Total
5 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2010-2642 | 3 Redhat, T1lib, Tug | 3 Evince, T1lib, Tetex | 2024-11-21 | 7.6 HIGH | N/A |
Heap-based buffer overflow in the AFM font parser in the dvi-backend component in Evince 2.32 and earlier, teTeX 3.0, t1lib 5.1.2, and possibly other products allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer. | |||||
CVE-2010-1440 | 1 Tug | 2 Tetex, Tex Live | 2024-11-21 | 6.8 MEDIUM | N/A |
Multiple integer overflows in dvipsk/dospecial.c in dvips in TeX Live 2009 and earlier, and teTeX, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a special command in a DVI file, related to the (1) predospecial and (2) bbdospecial functions, a different vulnerability than CVE-2010-0739. | |||||
CVE-2010-0829 | 2 Jan-ake Larsson, Tug | 2 Dvipng, Tetex | 2024-11-21 | 4.3 MEDIUM | N/A |
Multiple array index errors in set.c in dvipng 1.11 and 1.12, and teTeX, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed DVI file. | |||||
CVE-2010-0827 | 1 Tug | 2 Tetex, Tex Live | 2024-11-21 | 6.8 MEDIUM | N/A |
Integer overflow in dvips in TeX Live 2009 and earlier, and teTeX, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted virtual font (VF) file associated with a DVI file. | |||||
CVE-2010-0739 | 1 Tug | 2 Tetex, Tex Live | 2024-11-21 | 6.8 MEDIUM | N/A |
Integer overflow in the predospecial function in dospecial.c in dvips in (1) TeX Live and (2) teTeX might allow user-assisted remote attackers to execute arbitrary code via a crafted DVI file that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information. |