CVE-2005-1065

The vulnerability CVE-2005-1065 affects tetex in Novell Linux Desktop 9. An attacker with local access can determine the existence of arbitrary files via a symlink attack in /var/cache/fonts, enabling partial confidentiality impact without authentication. The common root cause is a symlink handli...

RHEL 2.1 / 3 : tetex (RHSA-2005:354)

Updated tetex packages that fix several integer overflows are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. TeTeX is an implementation of TeX for Linux or UNIX systems. TeX takes a text file and a set of formatting commands as...

tetex security update

CentOS Errata and Security Advisory CESA-2005:354 Updated tetex packages that fix several integer overflows are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. TeTeX is an implementation of TeX for Linux or UNIX systems. TeX take...

Moderate: Red Hat Security Advisory: tetex security update

Updated tetex packages that fix several integer overflows are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. TeTeX is an implementation of TeX for Linux or UNIX systems. TeX takes a text file and a set of formatting commands as...

Moderate: Red Hat Security Advisory: tetex security update

Updated tetex packages that resolve security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The tetex packages teTeX contain an implementation of TeX for Linux or UNIX systems. A buffer...

RHEL 4 : tetex (RHSA-2005:026)

The remote Redhat Enterprise Linux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2005:026 advisory. The tetex packages teTeX contain an implementation of TeX for Linux or UNIX systems. A buffer overflow flaw was found in the Gfx::doImage...

security flaw

Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin and kpdf in KDE 3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a crafted PD...

GLSA-200501-31 : teTeX, pTeX, CSTeX: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200501-31 teTeX, pTeX, CSTeX: Multiple vulnerabilities teTeX, pTeX and CSTeX all make use of Xpdf code and may therefore be vulnerable to the various overflows that were discovered in Xpdf code CAN-2004-0888, CAN-2004-0889,...

[ GLSA 200501-31 ] teTeX, pTeX, CSTeX: Multiple vulnerabilities

Gentoo Linux Security Advisory GLSA 200501-31 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...

Mandrake Linux Security Advisory : tetex (MDKSA-2005:021)

A buffer overflow vulnerability was discovered in the xpdf PDF code, which could allow for arbitrary code execution as the user viewing a PDF file. The vulnerability exists due to insufficient bounds checking while processing a PDF file that provides malicious values in the /Encrypt /Length tag...

teTeX, pTeX, CSTeX: Multiple vulnerabilities

Background teTeX is a complete and open source TeX distribution. CSTeX is another TeX distribution including Czech and Slovak support. pTeX is another alternative that allows Japanese publishing with TeX. xdvizilla is an auxiliary script used to integrate DVI file viewing in Mozilla-based browser...

CVE-2004-1125

Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin and kpdf in KDE 3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a crafted PD...

CVE-2004-1336

The CVE-2004-1336 issue affects tetex-bin 2.0.2, where the xdvizilla script creates temporary files with predictable filenames, enabling a local user to overwrite arbitrary files via a symlink attack. The vulnerability is described consistently across CVE, NVD, and CVE List entries. The available...

Fedora Core 2 : tetex-2.0.2-14FC2.1 / tetex-2.0.2-14FC2.1 (2004-584)

The remote Fedora Core host is missing one or more security updates : tetex-2.0.2-14FC2.1 : The updated tetex package fixes a buffer overflow which allows attackers to cause the internal xpdf library used by applications in tetex to crash, and possibly to execute arbitrary code. The Common...

Fedora Core 3 : tetex-2.0.2-21.2 (2004-585)

The updated tetex package fixes a buffer overflow which allows attackers to cause the internal xpdf library used by applications in tetex to crash, and possibly to execute arbitrary code. The Common Vulnerabilities and Exposures projects cve.mitre.org has assigned the name CVE-2004-1125 to this...

Mandrake Linux Security Advisory : tetex (MDKSA-2004:166)

Chris Evans discovered numerous vulnerabilities in the xpdf package, which also effect software using embedded xpdf code, such as tetex CVE-2004-0888. Multiple integer overflow issues affecting xpdf-2.0 and xpdf-3.0. Also programs like tetex which have embedded versions of xpdf. These can result ...

USN-51-1: teTeX auxiliary script vulnerability

Javier Fernández-Sanguino Peña noticed that "xdvizilla", an auxiliary script to integrate DVI file viewing in Mozilla-based browsers, created temporary files and directories in an insecure manner. This could allow a symbolic link attack to create or overwrite arbitrary files with the privileges o...

USN-48-1: xpdf, tetex-bin vulnerabilities

A potential buffer overflow has been found in the xpdf viewer. An insufficient input validation could be exploited by an attacker providing a specially crafted PDF file which, when processed by xpdf, could result in abnormal program termination or the execution of attacker supplied program code...

CVE-2004-1336

The xdvizilla script in tetex-bin 2.0.2 creates temporary files with predictable file names, which allows local users to overwrite arbitrary files via a symlink attack...

CVE-2004-1125

Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin and kpdf in KDE 3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a crafted PD...