Lucene search
K

107 matches found

RedhatCVE
RedhatCVE
added 2018/09/25 3:23 p.m.52 views

CVE-2018-17407

An issue was discovered in t1checkunusualcharstring functions in writet1.c files in TeX Live before 2018-09-21. A buffer overflow in the handling of Type 1 fonts allows arbitrary code execution when a malicious font is loaded by one of the vulnerable tools: pdflatex, pdftex, dvips, or luatex...

7.8CVSS2.3AI score0.02058EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/09/24 12:0 a.m.13 views

Debian DLA-1514-1 : texlive-bin security update

Nick Roessler from the University of Pennsylvania has found a buffer overflow in texlive-bin, the executables for TexLive, the popular distribution of TeX document production system. This buffer overflow can be used for arbitrary code execution by crafting a special type1 font .pfb and provide it...

6.5AI score
Exploits0References2
Prion
Prion
added 2018/09/23 9:29 p.m.17 views

Buffer overflow

An issue was discovered in t1checkunusualcharstring functions in writet1.c files in TeX Live before 2018-09-21. A buffer overflow in the handling of Type 1 fonts allows arbitrary code execution when a malicious font is loaded by one of the vulnerable tools: pdflatex, pdftex, dvips, or luatex...

6.8CVSS7.9AI score0.02058EPSS
Exploits0References5Affected Software3
OSV
OSV
added 2018/09/23 9:29 p.m.22 views

CVE-2018-17407

An issue was discovered in t1checkunusualcharstring functions in writet1.c files in TeX Live before 2018-09-21. A buffer overflow in the handling of Type 1 fonts allows arbitrary code execution when a malicious font is loaded by one of the vulnerable tools: pdflatex, pdftex, dvips, or luatex...

7.8CVSS8AI score
Exploits0References5
CVE
CVE
added 2018/09/23 9:0 p.m.351 views

CVE-2018-17407

Summary (CVE-2018-17407) : TeX Live before 2018-09-21 contains a buffer overflow in the Type 1 font handling code, specifically in the t1_check_unusual_charstring function within writet1.c. This vulnerability can allow arbitrary code execution if a malicious font is loaded by vulnerable tools (pd...

7.8CVSS7.8AI score0.02058EPSS
Exploits0References5Affected Software1
Debian CVE
Debian CVE
added 2018/09/23 9:0 p.m.39 views

CVE-2018-17407

An issue was discovered in t1checkunusualcharstring functions in writet1.c files in TeX Live before 2018-09-21. A buffer overflow in the handling of Type 1 fonts allows arbitrary code execution when a malicious font is loaded by one of the vulnerable tools: pdflatex, pdftex, dvips, or luatex...

7.8CVSS8.3AI score0.02058EPSS
Exploits0
OpenVAS
OpenVAS
added 2015/10/08 12:0 a.m.42 views

Oracle: Security Advisory (ELSA-2007-0731)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.9AI score0.08565EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.6 views

Vulnerabilities of the CentOS operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities of the texlive-dvips-2007 package for the CentOS operating system may lead to violations of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

7.6CVSS5.4AI score0.1427EPSS
Exploits0References7Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.7 views

Vulnerabilities of the Red Hat Linux operating system, which allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the tetex-dvips-1.0.6 package for the Red Hat Linux operating system may lead to violations of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

7.5CVSS5.4AI score0.09324EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.6 views

Vulnerabilities of the Red Hat Linux operating system, which allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the tetex-dvips-1.0.7 package for the Red Hat Linux operating system may lead to violations of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

7.5CVSS5.4AI score0.09324EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.8 views

Vulnerabilities of the Red Hat Enterprise Linux operating system, which allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the tetex-dvips-3.0 package for the Red Hat Enterprise Linux operating system may lead to violations of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

9.3CVSS6.6AI score0.18661EPSS
Exploits2References5
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.4 views

Vulnerabilities of the Red Hat Enterprise Linux operating system, which allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the texlive-dvips-2007 package for the Red Hat Enterprise Linux operating system may lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

7.6CVSS5.4AI score0.1427EPSS
Exploits0References7
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.10 views

RedHat 6.2/7.0/7.1 Lpd Remote Command Execution via DVI Printfilter Configuration Error

No description provided by source. source: http://www.securityfocus.com/bid/3241/info 'dvips' is a utility that converts DVI documents to PostScript. It is an optional component of the TeTeX text formatting package. When installed on a system where LPRnG and TeTeX are in use, 'dvips' will be...

7.1AI score
Exploits0
OpenVAS
OpenVAS
added 2012/08/24 12:0 a.m.27 views

RedHat Update for tetex RHSA-2012:1201-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

7.6CVSS8AI score0.1427EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.26 views

Scientific Linux Security Update : texlive on SL6.x i386/x86_64 (20120215)

TeX Live is an implementation of TeX. TeX takes a text file and a set of formatting commands as input, and creates a typesetter-independent DeVice Independent DVI file as output. The texlive packages provide a number of utilities, including dvips. TeX Live embeds a copy of t1lib. The t1lib librar...

7.6CVSS6.3AI score0.1427EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2012/07/09 12:0 a.m.31 views

RedHat Update for texlive RHSA-2012:0137-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

7.6CVSS6.8AI score0.1427EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2011/01/27 12:0 a.m.28 views

SuSE 10 Security Update : TeX (ZYPP Patch Number 7020)

Specially crafted dvi files could cause buffer overflows in dvips and dvipng CVE-2010-0827 / CVE-2010-0829 / CVE-2010-0739 / CVE-2010-1440. This has been fixed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...

6.8CVSS5.4AI score0.04918EPSS
Exploits3References8
Tenable Nessus
Tenable Nessus
added 2010/12/02 12:0 a.m.17 views

SuSE 11 Security Update : TeX (SAT Patch Number 2393)

Specially crafted dvi files could cause buffer overflows in dvips and dvipng CVE-2010-0827 / CVE-2010-0829 / CVE-2010-0739 / CVE-2010-1440. This has been fixed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11...

6.8CVSS5.4AI score0.04918EPSS
Exploits3References9
Tenable Nessus
Tenable Nessus
added 2010/05/15 12:0 a.m.34 views

openSUSE Security Update : texlive (openSUSE-SU-2010:0251-1)

Specially crafted dvi files could cause buffer overflows in dvips and dvipng CVE-2010-0827, CVE-2010-0829, CVE-2010-0739, CVE-2010-1440. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

6.8CVSS5.5AI score0.04918EPSS
Exploits3References6
NVD
NVD
added 2010/05/07 6:24 p.m.12 views

CVE-2010-0827

Integer overflow in dvips in TeX Live 2009 and earlier, and teTeX, allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted virtual font VF file associated with a DVI file...

6.8CVSS7.8AI score0.04439EPSS
Exploits0References10
Rows per page
Query Builder