update for t1lib
Specially crafted type1 fonts could cause memory corruptions in t1lib
-
Submitted by
Michal Vyskocil (mvyskocil)
Fixed bugs
bnc#684802
t1lib: memory corruption
bnc#757961
t1lib: heap overflow in afm font parser
CVE-CVE-2011-0764
t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6 and other products, uses an invalid pointer in conjunction with a dereference operation, which allows remote attackers to execute arbitrary code via a crafted Type 1 font in a PDF document, as demons
CVE-CVE-2011-1554
Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6 and other products, allows remote attackers to cause a denial of service (application crash) via a PDF document containing a crafted Type 1 font that triggers an invalid memory re
CVE-CVE-2011-1553
Use-after-free vulnerability in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6 and other products, allows remote attackers to cause a denial of service (application crash) via a PDF document containing a crafted Type 1 font that triggers an inval
CVE-CVE-2011-1552
t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6 and other products, reads from invalid memory locations, which allows remote attackers to cause a denial of service (application crash) via a crafted Type 1 font in a PDF document, a different vulner
CVE-CVE-2011-0433
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
