CVE-2010-0739
NONE EPSS 91.1%
Published Apr 16, 201016y ago · Modified Jun 16, 20262w ago
Published Apr 16, 2010 16y ago
Last Modified Jun 16, 2026 2w ago
Description
Integer overflow in the predospecial function in dospecial.c in dvips in (1) TeX Live and (2) teTeX might allow user-assisted remote attackers to execute arbitrary code via a crafted DVI file that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information.
Threat Intelligence
EPSS Exploit Probability
91.1% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available
Weaknesses 1
CWE-189
Affected Products 2
References 10
- git.frugalware.org http://git.frugalware.org/gitweb/gitweb.cgi?p=frugalware-stable.git%3Ba=blob%3Bf=source/xapps-extra/tetex/texlive-CVE-2010-0739-int-overflow.patch
- lists.fedoraproject.org http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041573.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
- secunia.com http://secunia.com/advisories/39390
- security.gentoo.org http://security.gentoo.org/glsa/glsa-201206-28.xml
- securityfocus.com http://www.securityfocus.com/bid/39500
- ubuntu.com http://www.ubuntu.com/usn/USN-937-1
- bugzilla.redhat.com https://bugzilla.redhat.com/show_bug.cgi?id=572941
- oval.cisecurity.org https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11468
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.