CVE-2010-1440

NONE EPSS 87.5%
Published May 7, 201016y ago · Modified Jun 16, 20262w ago
Find Similar
Published May 7, 2010 16y ago
Last Modified Jun 16, 2026 2w ago

Description

Multiple integer overflows in dvipsk/dospecial.c in dvips in TeX Live 2009 and earlier, and teTeX, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a special command in a DVI file, related to the (1) predospecial and (2) bbdospecial functions, a different vulnerability than CVE-2010-0739.

Threat Intelligence

EPSS Exploit Probability
87.5% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-189

Affected Products 13

VendorProductVersionRange
tugtetex*any
tugtex_live* ≤2009
tugtex_live1996any
tugtex_live1998any
tugtex_live1999any
tugtex_live2000any
tugtex_live2001any
tugtex_live2002any
tugtex_live2003any
tugtex_live2004any
tugtex_live2005any
tugtex_live2007any
tugtex_live2008any

References 7

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.