Lucene search

Veracode Vulnerability DatabaseVERACODE:22843

HistoryApr 01, 2020 - 12:37 a.m.

Arbitrary Code Execution

2020-04-0100:37:56

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.002 Low

EPSS

Percentile

61.4%

JSON

texlive is vulnerable to arbitrary code execution. A buffer overflow in t1_check_unusual_charstring function in writet1.c allows an attacker to execute arbitrary code on the system.

CPENameOperatorVersion
texliveeq2012__43.20130427_r30134.el7
texliveeq2012__43.20130427_r30134.el7

CPE	Name	Operator	Version
	texlive	eq	2012__43.20130427_r30134.el7
	texlive	eq	2012__43.20130427_r30134.el7

References

access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.8_release_notes/index

access.redhat.com/errata/RHSA-2020:1036

access.redhat.com/security/updates/classification/#moderate

github.com/TeX-Live/texlive-source/commit/6ed0077520e2b0da1fd060c7f88db7b2e6068e4c

lists.debian.org/debian-security-announce/2018/msg00230.html

usn.ubuntu.com/3788-1/

usn.ubuntu.com/3788-2/

www.debian.org/security/2018/dsa-4299

0.002 Low

EPSS

Percentile

61.4%

JSON

Related for VERACODE:22843