Lucene search
K

4 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:59 a.m.4 views

SUSE CVE-2010-1440

Multiple integer overflows in dvipsk/dospecial.c in dvips in TeX Live 2009 and earlier, and teTeX, allow remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a special command in a DVI file, related to the 1 predospecial and 2 bbdospecial function...

6.8CVSS8.2AI score0.0343EPSS
Exploits1References5
seebug.org
seebug.org
added 2010/05/12 12:0 a.m.31 views

Tex Live bbdospecial()函数整数溢出漏洞

BUGTRAQ ID: 39966 CVECAN ID: CVE-2010-1440 TeX Live是用于创建TeX排版系统的工具。 TeX Live的dospecial.c文件中的bbdospecial函数中存在最终可导致堆溢出的整数溢出漏洞。用户受骗打开了畸形的.dvi文件就可以触发这个溢出,导致执行任意代码。 TeX Live 2009 TeX Live 2008 TeX Live 2007 厂商补丁: RedHat ------ RedHat已经为此发布了一个安全公告(RHSA-2010:0401-01)以及相应补丁: RHSA-2010:0401-01:Moderate:...

6.8CVSS0.3AI score0.0343EPSS
Exploits1
Prion
Prion
added 2010/05/07 6:24 p.m.16 views

Integer overflow

Integer overflow in dvips in TeX Live 2009 and earlier, and teTeX, allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted virtual font VF file associated with a DVI file...

6.8CVSS8.5AI score0.04439EPSS
Exploits0References10Affected Software1
RedHat Linux
RedHat Linux
added 2010/05/06 7:5 p.m.5 views

texlive: Buffer overflow flaw by processing virtual font files

Integer overflow in dvips in TeX Live 2009 and earlier, and teTeX, allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted virtual font VF file associated with a DVI file...

6.8CVSS6.3AI score0.04439EPSS
Exploits0References4
Rows per page
Query Builder