Foolabs Xpdf 3.02pl3

  • Foolabs Xpdf 3.02pl4

  • Foolabs Xpdf 3.02pl5

  • T1lib 0.1

  • T1lib 0.2

  • T1lib 0.3

  • T1lib 0.4

  • T1lib 0.5

  • T1lib 0.6

  • T1lib 0.7

  • T1lib 0.8

  • T1lib 0.9

  • T1lib 0.9.1

  • T1lib 0.9.2

  • T1lib 1.0

  • T1lib 1.0.1

  • T1lib 1.1.0

  • T1lib 1.1.1

  • T1lib 1.2

  • T1lib 1.3

  • T1lib 1.3.1

  • T1lib 5.0.0

  • T1lib 5.0.1

  • T1lib 5.0.2

  • T1lib 5.1.0

  • T1lib 5.1.1

  • T1lib 5.1.2


References

CONFIRM - http://www.kb.cert.org/vuls/id/MAPG-8ECL8X

CERT-VN - VU#376500

CONFIRM - http://www.foolabs.com/xpdf/download.html

VUPEN - ADV-2011-0728

MISC - http://www.toucan-system.com/advisories/tssa-2011-01.txt

BUGTRAQ - 20110327 TSSA-2011-01 xpdf : multiple vulnerabilities allow remote code execution

SECTRACK - 1025266

SREASON - 8171

SECUNIA - 43823

MANDRIVA - MDVSA-2012:144

REDHAT - RHSA-2012:1201

SECUNIA - 48985

Related Patches

Red Hat 2012:1201-01 RHSA Moderate: tetex security update for RHEL 5 x86

Novell SUSE 2012:6195 t1lib security update for SLE 11 SP1 i586

Novell SUSE 2012:6195 t1lib security update for SLE 11 SP1 x86_64

Novell SUSE 2012:8089 t1lib security update for SLE 10 SP4 i586

Novell SUSE 2012:8089 t1lib security update for SLE 10 SP4 x86_64


Last Updated: 27 May 2016 10:58:28