Download
| Alert*
oval:org.secpod.oval:def:1601373
An issue was discovered in t1_check_unusual_charstring functions in writet1.c files in TeX Live before 2018-09-21. A buffer overflow in the handling of Type 1 fonts allows arbitrary code execution when a malicious font is loaded by one of the vulnerable tools: pdflatex, pdftex, dvips, or luatex oval:org.secpod.oval:def:704346 texlive-bin: TeX Live: path search library for TeX Several security issues were fixed in Tex Live. oval:org.secpod.oval:def:51142 texlive-bin: TeX Live: path search library for TeX Several security issues were fixed in Tex Live. oval:org.secpod.oval:def:503618 The texlive packages contain TeXLive, an implementation of TeX for Linux or UNIX systems. Security Fix: * texlive: Buffer overflow in t1_check_unusual_charstring function in writet1.c For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related i ... oval:org.secpod.oval:def:89003234 This update for texlive fixes the following issue: - CVE-2018-17407: Prevent buffer overflow when handling of Type 1 fonts allowed arbitrary code execution when a malicious font was loaded by one of the vulnerable tools: pdflatex, pdftex, dvips, or luatex oval:org.secpod.oval:def:70435 texlive-bin: TeX Live: path search library for TeX Several security issues were fixed in Tex Live. oval:org.secpod.oval:def:89002434 This update for texlive fixes the following issue: - CVE-2018-17407: Prevent buffer overflow when handling of Type 1 fonts allowed arbitrary code execution when a malicious font was loaded by one of the vulnerable tools: pdflatex, pdftex, dvips, or luatex oval:org.secpod.oval:def:70428 texlive-bin: TeX Live: path search library for TeX Several security issues were fixed in Tex Live. oval:org.secpod.oval:def:704362 texlive-bin: TeX Live: path search library for TeX Details: USN-3788-1 fixed vulnerabilities in Tex Live. This update provides the corresponding update for Ubuntu 18.10 Original advisory Several security issues were fixed in Tex Live. oval:org.secpod.oval:def:603524 Nick Roessler from the University of Pennsylvania has found a buffer overflow in texlive-bin, the executables for TexLive, the popular distribution of TeX document production system. This buffer overflow can be used for arbitrary code execution by crafting a special type1 font and provide it to use ... oval:org.secpod.oval:def:1700517 An issue was discovered in t1_check_unusual_charstring functions in writet1.c files in TeX Live before 2018-09-21. A buffer overflow in the handling of Type 1 fonts allows arbitrary code execution when a malicious font is loaded by one of the vulnerable tools: pdflatex, pdftex, dvips, or luatex oval:org.secpod.oval:def:205490 The texlive packages contain TeXLive, an implementation of TeX for Linux or UNIX systems. Security Fix: * texlive: Buffer overflow in t1_check_unusual_charstring function in writet1.c For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related i ... oval:org.secpod.oval:def:89049749 This update for texlive fixes the following issue: - CVE-2018-17407: Prevent buffer overflow when handling of Type 1 fonts allowed arbitrary code execution when a malicious font was loaded by one of the vulnerable tools: pdflatex, pdftex, dvips, or luatex . oval:org.secpod.oval:def:1504411 [2:2012-45.20130427_r30134] - Related: #1650521, buffer overflow in t1_check_unusual_charstring function [2:2012-44.20130427_r30134] - Resolves: #1650521, buffer overflow in t1_check_unusual_charstring function |