#VU33510 Buffer overflow - CVE-2011-1552

Cybersecurity Help s.r.o.

Published: 2011-04-01 | Updated: 2020-08-04

Vulnerability identifier: #VU33510

Vulnerability risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2011-1552

CWE-ID: CWE-119

Exploitation vector: Network

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, reads from invalid memory locations, which allows remote attackers to cause a denial of service (application crash) via a crafted Type 1 font in a PDF document, a different vulnerability than CVE-2011-0764.

Mitigation
Install update from vendor's website.

External links
https://rhn.redhat.com/errata/RHSA-2012-1201.html
https://secunia.com/advisories/43823
https://secunia.com/advisories/48985
https://securityreason.com/securityalert/8171
https://securitytracker.com/id?1025266
https://www.foolabs.com/xpdf/download.html
https://www.kb.cert.org/vuls/id/376500
https://www.kb.cert.org/vuls/id/MAPG-8ECL8X
https://www.mandriva.com/security/advisories?name=MDVSA-2012:144
https://www.securityfocus.com/archive/1/517205/100/0/threaded
https://www.toucan-system.com/advisories/tssa-2011-01.txt
https://www.vupen.com/english/advisories/2011/0728
https://security.gentoo.org/glsa/201701-57

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Buffer overflow in aalib (Alpine package)