Lucene search

Veracode Vulnerability DatabaseVERACODE:24047

HistoryApr 10, 2020 - 12:44 a.m.

Arbitrary Code Execution

2020-04-1000:44:56

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.043 Low

EPSS

Percentile

92.3%

JSON

tetex is vulnerable to arbitrary code execution. The vulnerability exists through the way teTeX processed special commands when converting DVI files into PostScript. An attacker could create a malicious DVI file that would cause the dvips executable to crash.

CPENameOperatorVersion
tetexeq3.0__33.2.el5_1.2
tetexeq3.0__33.1.el5
tetexeq3.0__33.2.el5_1.2
tetexeq3.0__33.1.el5

Name	Operator	Version
tetex	eq	3.0__33.2.el5_1.2
tetex	eq	3.0__33.1.el5
tetex	eq	3.0__33.2.el5_1.2
tetex	eq	3.0__33.1.el5

References

lists.fedoraproject.org/pipermail/package-announce/2010-May/041573.html

lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html

lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html

security.gentoo.org/glsa/glsa-201206-28.xml

www.redhat.com/security/updates/classification/#moderate

www.ubuntu.com/usn/USN-937-1

access.redhat.com/errata/RHSA-2010:0399

access.redhat.com/errata/RHSA-2010:0400

access.redhat.com/errata/RHSA-2010:0401

access.redhat.com/security/cve/CVE-2010-1440

bugzilla.redhat.com/show_bug.cgi?id=586819

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10068

0.043 Low

EPSS

Percentile

92.3%

JSON

Related for VERACODE:24047