Lucene search
K

361 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 6:19 a.m.2 views

SUSE CVE-2004-1125

Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin and kpdf in KDE 3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a crafted PD...

9.3CVSS8AI score0.06576EPSS
Exploits0References11
SUSE CVE
SUSE CVE
added 2023/02/15 6:16 a.m.4 views

SUSE CVE-2005-3626

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service crash via a crafted FlateDecode stream that triggers a null dereference...

5CVSS6.7AI score0.0341EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2023/02/15 6:13 a.m.3 views

SUSE CVE-2007-0650

Buffer overflow in the opensty function in mkind.c for makeindex 2.14 in teTeX might allow user-assisted remote attackers to overwrite files and possibly execute arbitrary code via a long filename. NOTE: other overflows exist but might not be exploitable, such as a heap-based overflow in the...

6.8CVSS8.2AI score0.04043EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:10 a.m.3 views

SUSE CVE-2007-5936

dvips in teTeX and TeXlive 2007 and earlier allows local users to obtain sensitive information and modify certain data by creating certain temporary files before they are processed by dviljk, which can then be read or modified in place...

3.6CVSS6.2AI score0.00399EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 6:10 a.m.2 views

SUSE CVE-2007-5937

Multiple buffer overflows in dvi2xx.c in dviljk in teTeX and TeXlive 2007 and earlier might allow user-assisted attackers to execute arbitrary code via a crafted DVI input file...

6.8CVSS8AI score0.03151EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 6:0 a.m.4 views

SUSE CVE-2010-0739

Integer overflow in the predospecial function in dospecial.c in dvips in 1 TeX Live and 2 teTeX might allow user-assisted remote attackers to execute arbitrary code via a crafted DVI file that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party...

6.8CVSS8.4AI score0.04918EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2023/02/15 6:0 a.m.4 views

SUSE CVE-2010-0829

Multiple array index errors in set.c in dvipng 1.11 and 1.12, and teTeX, allow remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a malformed DVI file...

4.3CVSS8AI score0.04539EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:54 a.m.6 views

SUSE CVE-2011-0433

Heap-based buffer overflow in the linetoken function in afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a DVI file containing a crafted Adobe Font Metrics AFM...

6.8CVSS8.2AI score0.0421EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 5:54 a.m.6 views

SUSE CVE-2011-0764

t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, uses an invalid pointer in conjunction with a dereference operation, which allows remote attackers to execute arbitrary code via a crafted Type 1 font in a PDF document, as demonstrated by testz.2184122398.pdf...

6.8CVSS7.6AI score0.13055EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 5:53 a.m.4 views

SUSE CVE-2011-1554

Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers to cause a denial of service application crash via a PDF document containing a crafted Type 1 font that triggers an invalid memory read, integer overflow, and invalid...

4.3CVSS6.9AI score0.05417EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:49 a.m.5 views

SUSE CVE-2011-5244

Multiple off-by-one errors in the 1 token and 2 linetoken functions in backend/dvi/mdvi-lib/afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via a DVI file containi...

6.8CVSS7.7AI score0.03355EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2022/08/26 12:0 a.m.22 views

Ubuntu: Security Advisory (USN-9-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS6.6AI score0.09334EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/08/26 12:0 a.m.25 views

Ubuntu: Security Advisory (USN-14-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS6.7AI score0.09334EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/08/26 12:0 a.m.23 views

Ubuntu: Security Advisory (USN-48-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS6.5AI score0.06576EPSS
Exploits0References2
Veracode
Veracode
added 2020/04/10 12:44 a.m.17 views

Denial Of Service (DoS)

tetex is vulnerable to denial of service DoS. The vulnerability exists as multiple array index errors were found in the way teTeX converted DVI files into the Portable Network Graphics PNG format. An attacker could create a malicious DVI file that would cause the dvipng executable to crash...

4.3CVSS4.3AI score0.04539EPSS
Exploits1References11Affected Software1
Veracode
Veracode
added 2020/04/10 12:44 a.m.34 views

Arbitrary Code Execution

tetex is vulnerable to arbitrary code execution. The vulnerability exists through the way teTeX processed special commands when converting DVI files into PostScript. An attacker could create a malicious DVI file that would cause the dvips executable to crash...

6.8CVSS3.6AI score0.0343EPSS
Exploits1References12Affected Software1
Veracode
Veracode
added 2020/04/10 12:44 a.m.26 views

Arbitrary Code Execution

tetex is vulnerable to arbitrary code execution. The vulnerability exists through multiple integer overflow flaws were found in the way teTeX processed special commands when converting DVI files into PostScript. An attacker could create a malicious DVI file that would cause the dvips executable t...

6.8CVSS4.3AI score0.04918EPSS
Exploits1References16Affected Software1
Veracode
Veracode
added 2020/04/10 12:21 a.m.16 views

Arbitrary Code Execution

tetex is vulnerable to arbitrary code execution. The vulnerability exists as a flaw was found in the t1lib library, used in the handling of Type 1 fonts. An attacker could create a malicious file that would cause TeTeX to crash, or potentially execute arbitrary code when opened...

7.5CVSS3.5AI score0.18661EPSS
Exploits1References42Affected Software1
RedhatCVE
RedhatCVE
added 2015/10/30 9:45 a.m.20 views

CVE-2005-4784

Multiple buffer overflows in the POSIX readdirr function, as used in multiple packages, allow local users to cause a denial of service and possibly execute arbitrary code via 1 a symlink attack that exploits a race condition between opendir and pathcon calls and changes the filesystem to one with...

5.6CVSS8.2AI score0.00429EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2015/10/30 9:35 a.m.17 views

CVE-2007-0650

Buffer overflow in the opensty function in mkind.c for makeindex 2.14 in teTeX might allow user-assisted remote attackers to overwrite files and possibly execute arbitrary code via a long filename. NOTE: other overflows exist but might not be exploitable, such as a heap-based overflow in the...

6.8CVSS8.5AI score0.04043EPSS
Exploits0References2
Rows per page
Query Builder