Lucene search

[email protected]NVD:CVE-2010-0827

HistoryMay 07, 2010 - 6:24 p.m.

CVE-2010-0827

2010-05-0718:24:15

CWE-189

[email protected]

web.nvd.nist.gov

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

High

0.048 Low

EPSS

Percentile

92.7%

JSON

Integer overflow in dvips in TeX Live 2009 and earlier, and teTeX, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted virtual font (VF) file associated with a DVI file.

Affected configurations

NVD

Node

tugtex_liveRange≤2009

tugtex_liveMatch1996

tugtex_liveMatch1998

tugtex_liveMatch1999

tugtex_liveMatch2000

tugtex_liveMatch2001

tugtex_liveMatch2002

tugtex_liveMatch2003

tugtex_liveMatch2004

tugtex_liveMatch2005

tugtex_liveMatch2007

tugtex_liveMatch2008

Node

tugtetex

References

lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html

lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html

security-tracker.debian.org/tracker/CVE-2010-0827

security.gentoo.org/glsa/glsa-201206-28.xml

www.securityfocus.com/bid/39971

www.tug.org/svn/texlive/trunk/Build/source/texk/dvipsk/ChangeLog?r1=18009&r2=18095

www.tug.org/svn/texlive/trunk/Build/source/texk/dvipsk/ChangeLog?view=log

www.ubuntu.com/usn/USN-937-1

bugzilla.redhat.com/show_bug.cgi?id=572914

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10052

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

High

0.048 Low

EPSS

Percentile

92.7%

JSON

Related for NVD:CVE-2010-0827

cve1 ubuntucve1 debiancve1 prion1 cvelist1 nessus16 ubuntu1 openvas20 securityvulns2 gentoo1 redhat2 centos2 oraclelinux2