CVE-2011-1554 - Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other produc

CVE-2011-1554

Summary

Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers to cause a denial of service (application crash) via a PDF document containing a crafted Type 1 font that triggers an invalid memory read, integer overflow, and invalid pointer dereference, a different vulnerability than CVE-2011-0764.

References

Vulnerable Configurations

cpe:2.3:a:t1lib:t1lib:0.1:alpha:*:*:*:*:*:*
cpe:2.3:a:t1lib:t1lib:0.1:alpha:*:*:*:*:*:*
cpe:2.3:a:t1lib:t1lib:0.2:beta:*:*:*:*:*:*
cpe:2.3:a:t1lib:t1lib:0.2:beta:*:*:*:*:*:*
cpe:2.3:a:t1lib:t1lib:0.3:beta:*:*:*:*:*:*
cpe:2.3:a:t1lib:t1lib:0.3:beta:*:*:*:*:*:*
cpe:2.3:a:t1lib:t1lib:0.4:beta:*:*:*:*:*:*
cpe:2.3:a:t1lib:t1lib:0.4:beta:*:*:*:*:*:*
cpe:2.3:a:t1lib:t1lib:0.5:beta:*:*:*:*:*:*
cpe:2.3:a:t1lib:t1lib:0.5:beta:*:*:*:*:*:*
cpe:2.3:a:t1lib:t1lib:0.6:beta:*:*:*:*:*:*
cpe:2.3:a:t1lib:t1lib:0.6:beta:*:*:*:*:*:*
cpe:2.3:a:t1lib:t1lib:0.7:beta:*:*:*:*:*:*
cpe:2.3:a:t1lib:t1lib:0.7:beta:*:*:*:*:*:*
cpe:2.3:a:t1lib:t1lib:0.8:beta:*:*:*:*:*:*
cpe:2.3:a:t1lib:t1lib:0.8:beta:*:*:*:*:*:*
cpe:2.3:a:t1lib:t1lib:0.9:*:*:*:*:*:*:*
cpe:2.3:a:t1lib:t1lib:0.9:*:*:*:*:*:*:*
cpe:2.3:a:t1lib:t1lib:0.9.1:*:*:*:*:*:*:*
cpe:2.3:a:t1lib:t1lib:0.9.1:*:*:*:*:*:*:*
cpe:2.3:a:t1lib:t1lib:0.9.2:*:*:*:*:*:*:*
cpe:2.3:a:t1lib:t1lib:0.9.2:*:*:*:*:*:*:*
cpe:2.3:a:t1lib:t1lib:1.0:*:*:*:*:*:*:*
cpe:2.3:a:t1lib:t1lib:1.0:*:*:*:*:*:*:*
cpe:2.3:a:t1lib:t1lib:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:t1lib:t1lib:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:t1lib:t1lib:1.1.0:*:*:*:*:*:*:*
cpe:2.3:a:t1lib:t1lib:1.1.0:*:*:*:*:*:*:*
cpe:2.3:a:t1lib:t1lib:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:t1lib:t1lib:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:t1lib:t1lib:1.2:*:*:*:*:*:*:*
cpe:2.3:a:t1lib:t1lib:1.2:*:*:*:*:*:*:*
cpe:2.3:a:t1lib:t1lib:1.3:*:*:*:*:*:*:*
cpe:2.3:a:t1lib:t1lib:1.3:*:*:*:*:*:*:*
cpe:2.3:a:t1lib:t1lib:1.3.1:*:*:*:*:*:*:*
cpe:2.3:a:t1lib:t1lib:1.3.1:*:*:*:*:*:*:*
cpe:2.3:a:t1lib:t1lib:5.0.0:*:*:*:*:*:*:*
cpe:2.3:a:t1lib:t1lib:5.0.0:*:*:*:*:*:*:*
cpe:2.3:a:t1lib:t1lib:5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:t1lib:t1lib:5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:t1lib:t1lib:5.0.2:*:*:*:*:*:*:*
cpe:2.3:a:t1lib:t1lib:5.0.2:*:*:*:*:*:*:*
cpe:2.3:a:t1lib:t1lib:5.1.0:*:*:*:*:*:*:*
cpe:2.3:a:t1lib:t1lib:5.1.0:*:*:*:*:*:*:*
cpe:2.3:a:t1lib:t1lib:5.1.1:*:*:*:*:*:*:*
cpe:2.3:a:t1lib:t1lib:5.1.1:*:*:*:*:*:*:*
cpe:2.3:a:t1lib:t1lib:5.1.2:*:*:*:*:*:*:*
cpe:2.3:a:t1lib:t1lib:5.1.2:*:*:*:*:*:*:*
cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*
cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*
cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*
cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*
cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*
cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*
cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*
cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*
cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*
cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*
cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*
cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*
cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*
cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*
cpe:2.3:a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*
cpe:2.3:a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*
cpe:2.3:a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*
cpe:2.3:a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*
cpe:2.3:a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*
cpe:2.3:a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*
cpe:2.3:a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*
cpe:2.3:a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*
cpe:2.3:a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*
cpe:2.3:a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*
cpe:2.3:a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*
cpe:2.3:a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*
cpe:2.3:a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*
cpe:2.3:a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*
cpe:2.3:a:foolabs:xpdf:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:foolabs:xpdf:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:foolabs:xpdf:3.02pl1:*:*:*:*:*:*:*
cpe:2.3:a:foolabs:xpdf:3.02pl1:*:*:*:*:*:*:*
cpe:2.3:a:foolabs:xpdf:3.02pl2:*:*:*:*:*:*:*
cpe:2.3:a:foolabs:xpdf:3.02pl2:*:*:*:*:*:*:*
cpe:2.3:a:foolabs:xpdf:3.02pl3:*:*:*:*:*:*:*
cpe:2.3:a:foolabs:xpdf:3.02pl3:*:*:*:*:*:*:*
cpe:2.3:a:foolabs:xpdf:3.02pl4:*:*:*:*:*:*:*
cpe:2.3:a:foolabs:xpdf:3.02pl4:*:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:0.5:*:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:0.5:*:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:0.93:*:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:0.93:*:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:1.00:*:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:1.00:*:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:0.7:a:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:0.7:a:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:0.91:a:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:0.91:a:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:0.91:b:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:0.91:b:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:0.91:c:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:0.91:c:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:0.92:a:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:0.92:a:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:0.92:b:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:0.92:b:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:0.92:c:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:0.92:c:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:0.92:d:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:0.92:d:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:0.92:e:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:0.92:e:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:0.93:a:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:0.93:a:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:2.02:pl1:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:2.02:pl1:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:3.02:*:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:3.02:*:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:3.02:pl1:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:3.02:pl1:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:3.02:pl2:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:3.02:pl2:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:3.02:pl3:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:3.02:pl3:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:3.02:pl4:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:3.02:pl4:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:3.02:pl5:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:3.02:pl5:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:3.02:pl6:*:*:*:*:*:*
cpe:2.3:a:glyphandcog:xpdfreader:3.02:pl6:*:*:*:*:*:*

CVSS

Base:	4.3 (as of 06-03-2019 - 16:30)
Impact:
Exploitability:

CWE

CWE-189

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	PARTIAL

cvss-vector via4

AV:N/AC:M/Au:N/C:N/I:N/A:P

redhat via4

advisories

bugzilla

id	692909
title	CVE-2011-0764 t1lib: Invalid pointer dereference via crafted Type 1 font

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 6 is installed
oval oval:com.redhat.rhba:tst:20111656003

AND
comment t1lib is earlier than 0:5.1.2-6.el6_2.1
oval oval:com.redhat.rhsa:tst:20120062001
comment t1lib is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20120062002
AND
comment t1lib-apps is earlier than 0:5.1.2-6.el6_2.1
oval oval:com.redhat.rhsa:tst:20120062003
comment t1lib-apps is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20120062004
AND
comment t1lib-devel is earlier than 0:5.1.2-6.el6_2.1
oval oval:com.redhat.rhsa:tst:20120062005
comment t1lib-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20120062006

AND

comment t1lib-static is earlier than 0:5.1.2-6.el6_2.1
oval oval:com.redhat.rhsa:tst:20120062007
comment t1lib-static is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20120062008

rhsa

id	RHSA-2012:0062
released	2012-01-24
severity	Moderate
title	RHSA-2012:0062: t1lib security update (Moderate)

bugzilla

id	692909
title	CVE-2011-0764 t1lib: Invalid pointer dereference via crafted Type 1 font

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 6 is installed
oval oval:com.redhat.rhba:tst:20111656003

AND
comment kpathsea is earlier than 0:2007-57.el6_2
oval oval:com.redhat.rhsa:tst:20120137001
comment kpathsea is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20120137002

AND

comment kpathsea-devel is earlier than 0:2007-57.el6_2
oval oval:com.redhat.rhsa:tst:20120137003
comment kpathsea-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20120137004

AND
comment mendexk is earlier than 0:2.6e-57.el6_2
oval oval:com.redhat.rhsa:tst:20120137005
comment mendexk is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20120137006
AND
comment texlive is earlier than 0:2007-57.el6_2
oval oval:com.redhat.rhsa:tst:20120137007
comment texlive is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20120137008
AND
comment texlive-afm is earlier than 0:2007-57.el6_2
oval oval:com.redhat.rhsa:tst:20120137009
comment texlive-afm is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20120137010

AND

comment texlive-context is earlier than 0:2007-57.el6_2
oval oval:com.redhat.rhsa:tst:20120137011
comment texlive-context is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20120137012

AND

comment texlive-dvips is earlier than 0:2007-57.el6_2
oval oval:com.redhat.rhsa:tst:20120137013
comment texlive-dvips is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20120137014

AND

comment texlive-dviutils is earlier than 0:2007-57.el6_2
oval oval:com.redhat.rhsa:tst:20120137015
comment texlive-dviutils is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20120137016

AND

comment texlive-east-asian is earlier than 0:2007-57.el6_2
oval oval:com.redhat.rhsa:tst:20120137017
comment texlive-east-asian is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20120137018

AND

comment texlive-latex is earlier than 0:2007-57.el6_2
oval oval:com.redhat.rhsa:tst:20120137019
comment texlive-latex is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20120137020

AND

comment texlive-utils is earlier than 0:2007-57.el6_2
oval oval:com.redhat.rhsa:tst:20120137021
comment texlive-utils is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20120137022

AND

comment texlive-xetex is earlier than 0:2007-57.el6_2
oval oval:com.redhat.rhsa:tst:20120137023
comment texlive-xetex is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20120137024

rhsa

id	RHSA-2012:0137
released	2012-02-15
severity	Moderate
title	RHSA-2012:0137: texlive security update (Moderate)

bugzilla

id	692909
title	CVE-2011-0764 t1lib: Invalid pointer dereference via crafted Type 1 font

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 5 is installed
oval oval:com.redhat.rhba:tst:20070331005

AND
comment tetex is earlier than 0:3.0-33.15.el5_8.1
oval oval:com.redhat.rhsa:tst:20121201001
comment tetex is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhsa:tst:20070731017
AND
comment tetex-afm is earlier than 0:3.0-33.15.el5_8.1
oval oval:com.redhat.rhsa:tst:20121201003
comment tetex-afm is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhsa:tst:20070731019
AND
comment tetex-doc is earlier than 0:3.0-33.15.el5_8.1
oval oval:com.redhat.rhsa:tst:20121201005
comment tetex-doc is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhsa:tst:20070731021
AND
comment tetex-dvips is earlier than 0:3.0-33.15.el5_8.1
oval oval:com.redhat.rhsa:tst:20121201007
comment tetex-dvips is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhsa:tst:20070731023
AND
comment tetex-fonts is earlier than 0:3.0-33.15.el5_8.1
oval oval:com.redhat.rhsa:tst:20121201009
comment tetex-fonts is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhsa:tst:20070731025
AND
comment tetex-latex is earlier than 0:3.0-33.15.el5_8.1
oval oval:com.redhat.rhsa:tst:20121201011
comment tetex-latex is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhsa:tst:20070731027
AND
comment tetex-xdvi is earlier than 0:3.0-33.15.el5_8.1
oval oval:com.redhat.rhsa:tst:20121201013
comment tetex-xdvi is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhsa:tst:20070731029

rhsa

id	RHSA-2012:1201
released	2012-08-23
severity	Moderate
title	RHSA-2012:1201: tetex security update (Moderate)

rpms

t1lib-0:5.1.2-6.el6_2.1
t1lib-apps-0:5.1.2-6.el6_2.1
t1lib-debuginfo-0:5.1.2-6.el6_2.1
t1lib-devel-0:5.1.2-6.el6_2.1
t1lib-static-0:5.1.2-6.el6_2.1
kpathsea-0:2007-57.el6_2
kpathsea-devel-0:2007-57.el6_2
mendexk-0:2.6e-57.el6_2
texlive-0:2007-57.el6_2
texlive-afm-0:2007-57.el6_2
texlive-context-0:2007-57.el6_2
texlive-debuginfo-0:2007-57.el6_2
texlive-dvips-0:2007-57.el6_2
texlive-dviutils-0:2007-57.el6_2
texlive-east-asian-0:2007-57.el6_2
texlive-latex-0:2007-57.el6_2
texlive-utils-0:2007-57.el6_2
texlive-xetex-0:2007-57.el6_2
tetex-0:3.0-33.15.el5_8.1
tetex-afm-0:3.0-33.15.el5_8.1
tetex-debuginfo-0:3.0-33.15.el5_8.1
tetex-doc-0:3.0-33.15.el5_8.1
tetex-dvips-0:3.0-33.15.el5_8.1
tetex-fonts-0:3.0-33.15.el5_8.1
tetex-latex-0:3.0-33.15.el5_8.1
tetex-xdvi-0:3.0-33.15.el5_8.1

refmap via4

bugtraq	20110327 TSSA-2011-01 xpdf : multiple vulnerabilities allow remote code execution
cert-vn	VU#376500
confirm	http://www.foolabs.com/xpdf/download.html http://www.kb.cert.org/vuls/id/MAPG-8ECL8X
gentoo	GLSA-201701-57
mandriva	MDVSA-2012:144
misc	http://www.toucan-system.com/advisories/tssa-2011-01.txt
sectrack	1025266
secunia	43823 48985
sreason	8171
vupen	ADV-2011-0728

Last major update

06-03-2019 - 16:30

Published

31-03-2011 - 23:55

Last modified

06-03-2019 - 16:30