Executive Summary
Summary | |
---|---|
Title | dvipng vulnerability |
Informations | |||
---|---|---|---|
Name | USN-936-1 | First vendor Publication | 2010-05-06 |
Vendor | Ubuntu | Last vendor Modification | 2010-05-06 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:N/I:N/A:P) | |||
---|---|---|---|
Cvss Base Score | 4.3 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A security issue affects the following Ubuntu releases: Ubuntu 9.04 Ubuntu 9.10 Ubuntu 10.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 9.04: Ubuntu 9.10: Ubuntu 10.04 LTS: In general, a standard system update will make all the necessary changes. Details follow: Dan Rosenberg discovered that dvipng incorrectly handled certain malformed dvi files. If a user or automated system were tricked into processing a specially crafted dvi file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. |
Original Source
Url : http://www.ubuntu.com/usn/USN-936-1 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:11582 | |||
Oval ID: | oval:org.mitre.oval:def:11582 | ||
Title: | DSA-2048 dvipng -- buffer overflow | ||
Description: | Dan Rosenberg discovered that in dvipng, a utility that converts DVI files to PNG graphics, several array index errors allow context-dependent attackers, via a specially crafted DVI file, to cause a denial of service, and possibly arbitrary code execution. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2048 CVE-2010-0829 | Version: | 5 |
Platform(s): | Debian GNU/Linux 5.0 | Product(s): | dvipng |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:13292 | |||
Oval ID: | oval:org.mitre.oval:def:13292 | ||
Title: | USN-936-1 -- dvipng vulnerability | ||
Description: | Dan Rosenberg discovered that dvipng incorrectly handled certain malformed dvi files. If a user or automated system were tricked into processing a specially crafted dvi file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-936-1 CVE-2010-0829 | Version: | 5 |
Platform(s): | Ubuntu 10.04 Ubuntu 9.04 Ubuntu 9.10 | Product(s): | dvipng |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9718 | |||
Oval ID: | oval:org.mitre.oval:def:9718 | ||
Title: | Multiple array index errors in set.c in dvipng 1.11 and 1.12, and teTeX, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed DVI file. | ||
Description: | Multiple array index errors in set.c in dvipng 1.11 and 1.12, and teTeX, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed DVI file. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2010-0829 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 2 | |
Application | 1 |
OpenVAS Exploits
Date | Description |
---|---|
2011-08-09 | Name : CentOS Update for tetex CESA-2010:0400 centos5 i386 File : nvt/gb_CESA-2010_0400_tetex_centos5_i386.nasl |
2010-06-03 | Name : Debian Security Advisory DSA 2048-1 (dvipng) File : nvt/deb_2048_1.nasl |
2010-05-28 | Name : Fedora Update for texlive FEDORA-2010-8242 File : nvt/gb_fedora_2010_8242_texlive_fc12.nasl |
2010-05-28 | Name : Fedora Update for dvipng FEDORA-2010-8252 File : nvt/gb_fedora_2010_8252_dvipng_fc12.nasl |
2010-05-28 | Name : Fedora Update for texlive FEDORA-2010-8273 File : nvt/gb_fedora_2010_8273_texlive_fc11.nasl |
2010-05-28 | Name : Fedora Update for dvipng FEDORA-2010-8279 File : nvt/gb_fedora_2010_8279_dvipng_fc11.nasl |
2010-05-17 | Name : Mandriva Update for tetex MDVSA-2010:094 (tetex) File : nvt/gb_mandriva_MDVSA_2010_094.nasl |
2010-05-07 | Name : RedHat Update for tetex RHSA-2010:0400-01 File : nvt/gb_RHSA-2010_0400-01_tetex.nasl |
2010-05-07 | Name : Ubuntu Update for dvipng vulnerability USN-936-1 File : nvt/gb_ubuntu_USN_936_1.nasl |
2010-03-12 | Name : Mandriva Update for nufw MDVA-2010:094 (nufw) File : nvt/gb_mandriva_MDVA_2010_094.nasl |
2010-03-12 | Name : Mandriva Update for mmc-wizard MDVA-2010:096 (mmc-wizard) File : nvt/gb_mandriva_MDVA_2010_096.nasl |
2010-03-12 | Name : Mandriva Update for mmc-wizard MDVA-2010:096-1 (mmc-wizard) File : nvt/gb_mandriva_MDVA_2010_096_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
64475 | Tex Live dvipng set.c Utility Array Indexing Error Memory Corruption A memory corruption flaw exists in dvipng. The "SetChar" function fails to sanitize user-supplied input when the creator of a dvi file makes it index beyond the end of the array, resulting in memory corruption. With a specially crafted file, a local attacker can execute arbitrary code. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-12-15 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201412-08.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2010-0400.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20100506_tetex_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2011-01-27 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_te_ams-7020.nasl - Type : ACT_GATHER_INFO |
2010-12-02 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_texlive-100504.nasl - Type : ACT_GATHER_INFO |
2010-07-01 | Name : The remote Fedora host is missing a security update. File : fedora_2010-8252.nasl - Type : ACT_GATHER_INFO |
2010-07-01 | Name : The remote Fedora host is missing a security update. File : fedora_2010-8279.nasl - Type : ACT_GATHER_INFO |
2010-07-01 | Name : The remote Fedora host is missing a security update. File : fedora_2010-8335.nasl - Type : ACT_GATHER_INFO |
2010-06-01 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2010-0400.nasl - Type : ACT_GATHER_INFO |
2010-05-25 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2048.nasl - Type : ACT_GATHER_INFO |
2010-05-15 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_texlive-100503.nasl - Type : ACT_GATHER_INFO |
2010-05-15 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_texlive-100503.nasl - Type : ACT_GATHER_INFO |
2010-05-15 | Name : The remote openSUSE host is missing a security update. File : suse_11_2_texlive-100504.nasl - Type : ACT_GATHER_INFO |
2010-05-13 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2010-094.nasl - Type : ACT_GATHER_INFO |
2010-05-11 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0400.nasl - Type : ACT_GATHER_INFO |
2010-05-07 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-936-1.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 12:06:48 |
|