Lucene search

K
cve[email protected]CVE-2010-0829
HistoryMay 07, 2010 - 6:24 p.m.

CVE-2010-0829

2010-05-0718:24:15
CWE-119
web.nvd.nist.gov
41
cve-2010-0829
dvipng
tetex
array index errors
denial of service
application crash
arbitrary code
nvd
security vulnerability

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

AI Score

9.6

Confidence

High

EPSS

0.036

Percentile

91.6%

Multiple array index errors in set.c in dvipng 1.11 and 1.12, and teTeX, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed DVI file.

Affected configurations

NVD
Node
jan-ake_larssondvipngMatch1.11
OR
jan-ake_larssondvipngMatch1.12
Node
tugtetex
VendorProductVersionCPE
jan-ake_larssondvipng1.11cpe:/a:jan-ake_larsson:dvipng:1.11:::
jan-ake_larssondvipng1.12cpe:/a:jan-ake_larsson:dvipng:1.12:::

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

AI Score

9.6

Confidence

High

EPSS

0.036

Percentile

91.6%