1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
|
PublicDateAtUSN: 2010-04-20
Candidate: CVE-2010-0829
PublicDate: 2010-05-07
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0829
http://www.ubuntu.com/usn/usn-936-1
Description:
Multiple array index errors in set.c in dvipng 1.11 and 1.12, and teTeX,
allow remote attackers to cause a denial of service (application crash) or
possibly execute arbitrary code via a malformed DVI file.
Ubuntu-Description:
Notes:
Bugs:
https://bugs.launchpad.net/ubuntu/+source/texlive-bin/+bug/537638
Priority: medium
Discovered-by: Dan Rosenberg
Assigned-to:
Patches_dvipng:
upstream_dvipng: needed
dapper_dvipng: ignored (reached end-of-life)
hardy_dvipng: ignored (reached end-of-life)
intrepid_dvipng: needed
jaunty_dvipng: released (1.11-1ubuntu0.9.04.1)
karmic_dvipng: released (1.11-1ubuntu0.9.10.1)
lucid_dvipng: released (1.12-3ubuntu0.1)
maverick_dvipng: not-affected (1.13-1)
natty_dvipng: not-affected (1.13-1)
oneiric_dvipng: not-affected (1.13-1)
devel_dvipng: not-affected (1.13-1)
|