CVE-2010-0827
NONE EPSS 90.2%
Published May 7, 201016y ago · Modified Jun 16, 20262w ago
Published May 7, 2010 16y ago
Last Modified Jun 16, 2026 2w ago
Description
Integer overflow in dvips in TeX Live 2009 and earlier, and teTeX, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted virtual font (VF) file associated with a DVI file.
Threat Intelligence
EPSS Exploit Probability
90.2% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available
Weaknesses 1
CWE-189
Affected Products 13
References 10
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
- security-tracker.debian.org http://security-tracker.debian.org/tracker/CVE-2010-0827
- security.gentoo.org http://security.gentoo.org/glsa/glsa-201206-28.xml
- securityfocus.com http://www.securityfocus.com/bid/39971
- tug.org http://www.tug.org/svn/texlive/trunk/Build/source/texk/dvipsk/ChangeLog?r1=18009&r2=18095
- tug.org http://www.tug.org/svn/texlive/trunk/Build/source/texk/dvipsk/ChangeLog?view=log
- ubuntu.com http://www.ubuntu.com/usn/USN-937-1
- bugzilla.redhat.com https://bugzilla.redhat.com/show_bug.cgi?id=572914
- oval.cisecurity.org https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10052
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.