107 matches found
CVE-2018-17407
An issue was discovered in t1checkunusualcharstring functions in writet1.c files in TeX Live before 2018-09-21. A buffer overflow in the handling of Type 1 fonts allows arbitrary code execution when a malicious font is loaded by one of the vulnerable tools: pdflatex, pdftex, dvips, or luatex...
Debian DLA-1514-1 : texlive-bin security update
Nick Roessler from the University of Pennsylvania has found a buffer overflow in texlive-bin, the executables for TexLive, the popular distribution of TeX document production system. This buffer overflow can be used for arbitrary code execution by crafting a special type1 font .pfb and provide it...
Buffer overflow
An issue was discovered in t1checkunusualcharstring functions in writet1.c files in TeX Live before 2018-09-21. A buffer overflow in the handling of Type 1 fonts allows arbitrary code execution when a malicious font is loaded by one of the vulnerable tools: pdflatex, pdftex, dvips, or luatex...
CVE-2018-17407
An issue was discovered in t1checkunusualcharstring functions in writet1.c files in TeX Live before 2018-09-21. A buffer overflow in the handling of Type 1 fonts allows arbitrary code execution when a malicious font is loaded by one of the vulnerable tools: pdflatex, pdftex, dvips, or luatex...
CVE-2018-17407
Summary (CVE-2018-17407) : TeX Live before 2018-09-21 contains a buffer overflow in the Type 1 font handling code, specifically in the t1_check_unusual_charstring function within writet1.c. This vulnerability can allow arbitrary code execution if a malicious font is loaded by vulnerable tools (pd...
CVE-2018-17407
An issue was discovered in t1checkunusualcharstring functions in writet1.c files in TeX Live before 2018-09-21. A buffer overflow in the handling of Type 1 fonts allows arbitrary code execution when a malicious font is loaded by one of the vulnerable tools: pdflatex, pdftex, dvips, or luatex...
Oracle: Security Advisory (ELSA-2007-0731)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Vulnerabilities of the CentOS operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities of the texlive-dvips-2007 package for the CentOS operating system may lead to violations of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...
Vulnerabilities of the Red Hat Linux operating system, which allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the tetex-dvips-1.0.6 package for the Red Hat Linux operating system may lead to violations of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...
Vulnerabilities of the Red Hat Linux operating system, which allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the tetex-dvips-1.0.7 package for the Red Hat Linux operating system may lead to violations of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...
Vulnerabilities of the Red Hat Enterprise Linux operating system, which allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the tetex-dvips-3.0 package for the Red Hat Enterprise Linux operating system may lead to violations of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...
Vulnerabilities of the Red Hat Enterprise Linux operating system, which allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the texlive-dvips-2007 package for the Red Hat Enterprise Linux operating system may lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...
RedHat 6.2/7.0/7.1 Lpd Remote Command Execution via DVI Printfilter Configuration Error
No description provided by source. source: http://www.securityfocus.com/bid/3241/info 'dvips' is a utility that converts DVI documents to PostScript. It is an optional component of the TeTeX text formatting package. When installed on a system where LPRnG and TeTeX are in use, 'dvips' will be...
RedHat Update for tetex RHSA-2012:1201-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Scientific Linux Security Update : texlive on SL6.x i386/x86_64 (20120215)
TeX Live is an implementation of TeX. TeX takes a text file and a set of formatting commands as input, and creates a typesetter-independent DeVice Independent DVI file as output. The texlive packages provide a number of utilities, including dvips. TeX Live embeds a copy of t1lib. The t1lib librar...
RedHat Update for texlive RHSA-2012:0137-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
SuSE 10 Security Update : TeX (ZYPP Patch Number 7020)
Specially crafted dvi files could cause buffer overflows in dvips and dvipng CVE-2010-0827 / CVE-2010-0829 / CVE-2010-0739 / CVE-2010-1440. This has been fixed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...
SuSE 11 Security Update : TeX (SAT Patch Number 2393)
Specially crafted dvi files could cause buffer overflows in dvips and dvipng CVE-2010-0827 / CVE-2010-0829 / CVE-2010-0739 / CVE-2010-1440. This has been fixed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11...
openSUSE Security Update : texlive (openSUSE-SU-2010:0251-1)
Specially crafted dvi files could cause buffer overflows in dvips and dvipng CVE-2010-0827, CVE-2010-0829, CVE-2010-0739, CVE-2010-1440. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...
CVE-2010-0827
Integer overflow in dvips in TeX Live 2009 and earlier, and teTeX, allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted virtual font VF file associated with a DVI file...