‘XPDF arbitrary Arbitrary Code Execution Vulnerabilities’
Summary
‘
Credit:
‘The information has been provided by Jonathan Brossard.
The original article can be found at: http://www.toucan-system.eu/advisories/tssa-2011-01.txt‘
Details
‘Vulnerable Systems:
* Xpdf versions up to 3.02pl5
Immune Systems:
* Xpdf version 3.02pl6
The linux version of xpdf is linked against t1lib, which is vulnerable to multiple vulnerabilities including off by ones, integer overflows and heap corruptions. At least one of those is exploitable and allows arbitrary code to be executed on the target machine when opening a specially crafted pdf file.
When parsing specially crafted Type 1 fonts, the t1lib library is subject to several memory corruption vulnerabilities.
CVE Information:
CVE-2011-0764
Disclosure Timeline:
Date Published: 28/03/2011
Last Update: 28/03/2011′