{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-03-21T00:00:00", "descriptions": [{"lang": "en", "value": "t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, uses an invalid pointer in conjunction with a dereference operation, which allows remote attackers to execute arbitrary code via a crafted Type 1 font in a PDF document, as demonstrated by testz.2184122398.pdf."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-09T18:57:01", "orgId": "37e5125f-f79b-445b-8fad-9564f167944b", "shortName": "certcc"}, "references": [{"name": "MDVSA-2012:002", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:002"}, {"name": "43823", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/43823"}, {"name": "47347", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/47347"}, {"name": "48985", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/48985"}, {"name": "8171", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/8171"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.kb.cert.org/vuls/id/MAPG-8ECL8X"}, {"name": "ADV-2011-0728", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2011/0728"}, {"name": "xpdf-t1lib-code-execution(66208)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66208"}, {"name": "RHSA-2012:1201", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.foolabs.com/xpdf/download.html"}, {"name": "46941", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/46941"}, {"tags": ["x_refsource_MISC"], "url": "http://www.toucan-system.com/advisories/tssa-2011-01.txt"}, {"name": "USN-1316-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-1316-1"}, {"name": "VU#376500", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/376500"}, {"name": "MDVSA-2012:144", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144"}, {"name": "GLSA-201701-57", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201701-57"}, {"name": "1025266", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1025266"}, {"name": "20110327 TSSA-2011-01 xpdf : multiple vulnerabilities allow remote code execution", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/517205/100/0/threaded"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cert@cert.org", "ID": "CVE-2011-0764", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, uses an invalid pointer in conjunction with a dereference operation, which allows remote attackers to execute arbitrary code via a crafted Type 1 font in a PDF document, as demonstrated by testz.2184122398.pdf."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "MDVSA-2012:002", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:002"}, {"name": "43823", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/43823"}, {"name": "47347", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/47347"}, {"name": "48985", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/48985"}, {"name": "8171", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/8171"}, {"name": "http://www.kb.cert.org/vuls/id/MAPG-8ECL8X", "refsource": "CONFIRM", "url": "http://www.kb.cert.org/vuls/id/MAPG-8ECL8X"}, {"name": "ADV-2011-0728", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2011/0728"}, {"name": "xpdf-t1lib-code-execution(66208)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66208"}, {"name": "RHSA-2012:1201", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html"}, {"name": "http://www.foolabs.com/xpdf/download.html", "refsource": "CONFIRM", "url": "http://www.foolabs.com/xpdf/download.html"}, {"name": "46941", "refsource": "BID", "url": "http://www.securityfocus.com/bid/46941"}, {"name": "http://www.toucan-system.com/advisories/tssa-2011-01.txt", "refsource": "MISC", "url": "http://www.toucan-system.com/advisories/tssa-2011-01.txt"}, {"name": "USN-1316-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-1316-1"}, {"name": "VU#376500", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/376500"}, {"name": "MDVSA-2012:144", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144"}, {"name": "GLSA-201701-57", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201701-57"}, {"name": "1025266", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1025266"}, {"name": "20110327 TSSA-2011-01 xpdf : multiple vulnerabilities allow remote code execution", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/517205/100/0/threaded"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T22:05:53.382Z"}, "title": "CVE Program Container", "references": [{"name": "MDVSA-2012:002", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:002"}, {"name": "43823", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/43823"}, {"name": "47347", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/47347"}, {"name": "48985", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/48985"}, {"name": "8171", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/8171"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/MAPG-8ECL8X"}, {"name": "ADV-2011-0728", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2011/0728"}, {"name": "xpdf-t1lib-code-execution(66208)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66208"}, {"name": "RHSA-2012:1201", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.foolabs.com/xpdf/download.html"}, {"name": "46941", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/46941"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.toucan-system.com/advisories/tssa-2011-01.txt"}, {"name": "USN-1316-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-1316-1"}, {"name": "VU#376500", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/376500"}, {"name": "MDVSA-2012:144", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144"}, {"name": "GLSA-201701-57", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "https://security.gentoo.org/glsa/201701-57"}, {"name": "1025266", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1025266"}, {"name": "20110327 TSSA-2011-01 xpdf : multiple vulnerabilities allow remote code execution", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/517205/100/0/threaded"}]}]}, "cveMetadata": {"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b", "assignerShortName": "certcc", "cveId": "CVE-2011-0764", "datePublished": "2011-03-31T22:00:00", "dateReserved": "2011-02-03T00:00:00", "dateUpdated": "2024-08-06T22:05:53.382Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:t1lib:t1lib:*:*:*:*:*:*:*:*", "matchCriteriaId": "9DA05E50-C6D3-4F92-A015-CB181020557A", "versionEndIncluding": "5.1.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:t1lib:t1lib:0.1:alpha:*:*:*:*:*:*", "matchCriteriaId": "B856C29C-4179-4173-87D3-1BDCC6933327", "vulnerable": true}, {"criteria": "cpe:2.3:a:t1lib:t1lib:0.2:beta:*:*:*:*:*:*", "matchCriteriaId": "A1EECD4E-4531-4C1D-B7F1-B5B20F79A22B", "vulnerable": true}, {"criteria": "cpe:2.3:a:t1lib:t1lib:0.3:beta:*:*:*:*:*:*", "matchCriteriaId": "D3727A7B-2683-4D70-937F-514D38D13FE9", "vulnerable": true}, {"criteria": "cpe:2.3:a:t1lib:t1lib:0.4:beta:*:*:*:*:*:*", "matchCriteriaId": "C5E84F55-E912-424B-BC7A-8FDDD4BA0591", "vulnerable": true}, {"criteria": "cpe:2.3:a:t1lib:t1lib:0.5:beta:*:*:*:*:*:*", "matchCriteriaId": "C46D7084-80F5-45E5-8CBC-078D95860E01", "vulnerable": true}, {"criteria": "cpe:2.3:a:t1lib:t1lib:0.6:beta:*:*:*:*:*:*", "matchCriteriaId": "0738DF6D-C493-4DD5-95E1-7701AA50453C", "vulnerable": true}, {"criteria": "cpe:2.3:a:t1lib:t1lib:0.7:beta:*:*:*:*:*:*", "matchCriteriaId": "D2D7BF42-D227-460D-A90F-1E128108DB6A", "vulnerable": true}, {"criteria": "cpe:2.3:a:t1lib:t1lib:0.8:beta:*:*:*:*:*:*", "matchCriteriaId": "FC63023C-69D1-4A1D-9690-BB2FF9A209B6", "vulnerable": true}, {"criteria": "cpe:2.3:a:t1lib:t1lib:0.9:*:*:*:*:*:*:*", "matchCriteriaId": "E0A0A2CB-0A7B-4D06-82E3-6F949C3CE1D6", "vulnerable": true}, {"criteria": "cpe:2.3:a:t1lib:t1lib:0.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "F49D5478-E590-4A7C-ABFE-F9E7EC9BF5A8", "vulnerable": true}, {"criteria": "cpe:2.3:a:t1lib:t1lib:0.9.2:*:*:*:*:*:*:*", "matchCriteriaId": "5CA0BDE2-1FF2-48BF-B7BB-4AE4AF236474", "vulnerable": true}, {"criteria": "cpe:2.3:a:t1lib:t1lib:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "25CF5EAD-E543-4E81-AF2B-C8D9C45F0AAB", "vulnerable": true}, {"criteria": "cpe:2.3:a:t1lib:t1lib:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "CC95B6D3-8BBB-4202-89DD-12DF3FCAB0EA", "vulnerable": true}, {"criteria": "cpe:2.3:a:t1lib:t1lib:1.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "85813410-9E44-4A60-907D-AE89A3F38AA2", "vulnerable": true}, {"criteria": "cpe:2.3:a:t1lib:t1lib:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "C09173A5-2FC3-46C8-80A1-5D721FBBF6D5", "vulnerable": true}, {"criteria": "cpe:2.3:a:t1lib:t1lib:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "19AAEE8C-4013-4C1D-A19D-09549CAFF751", "vulnerable": true}, {"criteria": "cpe:2.3:a:t1lib:t1lib:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "2FCED8EF-18BE-4820-A9D5-8CE82F9D2A40", "vulnerable": true}, {"criteria": "cpe:2.3:a:t1lib:t1lib:1.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "97E9F2F4-63A3-4DBF-9605-C3767ADB55EB", "vulnerable": true}, {"criteria": "cpe:2.3:a:t1lib:t1lib:5.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "400C8A4F-D65B-4C46-9BDA-B13A864F40AF", "vulnerable": true}, {"criteria": "cpe:2.3:a:t1lib:t1lib:5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "A3FE8F44-ADE5-4B4F-96F2-37E2F474B5BE", "vulnerable": true}, {"criteria": "cpe:2.3:a:t1lib:t1lib:5.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "43839A3D-655A-4CA0-BB28-F8FDE95649BB", "vulnerable": true}, {"criteria": "cpe:2.3:a:t1lib:t1lib:5.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE28F24A-FA4C-476E-87D3-1745E2F507F6", "vulnerable": true}, {"criteria": "cpe:2.3:a:t1lib:t1lib:5.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "19DEB3FD-98C7-4288-9654-436B511C58AC", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*", "matchCriteriaId": "B8ABE533-8FC1-45E6-B574-A4CC7571EF7C", "vulnerable": true}, {"criteria": "cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*", "matchCriteriaId": "1B02805E-7BD0-4563-82C8-6FFB982D4913", "vulnerable": true}, {"criteria": "cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*", "matchCriteriaId": "852F526D-F388-4FF0-BDD9-DF7635DB46D8", "vulnerable": true}, {"criteria": "cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*", "matchCriteriaId": "478D53EA-CC8C-4ECB-8410-0910505AD819", "vulnerable": true}, {"criteria": "cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*", "matchCriteriaId": "8C84FB90-FF1C-4502-B2D2-390438DD422F", "vulnerable": true}, {"criteria": "cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*", "matchCriteriaId": "13341DAE-D16D-41A7-BF17-FEC802997B15", "vulnerable": true}, {"criteria": "cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*", "matchCriteriaId": "3E30BAEA-231C-4A82-B014-9EE3D1E81545", "vulnerable": true}, {"criteria": "cpe:2.3:a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*", "matchCriteriaId": "FE1DE5A5-6448-43F6-A612-56998D16E6B9", "vulnerable": true}, {"criteria": "cpe:2.3:a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*", "matchCriteriaId": "35F84699-D4CF-4FD1-A959-53E316559EBE", "vulnerable": true}, {"criteria": "cpe:2.3:a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*", "matchCriteriaId": "D820DFD5-0EF9-4C9A-B281-D553A4F63141", "vulnerable": true}, {"criteria": "cpe:2.3:a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*", "matchCriteriaId": "E2EFC7E4-E513-42DB-BDA5-8D1E497971DD", "vulnerable": true}, {"criteria": "cpe:2.3:a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*", "matchCriteriaId": "0AA5CDDC-BFDE-4C5E-920F-5DA1B3C51B52", "vulnerable": true}, {"criteria": "cpe:2.3:a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*", "matchCriteriaId": "F4CF839D-D034-4D47-977F-7E27B36EF04F", "vulnerable": true}, {"criteria": "cpe:2.3:a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*", "matchCriteriaId": "F3B3E8A4-14FE-42DA-B82E-839B092B5302", "vulnerable": true}, {"criteria": "cpe:2.3:a:foolabs:xpdf:3.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "52D79ABD-202F-464F-B6C3-B225FD37DD3F", "vulnerable": true}, {"criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl1:*:*:*:*:*:*:*", "matchCriteriaId": "0BC500DA-7B3F-4CD5-BB0E-B244000CD19D", "vulnerable": true}, {"criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl2:*:*:*:*:*:*:*", "matchCriteriaId": "9D5D9CEA-0707-46FC-AEC3-9EC540B22BC3", "vulnerable": true}, {"criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl3:*:*:*:*:*:*:*", "matchCriteriaId": "BD38AC59-7518-40FB-BC29-EC64142DE682", "vulnerable": true}, {"criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl4:*:*:*:*:*:*:*", "matchCriteriaId": "48541241-2EA4-4559-BB29-47A7B3466C5A", "vulnerable": true}, {"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:*:*:*:*:*:*:*:*", "matchCriteriaId": "32628280-E2DB-45E0-AB8A-CFC90419A182", "versionEndIncluding": "3.02", "vulnerable": true}, {"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*", "matchCriteriaId": "DEF5EC54-9145-4B51-8241-C9343160BF80", "vulnerable": true}, {"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*", "matchCriteriaId": "D33C2C1D-C1C1-4B1D-BDC8-6480CE8EC24B", "vulnerable": true}, {"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*", "matchCriteriaId": "D1344DF7-9917-4DB0-9256-9E8131C55B0A", "vulnerable": true}, {"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.5:*:*:*:*:*:*:*", "matchCriteriaId": "309F0CF2-4AF7-4F46-91EA-39BA07BAF312", "vulnerable": true}, {"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*", "matchCriteriaId": "36FA872B-74B8-48E4-9D5C-5ACA6FCB8026", "vulnerable": true}, {"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*", "matchCriteriaId": "20311EDE-0E34-432A-AE41-F61EA68F134A", "vulnerable": true}, {"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*", "matchCriteriaId": "16FEF460-3569-4294-ABA4-D7C251D67071", "vulnerable": true}, {"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*", "matchCriteriaId": "BB41E8C2-BBCC-48CB-805B-23411D39E936", "vulnerable": true}, {"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*", "matchCriteriaId": "16670F8A-E70B-4CDF-8C61-414D86E20C84", "vulnerable": true}, {"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*", "matchCriteriaId": "69483A91-53DB-4736-908F-7B14EFB40888", "vulnerable": true}, {"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.93:*:*:*:*:*:*:*", "matchCriteriaId": "5B3E7962-0A95-4E7B-A983-683B02350B93", "vulnerable": true}, {"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.00:*:*:*:*:*:*:*", "matchCriteriaId": "BD1120B3-3372-417B-BCA0-FD515638FBFB", "vulnerable": true}, {"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*", "matchCriteriaId": "F7397645-3225-4980-8465-28F93322B58B", "vulnerable": true}, {"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*", "matchCriteriaId": "1672587F-ED28-4A8A-A6C1-AD1D6B5DF9F3", "vulnerable": true}, {"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*", "matchCriteriaId": "D5A45EAF-B511-4360-A201-D588E7EEB39D", "vulnerable": true}, {"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*", "matchCriteriaId": "D14637F7-DC99-4AC4-854C-DBA0B4C6BE54", "vulnerable": true}, {"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*", "matchCriteriaId": "9EE03979-D564-4ABD-BEBD-E86E7C1BAF9D", "vulnerable": true}, {"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*", "matchCriteriaId": "15D08CFD-BEE1-4DEE-926D-F4291F88224D", "vulnerable": true}, {"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*", "matchCriteriaId": "D244903F-5407-4C35-AE2C-1A05D3C227D4", "vulnerable": true}, {"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.02:*:*:*:*:*:*:*", "matchCriteriaId": "F7D4E256-FF91-47BA-B1D4-940FB2D970AF", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, uses an invalid pointer in conjunction with a dereference operation, which allows remote attackers to execute arbitrary code via a crafted Type 1 font in a PDF document, as demonstrated by testz.2184122398.pdf."}, {"lang": "es", "value": "t1lib v5.1.2 y versiones anteriores, utilizado en Xpdf anterior a v3.02pl6 y otros productos, utiliza un puntero no v\u00e1lido en una operaci\u00f3n de eliminaci\u00f3n de referencias, permitiendo a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un fuente Tipo 1 manipulada en un documento PDF, como lo demuestra el testz.2184122398.pdf"}], "id": "CVE-2011-0764", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2011-03-31T22:55:02.553", "references": [{"source": "cret@cert.org", "url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html"}, {"source": "cret@cert.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/43823"}, {"source": "cret@cert.org", "url": "http://secunia.com/advisories/47347"}, {"source": "cret@cert.org", "url": "http://secunia.com/advisories/48985"}, {"source": "cret@cert.org", "url": "http://securityreason.com/securityalert/8171"}, {"source": "cret@cert.org", "url": "http://securitytracker.com/id?1025266"}, {"source": "cret@cert.org", "tags": ["Patch"], "url": "http://www.foolabs.com/xpdf/download.html"}, {"source": "cret@cert.org", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/376500"}, {"source": "cret@cert.org", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/MAPG-8ECL8X"}, {"source": "cret@cert.org", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:002"}, {"source": "cret@cert.org", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144"}, {"source": "cret@cert.org", "url": "http://www.securityfocus.com/archive/1/517205/100/0/threaded"}, {"source": "cret@cert.org", "url": "http://www.securityfocus.com/bid/46941"}, {"source": "cret@cert.org", "url": "http://www.toucan-system.com/advisories/tssa-2011-01.txt"}, {"source": "cret@cert.org", "url": "http://www.ubuntu.com/usn/USN-1316-1"}, {"source": "cret@cert.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2011/0728"}, {"source": "cret@cert.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66208"}, {"source": "cret@cert.org", "url": "https://security.gentoo.org/glsa/201701-57"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/43823"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/47347"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/48985"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securityreason.com/securityalert/8171"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1025266"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.foolabs.com/xpdf/download.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/376500"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/MAPG-8ECL8X"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:002"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/517205/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/46941"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.toucan-system.com/advisories/tssa-2011-01.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/USN-1316-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2011/0728"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66208"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.gentoo.org/glsa/201701-57"}], "sourceIdentifier": "cret@cert.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2012:1201", "cpe": "cpe:/o:redhat:enterprise_linux:5", "package": "tetex-0:3.0-33.15.el5_8.1", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2012-08-23T00:00:00Z"}, {"advisory": "RHSA-2012:0062", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "t1lib-0:5.1.2-6.el6_2.1", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2012-01-24T00:00:00Z"}, {"advisory": "RHSA-2012:0137", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "texlive-0:2007-57.el6_2", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2012-02-15T00:00:00Z"}], "bugzilla": {"description": "t1lib: Invalid pointer dereference via crafted Type 1 font", "id": "692909", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=692909"}, "csaw": false, "cvss": {"cvss_base_score": "6.8", "cvss_scoring_vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "status": "verified"}, "details": ["t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, uses an invalid pointer in conjunction with a dereference operation, which allows remote attackers to execute arbitrary code via a crafted Type 1 font in a PDF document, as demonstrated by testz.2184122398.pdf."], "name": "CVE-2011-0764", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:4", "fix_state": "Affected", "package_name": "tetex", "product_name": "Red Hat Enterprise Linux 4"}, {"cpe": "cpe:/o:redhat:enterprise_linux:4", "fix_state": "Not affected", "package_name": "xpdf", "product_name": "Red Hat Enterprise Linux 4"}], "public_date": "2011-03-28T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2011-0764\nhttps://nvd.nist.gov/vuln/detail/CVE-2011-0764"], "threat_severity": "Moderate"}