Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2005:354
HistoryApr 01, 2005 - 12:00 a.m.

(RHSA-2005:354) tetex security update

2005-04-0100:00:00
access.redhat.com
26

0.114 Low

EPSS

Percentile

95.3%

JSON

TeTeX is an implementation of TeX for Linux or UNIX systems. TeX takes
a text file and a set of formatting commands as input and creates a
typesetter-independent .dvi (DeVice Independent) file as output.

A number of security flaws have been found affecting libraries used
internally within teTeX. An attacker who has the ability to trick a user
into processing a malicious file with teTeX could cause teTeX to crash or
possibly execute arbitrary code.

A number of integer overflow bugs that affect Xpdf were discovered. The
teTeX package contains a copy of the Xpdf code used for parsing PDF files
and is therefore affected by these bugs. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the names CAN-2004-0888 and
CAN-2004-1125 to these issues.

A number of integer overflow bugs that affect libtiff were discovered. The
teTeX package contains an internal copy of libtiff used for parsing TIFF
image files and is therefore affected by these bugs. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the
names CAN-2004-0803, CAN-2004-0804 and CAN-2004-0886 to these issues.

Also latex2html is added to package tetex-latex for 64bit platforms.

Users of teTeX should upgrade to these updated packages, which contain
backported patches and are not vulnerable to these issues.

Related

nessus 68
centos 3
debian 9
osv 6
cert 4
gentoo 9
slackware 1
openvas 52
securityvulns 10
redhat 8
suse 2
freebsd 4
cve 4
ubuntucve 4
ubuntu 2
debiancve 5
nvd 4
cvelist 3
altlinux 1
nessus
nessus
RHEL 2.1 / 3 : tetex (RHSA-2005:354)
2005-04-02 00:00:00
CentOS 3 : tetex (CESA-2005:354)
2006-07-03 00:00:00
Mandrake Linux Security Advisory : libtiff (MDKSA-2004:109)
2004-10-20 00:00:00
centos
centos
tetex security update
2005-04-01 21:29:55
kdegraphics security update
2005-04-12 23:05:10
kdegraphics security update
2005-04-12 16:01:20
debian
debian
[SECURITY] [DSA 567-1] New libtiff packages fix remote code execution
2004-10-15 17:51:16
[SECURITY] [DSA 567-1] New libtiff packages fix remote code execution
2004-10-15 17:51:16
[SECURITY] [DSA 599-1] New tetex-bin packages fix arbitrary code execution
2004-11-25 14:48:24
osv
osv
tiff - heap overflows
2004-10-15 00:00:00
tetex-bin - integer overflows
2004-11-25 00:00:00
cupsys - integer overflows
2004-10-21 00:00:00
cert
cert
LibTIFF contains multiple integer overflows
2004-12-01 00:00:00
LibTIFF contains multiple heap-based buffer overflows
2004-12-01 00:00:00
LibTIFF vulnerable to denial-of-service condition
2004-12-01 00:00:00
gentoo
gentoo
kfax: Multiple overflows in the included TIFF library
2004-12-19 00:00:00
PDFlib: Multiple overflows in the included TIFF library
2004-12-05 00:00:00
teTeX, pTeX, CSTeX: Multiple vulnerabilities
2005-01-23 00:00:00
slackware
slackware
[slackware-security] libtiff
2004-11-01 08:00:50
openvas
openvas
Gentoo Security Advisory GLSA 200412-02 (PDFlib)
2008-09-24 00:00:00
Debian Security Advisory DSA 567-1 (tiff)
2008-01-17 00:00:00
Gentoo Security Advisory GLSA 200412-02 (PDFlib)
2008-09-24 00:00:00
securityvulns
securityvulns
KDE Security Advisory: kfax libtiff vulnerabilities
2004-12-10 00:00:00
[Full-Disclosure] [ GLSA 200412-02 ] PDFlib: Multiple overflows in the included TIFF library
2004-12-06 00:00:00
MDKSA-2004:111 - Updated wxGTK2 packages fix vulnerabilities
2004-10-22 00:00:00
redhat
redhat
(RHSA-2004:577) libtiff security update
2004-10-22 00:00:00
(RHSA-2005:021) kdegraphics security update
2005-04-12 00:00:00
(RHSA-2005:066) kdegraphics security update
2005-02-15 00:00:00
suse
suse
local privilege escalation in libtiff
2004-10-22 14:52:41
remote denial of service in kernel
2004-10-21 07:52:50
freebsd
freebsd
tiff -- multiple integer overflows
2004-10-13 00:00:00
tiff -- RLE decoder heap overflows
2004-10-13 00:00:00
xpdf -- buffer overflow vulnerability
2004-11-23 00:00:00
cve
cve
CVE-2004-0886
2005-01-27 05:00:00
CVE-2004-0803
2004-12-23 05:00:00
CVE-2004-1125
2005-01-10 05:00:00
ubuntucve
ubuntucve
CVE-2004-0886
2005-01-27 00:00:00
CVE-2004-0803
2004-12-23 00:00:00
CVE-2004-1125
2005-01-10 00:00:00
ubuntu
ubuntu
tetex-bin vulnerabilities
2004-10-28 00:00:00
xpdf, tetex-bin vulnerabilities
2004-12-23 00:00:00
debiancve
debiancve
CVE-2004-0886
2005-01-27 05:00:00
CVE-2004-0803
2004-12-23 05:00:00
CVE-2004-1125
2005-01-10 05:00:00
nvd
nvd
CVE-2004-0886
2005-01-27 05:00:00
CVE-2004-0803
2004-12-23 05:00:00
CVE-2004-1125
2005-01-10 05:00:00
cvelist
cvelist
CVE-2004-0886
2004-10-26 04:00:00
CVE-2004-0803
2004-10-26 04:00:00
CVE-2004-1125
2004-12-22 05:00:00
altlinux
altlinux
Security fix for the ALT Linux 5 package xpdf version 3.00-alt4pl2
2004-12-22 00:00:00

0.114 Low

EPSS

Percentile

95.3%

JSON
Related for RHSA-2005:354
nessus68centos3debian9osv6cert4gentoo9slackware1openvas52securityvulns10redhat8suse2freebsd4cve4ubuntucve4ubuntu2debiancve5nvd4cvelist3altlinux1