Search for vulnerabilities
Vulnerability details: VCID-uhwv-pcg3-aaar
Vulnerability ID VCID-uhwv-pcg3-aaar
Aliases CVE-2011-1552
Summary t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, reads from invalid memory locations, which allows remote attackers to cause a denial of service (application crash) via a crafted Type 1 font in a PDF document, a different vulnerability than CVE-2011-0764.
Status Published
Exploitability 0.5
Weighted Severity 6.2
Risk 3.1
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
System Score Found at
rhas Moderate https://access.redhat.com/errata/RHSA-2012:0062
rhas Moderate https://access.redhat.com/errata/RHSA-2012:0137
rhas Moderate https://access.redhat.com/errata/RHSA-2012:1201
epss 0.02468 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.02468 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.02468 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.02468 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.02580 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.02580 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.02580 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.02580 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.02580 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.02580 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.02580 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.02580 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.02580 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.02580 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.02580 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.22374 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.22374 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.22374 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.22374 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.22374 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.22374 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.22374 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.22374 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.22374 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.22374 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.22374 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.22374 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.22374 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.22374 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.22374 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.22374 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.22374 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.22374 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.22374 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.22374 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.22374 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.22374 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.22374 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.22374 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.22374 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.22374 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.22374 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.22374 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.22374 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.22374 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.22374 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.22374 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.22374 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.22374 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.22374 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.22374 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.22374 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.22374 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.22374 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.22374 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.22374 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.22374 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.22374 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.22374 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.22374 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.22374 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.22374 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.22374 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.22374 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
epss 0.22374 https://api.first.org/data/v1/epss?cve=CVE-2011-1552
rhbs low https://bugzilla.redhat.com/show_bug.cgi?id=692853
cvssv2 4.3 https://nvd.nist.gov/vuln/detail/CVE-2011-1552
Reference id Reference type URL
http://rhn.redhat.com/errata/RHSA-2012-1201.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1552.json
https://api.first.org/data/v1/epss?cve=CVE-2011-1552
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1552
http://secunia.com/advisories/43823
http://secunia.com/advisories/48985
http://securityreason.com/securityalert/8171
http://securitytracker.com/id?1025266
https://security.gentoo.org/glsa/201701-57
http://www.foolabs.com/xpdf/download.html
http://www.kb.cert.org/vuls/id/376500
http://www.kb.cert.org/vuls/id/MAPG-8ECL8X
http://www.mandriva.com/security/advisories?name=MDVSA-2012:144
http://www.securityfocus.com/archive/1/517205/100/0/threaded
http://www.toucan-system.com/advisories/tssa-2011-01.txt
http://www.vupen.com/english/advisories/2011/0728
692853 https://bugzilla.redhat.com/show_bug.cgi?id=692853
CVE-2011-1552 https://nvd.nist.gov/vuln/detail/CVE-2011-1552
RHSA-2012:0062 https://access.redhat.com/errata/RHSA-2012:0062
RHSA-2012:0137 https://access.redhat.com/errata/RHSA-2012:0137
RHSA-2012:1201 https://access.redhat.com/errata/RHSA-2012:1201
USN-1335-1 https://usn.ubuntu.com/1335-1/
No exploits are available.
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2011-1552
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.89728
EPSS Score 0.02468
Published At Dec. 17, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.