CVE-2011-0764

t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, uses an invalid pointer in conjunction with a dereference operation, which allows remote attackers to execute arbitrary code via a crafted Type 1 font in a PDF document, as demonstrated by testz.2184122398.pdf.

Published: 2011-03-31 Last update: 2026-04-29 Assigner: [email protected] Source: [email protected]
NVD Status:ModifiedCVE State: published
View at NVD, CVE.org, EUVD

CVE-2011-0764 is rated Moderate Risk (58.6/100): CVSS Medium severity, with high exploitation likelihood (EPSS 28.73%, 97th percentile). EPSS ranks this CVE among the most likely to be exploited in the near term. High exploitation likelihood—assess exposure and prioritize remediation.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2011-0764

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2026-06-07 31.19% 28.73% -2.45%
2 2025-03-17 49.76% 31.19% -18.57%
3 2024-12-17 49.76%

Full EPSS history (6 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2011-0764

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
6.8 2.0 MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P Click to expand
Access vector (AV:N)
Can be exploited remotely over network reachability.
Access complexity (AC:M)
Exploitation needs some favorable conditions, but not exceptional ones.
Authentication (AU:N)
No authentication is required.
Confidentiality impact (C:P)
Partial confidentiality impact.
Integrity impact (I:P)
Partial integrity impact.
Availability impact (A:P)
Partial availability impact.
 8.6 6.4 [email protected]

Weakness enumeration for CVE-2011-0764

OS Trackers for CVE-2011-0764

vendor priority summary link
debian unimportant CVE-2011-0764 unimportant priority: Debian including 2 source packages (poppler, xpdf), 10 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 10. https://security-tracker.debian.org/tracker/CVE-2011-0764
gentoo normal CVE-2011-0764: 1 GLSA(s) (201701-57), 1 atom(s) (media-libs/t1lib); latest impact normal. https://bugs.gentoo.org/buglist.cgi?quicksearch=CVE-2011-0764
redhat medium https://access.redhat.com/security/cve/CVE-2011-0764
ubuntu medium CVE-2011-0764 medium priority: Ubuntu including 1 source packages (t1lib), 8 status rows across 8 suites (dapper, hardy, karmic, lucid, maverick, natty, oneiric, upstream): released 5, ignored 3. https://ubuntu.com/security/CVE-2011-0764

Affected software / configurations for CVE-2011-0764

Vendor Product Version Raw CPE
t1lib t1lib <= 5.1.2 cpe:2.3:a:t1lib:t1lib:*:*:*:*:*:*:*:*
t1lib t1lib 0.1 cpe:2.3:a:t1lib:t1lib:0.1:alpha:*:*:*:*:*:*
t1lib t1lib 0.2 cpe:2.3:a:t1lib:t1lib:0.2:beta:*:*:*:*:*:*
t1lib t1lib 0.3 cpe:2.3:a:t1lib:t1lib:0.3:beta:*:*:*:*:*:*
t1lib t1lib 0.4 cpe:2.3:a:t1lib:t1lib:0.4:beta:*:*:*:*:*:*
t1lib t1lib 0.5 cpe:2.3:a:t1lib:t1lib:0.5:beta:*:*:*:*:*:*
t1lib t1lib 0.6 cpe:2.3:a:t1lib:t1lib:0.6:beta:*:*:*:*:*:*
t1lib t1lib 0.7 cpe:2.3:a:t1lib:t1lib:0.7:beta:*:*:*:*:*:*
t1lib t1lib 0.8 cpe:2.3:a:t1lib:t1lib:0.8:beta:*:*:*:*:*:*
t1lib t1lib 0.9 cpe:2.3:a:t1lib:t1lib:0.9:*:*:*:*:*:*:*
t1lib t1lib 0.9.1 cpe:2.3:a:t1lib:t1lib:0.9.1:*:*:*:*:*:*:*
t1lib t1lib 0.9.2 cpe:2.3:a:t1lib:t1lib:0.9.2:*:*:*:*:*:*:*
t1lib t1lib 1.0 cpe:2.3:a:t1lib:t1lib:1.0:*:*:*:*:*:*:*
t1lib t1lib 1.0.1 cpe:2.3:a:t1lib:t1lib:1.0.1:*:*:*:*:*:*:*
t1lib t1lib 1.1.0 cpe:2.3:a:t1lib:t1lib:1.1.0:*:*:*:*:*:*:*
t1lib t1lib 1.1.1 cpe:2.3:a:t1lib:t1lib:1.1.1:*:*:*:*:*:*:*
t1lib t1lib 1.2 cpe:2.3:a:t1lib:t1lib:1.2:*:*:*:*:*:*:*
t1lib t1lib 1.3 cpe:2.3:a:t1lib:t1lib:1.3:*:*:*:*:*:*:*
t1lib t1lib 1.3.1 cpe:2.3:a:t1lib:t1lib:1.3.1:*:*:*:*:*:*:*
t1lib t1lib 5.0.0 cpe:2.3:a:t1lib:t1lib:5.0.0:*:*:*:*:*:*:*
t1lib t1lib 5.0.1 cpe:2.3:a:t1lib:t1lib:5.0.1:*:*:*:*:*:*:*
t1lib t1lib 5.0.2 cpe:2.3:a:t1lib:t1lib:5.0.2:*:*:*:*:*:*:*
t1lib t1lib 5.1.0 cpe:2.3:a:t1lib:t1lib:5.1.0:*:*:*:*:*:*:*
t1lib t1lib 5.1.1 cpe:2.3:a:t1lib:t1lib:5.1.1:*:*:*:*:*:*:*
foolabs xpdf 0.5a cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*
foolabs xpdf 0.7a cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*
foolabs xpdf 0.91a cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*
foolabs xpdf 0.91b cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*
foolabs xpdf 0.91c cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*
foolabs xpdf 0.92a cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*
foolabs xpdf 0.92b cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*
foolabs xpdf 0.92c cpe:2.3:a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*
foolabs xpdf 0.92d cpe:2.3:a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*
foolabs xpdf 0.92e cpe:2.3:a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*
foolabs xpdf 0.93a cpe:2.3:a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*
foolabs xpdf 0.93b cpe:2.3:a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*
foolabs xpdf 0.93c cpe:2.3:a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*
foolabs xpdf 1.00a cpe:2.3:a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*
foolabs xpdf 3.0.1 cpe:2.3:a:foolabs:xpdf:3.0.1:*:*:*:*:*:*:*
foolabs xpdf 3.02pl1 cpe:2.3:a:foolabs:xpdf:3.02pl1:*:*:*:*:*:*:*
foolabs xpdf 3.02pl2 cpe:2.3:a:foolabs:xpdf:3.02pl2:*:*:*:*:*:*:*
foolabs xpdf 3.02pl3 cpe:2.3:a:foolabs:xpdf:3.02pl3:*:*:*:*:*:*:*
foolabs xpdf 3.02pl4 cpe:2.3:a:foolabs:xpdf:3.02pl4:*:*:*:*:*:*:*
glyphandcog xpdfreader <= 3.02 cpe:2.3:a:glyphandcog:xpdfreader:*:*:*:*:*:*:*:*
glyphandcog xpdfreader 0.2 cpe:2.3:a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*
glyphandcog xpdfreader 0.3 cpe:2.3:a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*
glyphandcog xpdfreader 0.4 cpe:2.3:a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*
glyphandcog xpdfreader 0.5 cpe:2.3:a:glyphandcog:xpdfreader:0.5:*:*:*:*:*:*:*
glyphandcog xpdfreader 0.6 cpe:2.3:a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*
glyphandcog xpdfreader 0.7 cpe:2.3:a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*
glyphandcog xpdfreader 0.80 cpe:2.3:a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*
glyphandcog xpdfreader 0.90 cpe:2.3:a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*
glyphandcog xpdfreader 0.91 cpe:2.3:a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*
glyphandcog xpdfreader 0.92 cpe:2.3:a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*
glyphandcog xpdfreader 0.93 cpe:2.3:a:glyphandcog:xpdfreader:0.93:*:*:*:*:*:*:*
glyphandcog xpdfreader 1.00 cpe:2.3:a:glyphandcog:xpdfreader:1.00:*:*:*:*:*:*:*
glyphandcog xpdfreader 1.01 cpe:2.3:a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*
glyphandcog xpdfreader 2.00 cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*
glyphandcog xpdfreader 2.01 cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*
glyphandcog xpdfreader 2.02 cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*
glyphandcog xpdfreader 2.03 cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*
glyphandcog xpdfreader 3.00 cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*
glyphandcog xpdfreader 3.01 cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*
glyphandcog xpdfreader 3.02 cpe:2.3:a:glyphandcog:xpdfreader:3.02:*:*:*:*:*:*:*

References for CVE-2011-0764

URL Tags
http://rhn.redhat.com/errata/RHSA-2012-1201.html
http://secunia.com/advisories/43823 Vendor Advisory
http://secunia.com/advisories/47347
http://secunia.com/advisories/48985
http://securityreason.com/securityalert/8171
http://securitytracker.com/id?1025266
http://www.foolabs.com/xpdf/download.html Patch
http://www.kb.cert.org/vuls/id/376500 US Government Resource
http://www.kb.cert.org/vuls/id/MAPG-8ECL8X US Government Resource
http://www.mandriva.com/security/advisories?name=MDVSA-2012:002
http://www.mandriva.com/security/advisories?name=MDVSA-2012:144
http://www.securityfocus.com/archive/1/517205/100/0/threaded
http://www.securityfocus.com/bid/46941
http://www.toucan-system.com/advisories/tssa-2011-01.txt
http://www.ubuntu.com/usn/USN-1316-1
http://www.vupen.com/english/advisories/2011/0728 Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/66208
https://security.gentoo.org/glsa/201701-57
cvelogic Threat Intelligence