Lucene search

K

[email protected]NVD:CVE-2010-0739

HistoryApr 16, 2010 - 6:30 p.m.

CVE-2010-0739

2010-04-1618:30:00

CWE-189

[email protected]

web.nvd.nist.gov

5

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.6

Confidence

Low

EPSS

0.142

Percentile

95.8%

Integer overflow in the predospecial function in dospecial.c in dvips in (1) TeX Live and (2) teTeX might allow user-assisted remote attackers to execute arbitrary code via a crafted DVI file that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information.

Affected configurations

Nvd

Node

tugtetex

OR

tugtex_live

References

git.frugalware.org/gitweb/gitweb.cgi?p=frugalware-stable.git%3Ba=blob%3Bf=source/xapps-extra/tetex/texlive-CVE-2010-0739-int-overflow.patch

lists.fedoraproject.org/pipermail/package-announce/2010-May/041573.html

lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html

lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html

secunia.com/advisories/39390

security.gentoo.org/glsa/glsa-201206-28.xml

www.securityfocus.com/bid/39500

www.ubuntu.com/usn/USN-937-1

bugzilla.redhat.com/show_bug.cgi?id=572941

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11468

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.6

Confidence

Low

EPSS

0.142

Percentile

95.8%

Related for NVD:CVE-2010-0739

veracode1 cve2 ubuntucve2 cvelist2 debiancve2 prion2 seebug1 nvd1 nessus23 fedora3 openvas29 securityvulns2 gentoo1 ubuntu1 centos3 redhat3 oraclelinux3