42 matches found
UBUNTU-CVE-2024-43426
A flaw was found in pdfTeX. Insufficient sanitizing in the TeX notation filter resulted in an arbitrary file read risk on sites where pdfTeX is available, such as those with TeX Live installed...
CVE-2024-43426 Moodle: arbitrary file read risk through pdftex
A flaw was found in pdfTeX. Insufficient sanitizing in the TeX notation filter resulted in an arbitrary file read risk on sites where pdfTeX is available, such as those with TeX Live installed...
CVE-2024-43426 Moodle: arbitrary file read risk through pdftex
A flaw was found in pdfTeX. Insufficient sanitizing in the TeX notation filter resulted in an arbitrary file read risk on sites where pdfTeX is available, such as those with TeX Live installed...
CVE-2024-43426 Moodle: arbitrary file read risk through pdftex
A flaw was found in pdfTeX. Insufficient sanitizing in the TeX notation filter resulted in an arbitrary file read risk on sites where pdfTeX is available, such as those with TeX Live installed...
CVE-2024-43426
CVE-2024-43426 is an arbitrary file read risk caused by insufficient sanitizing in the pdfTeX TeX notation filter. The vulnerability arises on systems where pdfTeX is available (e.g., TeX Live). Public sources repeatedly reference Moodle-related disclosure and OSV/GHSA entries, confirming the sam...
PT-2024-30578 · Pdftex +1 · Pdftex +1
Name of the Vulnerable Software and Affected Versions: pdfTeX affected versions not specified Description: A flaw was found in pdfTeX, where insufficient sanitizing in the TeX notation filter resulted in an arbitrary file read risk on sites where pdfTeX is available, such as those with TeX Live...
SUSE CVE-2023-46051
TeX Live 944e257 allows a NULL pointer dereference in texk/web2c/pdftexdir/tounicode.c. NOTE: this is disputed because it should be categorized as a usability problem...
DEBIAN-CVE-2023-46048
Tex Live 944e257 has a NULL pointer dereference in texk/web2c/pdftexdir/writet1.c. NOTE: this is disputed because it should be categorized as a usability problem...
PT-2024-13324 · Tex Live +2 · Tex Live +2
Name of the Vulnerable Software and Affected Versions: TeX Live version 944e257 Description: The issue in TeX Live allows a NULL pointer dereference in the tounicode.c file, located in texk/web2c/pdftexdir. However, it is noted that this issue is disputed and might be categorized as a usability...
Oracle Linux 7 : texlive (ELSA-2020-1036)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-1036 advisory. 2:2012-45.20130427r30134 - Related: 1650521, buffer overflow in t1checkunusualcharstring function 2:2012-44.20130427r30134 - Resolves: 1650521, buffer overflow ...
EulerOS 2.0 SP2 : texlive (EulerOS-SA-2021-1368)
According to the version of the texlive packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An issue was discovered in t1checkunusualcharstring functions in writet1.c files in TeX Live before 2018-09-21. A buffer overflow in the handling ...
Huawei EulerOS: Security Advisory for texlive (EulerOS-SA-2021-1368)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
NewStart CGSL CORE 5.04 / MAIN 5.04 : texlive Vulnerability (NS-SA-2020-0078)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has texlive packages installed that are affected by a vulnerability: - An issue was discovered in t1checkunusualcharstring functions in writet1.c files in TeX Live before 2018-09-21. A buffer overflow in the handling of Type 1...
Amazon Linux 2 : texlive (ALAS-2020-1461)
The version of texlive installed on the remote host is prior to 2012-38.20130427r30134. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2020-1461 advisory. An issue was discovered in t1checkunusualcharstring functions in writet1.c files in TeX Live before 2018-09-21. A...
SUSE SLED15 / SLES15 Security Update : texlive (SUSE-SU-2018:3122-1)
This update for texlive fixes the following issue : CVE-2018-17407: Prevent buffer overflow when handling of Type 1 fonts allowed arbitrary code execution when a malicious font was loaded by one of the vulnerable tools: pdflatex, pdftex, dvips, or luatex bsc1109673. Note that Tenable Network...
Updated texlive packages fix security vulnerability
Updated texlive packages fix security vulnerability: A buffer overflow in the handling of Type 1 fonts allowed arbitrary code execution when a malicious font is loaded by one of the vulnerable tools: pdflatex, pdftex, dvips, or luatex CVE-2018-17407...
SUSE SLED12 / SLES12 Security Update : texlive (SUSE-SU-2018:3033-1)
This update for texlive fixes the following issue : CVE-2018-17407: Prevent buffer overflow when handling of Type 1 fonts allowed arbitrary code execution when a malicious font was loaded by one of the vulnerable tools: pdflatex, pdftex, dvips, or luatex bsc1109673 Note that Tenable Network...
CVE-2018-17407
An issue was discovered in t1checkunusualcharstring functions in writet1.c files in TeX Live before 2018-09-21. A buffer overflow in the handling of Type 1 fonts allows arbitrary code execution when a malicious font is loaded by one of the vulnerable tools: pdflatex, pdftex, dvips, or luatex...
Buffer overflow
An issue was discovered in t1checkunusualcharstring functions in writet1.c files in TeX Live before 2018-09-21. A buffer overflow in the handling of Type 1 fonts allows arbitrary code execution when a malicious font is loaded by one of the vulnerable tools: pdflatex, pdftex, dvips, or luatex...
CVE-2018-17407
An issue was discovered in t1checkunusualcharstring functions in writet1.c files in TeX Live before 2018-09-21. A buffer overflow in the handling of Type 1 fonts allows arbitrary code execution when a malicious font is loaded by one of the vulnerable tools: pdflatex, pdftex, dvips, or luatex...