CVE-2010-0829
NONE EPSS 90.4%
Published May 7, 201016y ago · Modified Jun 16, 20262w ago
Published May 7, 2010 16y ago
Last Modified Jun 16, 2026 2w ago
Description
Multiple array index errors in set.c in dvipng 1.11 and 1.12, and teTeX, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed DVI file.
Threat Intelligence
EPSS Exploit Probability
90.4% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer Memory Safety
Affected Products 3
| Vendor | Product | Version | Range |
|---|---|---|---|
| jan-ake_larsson | dvipng | 1.11 | any |
| jan-ake_larsson | dvipng | 1.12 | any |
| tug | tetex | * | any |
References 9
- lists.fedoraproject.org http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041587.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
- secunia.com http://secunia.com/advisories/39914
- debian.org http://www.debian.org/security/2010/dsa-2048
- ubuntu.com http://www.ubuntu.com/usn/USN-936-1
- vupen.com http://www.vupen.com/english/advisories/2010/1219
- bugzilla.redhat.com https://bugzilla.redhat.com/show_bug.cgi?id=573999
- oval.cisecurity.org https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9718
Remediation
- bugzilla.redhat.com https://bugzilla.redhat.com/show_bug.cgi?id=573999