361 matches found
SUSE CVE-2004-1125
Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin and kpdf in KDE 3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a crafted PD...
SUSE CVE-2005-3626
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service crash via a crafted FlateDecode stream that triggers a null dereference...
SUSE CVE-2007-0650
Buffer overflow in the opensty function in mkind.c for makeindex 2.14 in teTeX might allow user-assisted remote attackers to overwrite files and possibly execute arbitrary code via a long filename. NOTE: other overflows exist but might not be exploitable, such as a heap-based overflow in the...
SUSE CVE-2007-5936
dvips in teTeX and TeXlive 2007 and earlier allows local users to obtain sensitive information and modify certain data by creating certain temporary files before they are processed by dviljk, which can then be read or modified in place...
SUSE CVE-2007-5937
Multiple buffer overflows in dvi2xx.c in dviljk in teTeX and TeXlive 2007 and earlier might allow user-assisted attackers to execute arbitrary code via a crafted DVI input file...
SUSE CVE-2010-0739
Integer overflow in the predospecial function in dospecial.c in dvips in 1 TeX Live and 2 teTeX might allow user-assisted remote attackers to execute arbitrary code via a crafted DVI file that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party...
SUSE CVE-2010-0829
Multiple array index errors in set.c in dvipng 1.11 and 1.12, and teTeX, allow remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a malformed DVI file...
SUSE CVE-2011-0433
Heap-based buffer overflow in the linetoken function in afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a DVI file containing a crafted Adobe Font Metrics AFM...
SUSE CVE-2011-0764
t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, uses an invalid pointer in conjunction with a dereference operation, which allows remote attackers to execute arbitrary code via a crafted Type 1 font in a PDF document, as demonstrated by testz.2184122398.pdf...
SUSE CVE-2011-1554
Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers to cause a denial of service application crash via a PDF document containing a crafted Type 1 font that triggers an invalid memory read, integer overflow, and invalid...
SUSE CVE-2011-5244
Multiple off-by-one errors in the 1 token and 2 linetoken functions in backend/dvi/mdvi-lib/afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via a DVI file containi...
Ubuntu: Security Advisory (USN-9-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-14-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-48-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Denial Of Service (DoS)
tetex is vulnerable to denial of service DoS. The vulnerability exists as multiple array index errors were found in the way teTeX converted DVI files into the Portable Network Graphics PNG format. An attacker could create a malicious DVI file that would cause the dvipng executable to crash...
Arbitrary Code Execution
tetex is vulnerable to arbitrary code execution. The vulnerability exists through the way teTeX processed special commands when converting DVI files into PostScript. An attacker could create a malicious DVI file that would cause the dvips executable to crash...
Arbitrary Code Execution
tetex is vulnerable to arbitrary code execution. The vulnerability exists through multiple integer overflow flaws were found in the way teTeX processed special commands when converting DVI files into PostScript. An attacker could create a malicious DVI file that would cause the dvips executable t...
Arbitrary Code Execution
tetex is vulnerable to arbitrary code execution. The vulnerability exists as a flaw was found in the t1lib library, used in the handling of Type 1 fonts. An attacker could create a malicious file that would cause TeTeX to crash, or potentially execute arbitrary code when opened...
CVE-2005-4784
Multiple buffer overflows in the POSIX readdirr function, as used in multiple packages, allow local users to cause a denial of service and possibly execute arbitrary code via 1 a symlink attack that exploits a race condition between opendir and pathcon calls and changes the filesystem to one with...
CVE-2007-0650
Buffer overflow in the opensty function in mkind.c for makeindex 2.14 in teTeX might allow user-assisted remote attackers to overwrite files and possibly execute arbitrary code via a long filename. NOTE: other overflows exist but might not be exploitable, such as a heap-based overflow in the...