CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
EPSS
Percentile
91.6%
Multiple array index errors in set.c in dvipng 1.11 and 1.12, and teTeX, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed DVI file.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | dvipng | <ย 1.13-1 | dvipng_1.13-1_all.deb |
Debian | 11 | all | dvipng | <ย 1.13-1 | dvipng_1.13-1_all.deb |
Debian | 999 | all | dvipng | <ย 1.13-1 | dvipng_1.13-1_all.deb |
Debian | 13 | all | dvipng | <ย 1.13-1 | dvipng_1.13-1_all.deb |
Debian | 12 | all | texlive-bin | <ย 2022.20220321.62855-5.1+deb12u1 | texlive-bin_2022.20220321.62855-5.1+deb12u1_all.deb |
Debian | 11 | all | texlive-bin | <ย 2020.20200327.54578-7+deb11u1 | texlive-bin_2020.20200327.54578-7+deb11u1_all.deb |
Debian | 999 | all | texlive-bin | <ย 2024.20240313.70630+ds-4 | texlive-bin_2024.20240313.70630+ds-4_all.deb |
Debian | 13 | all | texlive-bin | <ย 2024.20240313.70630+ds-4 | texlive-bin_2024.20240313.70630+ds-4_all.deb |