This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Tug First view 2010-04-16
Product Tetex Last view 2010-05-07
Version * Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:tug:tetex

Activity : Overall

Related : CVE

  Date Alert Description
6.8 2010-05-07 CVE-2010-1440

Multiple integer overflows in dvipsk/dospecial.c in dvips in TeX Live 2009 and earlier, and teTeX, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a special command in a DVI file, related to the (1) predospecial and (2) bbdospecial functions, a different vulnerability than CVE-2010-0739.

4.3 2010-05-07 CVE-2010-0829

Multiple array index errors in set.c in dvipng 1.11 and 1.12, and teTeX, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed DVI file.

6.8 2010-05-07 CVE-2010-0827

Integer overflow in dvips in TeX Live 2009 and earlier, and teTeX, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted virtual font (VF) file associated with a DVI file.

6.8 2010-04-16 CVE-2010-0739

Integer overflow in the predospecial function in dospecial.c in dvips in (1) TeX Live and (2) teTeX might allow user-assisted remote attackers to execute arbitrary code via a crafted DVI file that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information.

CWE : Common Weakness Enumeration

%idName
75% (3) CWE-189 Numeric Errors
25% (1) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

Open Source Vulnerability Database (OSVDB)

id Description
64475 Tex Live dvipng set.c Utility Array Indexing Error Memory Corruption
64389 Tex Live Unspecified DVI File Handling Issue
64388 Tex Live dospecial.c bbdospecial() Function DVI File Handling Overflow
63808 Tex Live dospecial.c predospecial() Function DVI File Handling Overflow

OpenVAS Exploits

id Description
2012-08-10 Name : Gentoo Security Advisory GLSA 201206-28 (TeX Live)
File : nvt/glsa_201206_28.nasl
2011-08-09 Name : CentOS Update for tetex CESA-2010:0400 centos5 i386
File : nvt/gb_CESA-2010_0400_tetex_centos5_i386.nasl
2010-06-03 Name : Debian Security Advisory DSA 2048-1 (dvipng)
File : nvt/deb_2048_1.nasl
2010-05-28 Name : Fedora Update for texlive FEDORA-2010-8273
File : nvt/gb_fedora_2010_8273_texlive_fc11.nasl
2010-05-28 Name : Fedora Update for dvipng FEDORA-2010-8279
File : nvt/gb_fedora_2010_8279_dvipng_fc11.nasl
2010-05-28 Name : Fedora Update for dvipng FEDORA-2010-8252
File : nvt/gb_fedora_2010_8252_dvipng_fc12.nasl
2010-05-28 Name : Fedora Update for texlive FEDORA-2010-8242
File : nvt/gb_fedora_2010_8242_texlive_fc12.nasl
2010-05-17 Name : CentOS Update for tetex CESA-2010:0401 centos3 i386
File : nvt/gb_CESA-2010_0401_tetex_centos3_i386.nasl
2010-05-17 Name : Mandriva Update for tetex MDVSA-2010:094 (tetex)
File : nvt/gb_mandriva_MDVSA_2010_094.nasl
2010-05-17 Name : CentOS Update for tetex CESA-2010:0399 centos4 i386
File : nvt/gb_CESA-2010_0399_tetex_centos4_i386.nasl
2010-05-07 Name : RedHat Update for tetex RHSA-2010:0401-01
File : nvt/gb_RHSA-2010_0401-01_tetex.nasl
2010-05-07 Name : RedHat Update for tetex RHSA-2010:0400-01
File : nvt/gb_RHSA-2010_0400-01_tetex.nasl
2010-05-07 Name : RedHat Update for tetex RHSA-2010:0399-01
File : nvt/gb_RHSA-2010_0399-01_tetex.nasl
2010-05-07 Name : Ubuntu Update for dvipng vulnerability USN-936-1
File : nvt/gb_ubuntu_USN_936_1.nasl
2010-05-07 Name : Ubuntu Update for texlive-bin vulnerabilities USN-937-1
File : nvt/gb_ubuntu_USN_937_1.nasl
2010-03-12 Name : Mandriva Update for nufw MDVA-2010:094 (nufw)
File : nvt/gb_mandriva_MDVA_2010_094.nasl
2010-03-12 Name : Mandriva Update for mmc-wizard MDVA-2010:096 (mmc-wizard)
File : nvt/gb_mandriva_MDVA_2010_096.nasl
2010-03-12 Name : Mandriva Update for mmc-wizard MDVA-2010:096-1 (mmc-wizard)
File : nvt/gb_mandriva_MDVA_2010_096_1.nasl

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2014-12-15 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201412-08.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2010-0401.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2010-0400.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2010-0399.nasl - Type: ACT_GATHER_INFO
2012-08-01 Name: The remote Scientific Linux host is missing one or more security updates.
File: sl_20100506_tetex_on_SL5_x.nasl - Type: ACT_GATHER_INFO
2012-08-01 Name: The remote Scientific Linux host is missing one or more security updates.
File: sl_20100506_tetex_on_SL4_x.nasl - Type: ACT_GATHER_INFO
2012-08-01 Name: The remote Scientific Linux host is missing one or more security updates.
File: sl_20100506_tetex_on_SL3_x.nasl - Type: ACT_GATHER_INFO
2012-06-26 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201206-28.nasl - Type: ACT_GATHER_INFO
2011-01-27 Name: The remote SuSE 10 host is missing a security-related patch.
File: suse_te_ams-7020.nasl - Type: ACT_GATHER_INFO
2010-12-02 Name: The remote SuSE 11 host is missing one or more security updates.
File: suse_11_texlive-100504.nasl - Type: ACT_GATHER_INFO
2010-07-01 Name: The remote Fedora host is missing a security update.
File: fedora_2010-8252.nasl - Type: ACT_GATHER_INFO
2010-07-01 Name: The remote Fedora host is missing a security update.
File: fedora_2010-8273.nasl - Type: ACT_GATHER_INFO
2010-07-01 Name: The remote Fedora host is missing a security update.
File: fedora_2010-8279.nasl - Type: ACT_GATHER_INFO
2010-07-01 Name: The remote Fedora host is missing a security update.
File: fedora_2010-8314.nasl - Type: ACT_GATHER_INFO
2010-07-01 Name: The remote Fedora host is missing a security update.
File: fedora_2010-8335.nasl - Type: ACT_GATHER_INFO
2010-07-01 Name: The remote Fedora host is missing a security update.
File: fedora_2010-8242.nasl - Type: ACT_GATHER_INFO
2010-06-01 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2010-0400.nasl - Type: ACT_GATHER_INFO
2010-05-25 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-2048.nasl - Type: ACT_GATHER_INFO
2010-05-15 Name: The remote openSUSE host is missing a security update.
File: suse_11_0_texlive-100503.nasl - Type: ACT_GATHER_INFO
2010-05-15 Name: The remote openSUSE host is missing a security update.
File: suse_11_1_texlive-100503.nasl - Type: ACT_GATHER_INFO
2010-05-15 Name: The remote openSUSE host is missing a security update.
File: suse_11_2_texlive-100504.nasl - Type: ACT_GATHER_INFO
2010-05-13 Name: The remote Mandriva Linux host is missing one or more security updates.
File: mandriva_MDVSA-2010-094.nasl - Type: ACT_GATHER_INFO
2010-05-11 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2010-0401.nasl - Type: ACT_GATHER_INFO
2010-05-11 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2010-0400.nasl - Type: ACT_GATHER_INFO
2010-05-11 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2010-0399.nasl - Type: ACT_GATHER_INFO