View at Official ubuntu advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2011-1554 low priority: Ubuntu including 1 source packages (t1lib), 8 status rows across 8 suites (dapper, hardy, karmic, lucid, maverick, natty, oneiric, upstream): released 4, ignored 3, needs-triage 1.
Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers to cause a denial of service (application crash) via a PDF document containing a crafted Type 1 font that triggers an invalid memory read, integer overflow, and invalid pointer dereference, a different vulnerability than CVE-2011-0764.