| Vigil@nce team describes computer vulnerabilities impacting your systems, and offers solutions to correct them. |
|
 |
|
|
|
vulnerability announce CVE-2010-0739 CVE-2010-0827 CVE-2010-0829
teTeX: several vulnerabilities of dvips and dvipng
Synthesis of the vulnerability
| An attacker can create a malicious DVI file and invite the victim to open it with teTeX tools, in order to create a denial of service and possibly to execute code. |
Severity: 2/4.
Creation date: 07/05/2010.
|
Description of the vulnerability
The teTeX suite contains tools to handle documents in TeX DVI format. The dvips command converts a DVI document to PostScript. The dvipng command converts a DVI document to PNG image. Several vulnerabilities impact these tools.
The predospecial() function of the texk/dvipsk/dospecial.c file does not check integer overflows, which corrupts the memory. [severity:2/4; 572941, CVE-2010-0739, >]
The virtualfont.c file does not check the font name size, which leads to a buffer overflow. [severity:2/4; 572914, BID-39971, CVE-2010-0827, >]
Several integer overflows of the dvipng command corrupt the memory. [severity:2/4; 573999, CVE-2010-0829, >]
The predospecial() and the bbdospecial() functions of the texk/dvipsk/dospecial.c file do not check integer overflows, which corrupts the memory. [severity:2/4; 586819, BID-39966, CVE-2010-1440, >]
An attacker can therefore create a malicious DVI file and invite the victim to open it with teTeX tools, in order to create a denial of service and possibly to execute code. |
Complete Vigil@nce bulletin
Characteristics
Title: teTeX: several vulnerabilities of dvips and dvipng.
Keywords: 572914 572941 573999 586819 DVI PNG PostScript TeX dvipng dvips several teTeX vulnerabilities.
Identifiers: 572914, 572941, 573999, 586819, BID-39966, BID-39971, CVE-2010-0739, CVE-2010-0827, CVE-2010-0829, CVE-2010-1440, DSA 2048-1, FEDORA-2010-8242, FEDORA-2010-8252, FEDORA-2010-8273, FEDORA-2010-8279, FEDORA-2010-8314, FEDORA-2010-8335, MDVSA-2010:094, MDVSA-2010:096, RHSA-2010:0399-01, RHSA-2010:0400-01, RHSA-2010:0401-01, SUSE-SR:2010:012, SUSE-SR:2010:013, VIGILANCE-VUL-9632.
|
Solutions for this vulnerability
Supplements
Vulnerability : CVE-2010-0739
The predospecial() function of the texk/dvipsk/dospecial.c file does not check integer overflows, which corrupts the memory.
Severity: 2/4.
Identifiers: 572941, CVE-2010-0739.
|
|
Vulnerability : CVE-2010-0827
The virtualfont.c file does not check the font name size, which leads to a buffer overflow.
Severity: 2/4.
Identifiers: 572914, BID-39971, CVE-2010-0827.
|
|
Vulnerability : CVE-2010-0829
Several integer overflows of the dvipng command corrupt the memory.
Severity: 2/4.
Identifiers: 573999, CVE-2010-0829.
|
|
Vulnerability : CVE-2010-1440
The predospecial() and the bbdospecial() functions of the texk/dvipsk/dospecial.c file do not check integer overflows, which corrupts the memory.
Severity: 2/4.
Identifiers: 586819, BID-39966, CVE-2010-1440.
|
|
Computer vulnerabilities tracking service
The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system.
The Vigil@nce vulnerability database contains several thousand vulnerabilities.
This bulletin is published by the Vigil@nce team, which tracks computer vulnerabilities impacting systems and applications.
Computer vulnerabilities tracking service
|
