Vulnerabilities > TUG > Tetex

DATE CVE VULNERABILITY TITLE RISK
2011-01-07 CVE-2010-2642 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
Heap-based buffer overflow in the AFM font parser in the dvi-backend component in Evince 2.32 and earlier, teTeX 3.0, t1lib 5.1.2, and possibly other products allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer.
network
high complexity
redhat t1lib tug CWE-119
7.6
2010-05-07 CVE-2010-0829 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
Multiple array index errors in set.c in dvipng 1.11 and 1.12, and teTeX, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed DVI file.
4.3
2010-05-07 CVE-2010-0827 Numeric Errors vulnerability in TUG Tetex and TEX Live
Integer overflow in dvips in TeX Live 2009 and earlier, and teTeX, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted virtual font (VF) file associated with a DVI file.
network
tug CWE-189
6.8