t1lib: multiple vulnerabilities [LWN.net]

Package(s):

t1lib

CVE #(s):

CVE-2011-1552 CVE-2011-1553 CVE-2011-1554

Created:

January 12, 2012

Updated:

January 30, 2012

Description:

From the Mandriva advisory:

t1lib 5.1.2 and earlier reads from invalid memory locations, which allows remote attackers to cause a denial of service (application crash) via a crafted Type 1 font in a PDF document, a different vulnerability than CVE-2011-0764 (CVE-2011-1552).

Use-after-free vulnerability in t1lib 5.1.2 and earlier allows remote attackers to cause a denial of service (application crash) via a PDF document containing a crafted Type 1 font that triggers an invalid memory write, a different vulnerability than CVE-2011-0764 (CVE-2011-1553).

Off-by-one error in t1lib 5.1.2 and earlier allows remote attackers to cause a denial of service (application crash) via a PDF document containing a crafted Type 1 font that triggers an invalid memory read, integer overflow, and invalid pointer dereference, a different vulnerability than CVE-2011-0764 (CVE-2011-1554).

Alerts:

Mandriva	MDVSA-2012:004	2012-01-12
Debian	DSA-2388-1	2012-01-14
Ubuntu	USN-1335-1	2012-01-19
Oracle	ELSA-2012-0062	2012-01-25
Red Hat	RHSA-2012:0062-01	2012-01-24
Scientific Linux	SL-t1li-20120125	2012-01-25
Fedora	FEDORA-2012-0289	2012-01-28
Fedora	FEDORA-2012-0266	2012-01-28
CentOS	CESA-2012:0062	2012-01-30
Red Hat	RHSA-2012:0137-01	2012-02-15
Scientific Linux	SL-texl-20120215	2012-02-15
CentOS	CESA-2012:0137	2012-02-16
Oracle	ELSA-2012-0137	2012-02-15
openSUSE	openSUSE-SU-2012:0559-1	2012-04-25
Slackware	SSA:2012-228-01	2012-08-15
Red Hat	RHSA-2012:1201-01	2012-08-23
CentOS	CESA-2012:1201	2012-08-23
Oracle	ELSA-2012-1201	2012-08-23
Scientific Linux	SL-tete-20120823	2012-08-23
Mandriva	MDVSA-2012:144	2012-08-28

(Log in to post comments)