Vulnerability in Foolabs Xpdf
CVE-2011-1554
Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers to cause a denial of service (application crash) via a PDF document containing a crafted Type 1 font that trigg…
EPSS: 0.054 (91.7th percentile) — read the EPSS interpretation.
Affected products
- Foolabs Xpdf — versions 0.5a, 0.7a, 0.91a
- Glyphandcog Xpdfreader — versions 0.2, 0.3, 0.4
- T1lib — versions 0.1, 0.2, 0.3
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- cve@mitre.org (x_refsource_SECUNIA, third-party-advisory)
- cve@mitre.org (x_refsource_SREASON, third-party-advisory)
- cve@mitre.org (x_refsource_CONFIRM, US Government Resource)
- cve@mitre.org (vdb-entry, x_refsource_VUPEN, Vendor Advisory)
- cve@mitre.org (x_refsource_REDHAT, vendor-advisory)
- cve@mitre.org (x_refsource_CONFIRM, Patch)
- cve@mitre.org (x_refsource_MISC)
- cve@mitre.org (US Government Resource, x_refsource_CERT-VN, third-party-advisory)
- cve@mitre.org (vendor-advisory, x_refsource_MANDRIVA)