{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-02-26T00:00:00", "descriptions": [{"lang": "en", "value": "Buffer overflow in the set_cs_start function in t1disasm.c in t1utils before 1.39 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted font file."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-12-29T18:57:01", "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5", "shortName": "debian"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/kohler/t1utils/blob/master/NEWS"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/kohler/t1utils/commit/6b9d1aafcb61a3663c883663eb19ccdbfcde8d33"}, {"name": "[oss-security] 20150513 CVE Request: t1utils: buffer overflow in set_cs_start", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2015/05/13/9"}, {"name": "74674", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/74674"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/kohler/t1utils/issues/4"}, {"name": "[oss-security] 20150522 Re: CVE Request: t1utils: buffer overflow in set_cs_start", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2015/05/22/10"}, {"name": "GLSA-201507-10", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201507-10"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=779274"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1218365"}, {"name": "USN-2627-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://ubuntu.com/usn/usn-2627-1"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@debian.org", "ID": "CVE-2015-3905", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Buffer overflow in the set_cs_start function in t1disasm.c in t1utils before 1.39 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted font file."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://github.com/kohler/t1utils/blob/master/NEWS", "refsource": "CONFIRM", "url": "https://github.com/kohler/t1utils/blob/master/NEWS"}, {"name": "https://github.com/kohler/t1utils/commit/6b9d1aafcb61a3663c883663eb19ccdbfcde8d33", "refsource": "CONFIRM", "url": "https://github.com/kohler/t1utils/commit/6b9d1aafcb61a3663c883663eb19ccdbfcde8d33"}, {"name": "[oss-security] 20150513 CVE Request: t1utils: buffer overflow in set_cs_start", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2015/05/13/9"}, {"name": "74674", "refsource": "BID", "url": "http://www.securityfocus.com/bid/74674"}, {"name": "https://github.com/kohler/t1utils/issues/4", "refsource": "CONFIRM", "url": "https://github.com/kohler/t1utils/issues/4"}, {"name": "[oss-security] 20150522 Re: CVE Request: t1utils: buffer overflow in set_cs_start", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2015/05/22/10"}, {"name": "GLSA-201507-10", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201507-10"}, {"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=779274", "refsource": "CONFIRM", "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=779274"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1218365", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1218365"}, {"name": "USN-2627-1", "refsource": "UBUNTU", "url": "http://ubuntu.com/usn/usn-2627-1"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T05:56:16.064Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/kohler/t1utils/blob/master/NEWS"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/kohler/t1utils/commit/6b9d1aafcb61a3663c883663eb19ccdbfcde8d33"}, {"name": "[oss-security] 20150513 CVE Request: t1utils: buffer overflow in set_cs_start", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2015/05/13/9"}, {"name": "74674", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/74674"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/kohler/t1utils/issues/4"}, {"name": "[oss-security] 20150522 Re: CVE Request: t1utils: buffer overflow in set_cs_start", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2015/05/22/10"}, {"name": "GLSA-201507-10", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "https://security.gentoo.org/glsa/201507-10"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=779274"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1218365"}, {"name": "USN-2627-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://ubuntu.com/usn/usn-2627-1"}]}]}, "cveMetadata": {"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5", "assignerShortName": "debian", "cveId": "CVE-2015-3905", "datePublished": "2015-06-08T14:00:00", "dateReserved": "2015-05-12T00:00:00", "dateUpdated": "2024-08-06T05:56:16.064Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", "matchCriteriaId": "49A63F39-30BE-443F-AF10-6245587D3359", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:t1utils_project:t1utils:1.38:*:*:*:*:*:*:*", "matchCriteriaId": "2AA2E77D-F107-4C09-9F77-6BBE1E3E4F0D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Buffer overflow in the set_cs_start function in t1disasm.c in t1utils before 1.39 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted font file."}, {"lang": "es", "value": "Desbordamiento de buffer en la funci\u00f3n set_cs_start en t1disasm.c en t1utils anterior a 1.39 permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda) y posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de un fichero de fuentes manipulado."}], "id": "CVE-2015-3905", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2015-06-08T14:59:11.710", "references": [{"source": "security@debian.org", "url": "http://ubuntu.com/usn/usn-2627-1"}, {"source": "security@debian.org", "url": "http://www.openwall.com/lists/oss-security/2015/05/13/9"}, {"source": "security@debian.org", "url": "http://www.openwall.com/lists/oss-security/2015/05/22/10"}, {"source": "security@debian.org", "url": "http://www.securityfocus.com/bid/74674"}, {"source": "security@debian.org", "tags": ["Exploit"], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=779274"}, {"source": "security@debian.org", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1218365"}, {"source": "security@debian.org", "url": "https://github.com/kohler/t1utils/blob/master/NEWS"}, {"source": "security@debian.org", "url": "https://github.com/kohler/t1utils/commit/6b9d1aafcb61a3663c883663eb19ccdbfcde8d33"}, {"source": "security@debian.org", "tags": ["Exploit"], "url": "https://github.com/kohler/t1utils/issues/4"}, {"source": "security@debian.org", "url": "https://security.gentoo.org/glsa/201507-10"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://ubuntu.com/usn/usn-2627-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2015/05/13/9"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2015/05/22/10"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/74674"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=779274"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1218365"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/kohler/t1utils/blob/master/NEWS"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/kohler/t1utils/commit/6b9d1aafcb61a3663c883663eb19ccdbfcde8d33"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "https://github.com/kohler/t1utils/issues/4"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.gentoo.org/glsa/201507-10"}], "sourceIdentifier": "security@debian.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "t1utils: buffer overflow flaw", "id": "1218365", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1218365"}, "csaw": false, "cvss": {"cvss_base_score": "4.6", "cvss_scoring_vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "status": "draft"}, "cwe": "CWE-120->CWE-120", "details": ["Buffer overflow in the set_cs_start function in t1disasm.c in t1utils before 1.39 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted font file.", "A buffer overflow flaw was found in the way t1utils processed, for example, certain PFB (Printer Font Binary) files. An attacker could use this flaw to potentially execute arbitrary code by tricking a user into processing a specially crafted PFB file with t1utils."], "name": "CVE-2015-3905", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "t1utils", "product_name": "Red Hat Enterprise Linux 7"}], "public_date": "2015-02-26T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2015-3905\nhttps://nvd.nist.gov/vuln/detail/CVE-2015-3905"], "threat_severity": "Moderate"}