CVE-2010-1440

Published May 7, 2010

Last updated 2 years ago

Overview

Description: Multiple integer overflows in dvipsk/dospecial.c in dvips in TeX Live 2009 and earlier, and teTeX, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a special command in a DVI file, related to the (1) predospecial and (2) bbdospecial functions, a different vulnerability than CVE-2010-0739.
Source: secalert@redhat.com
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 6.8
Impact score: 6.4
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-189

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:tug:tetex:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0EA161A0-1486-4209-8463-448ABE2576D4"
          },
          {
            "criteria": "cpe:2.3:a:tug:tex_live:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "388E0684-BFD7-4A30-8AC2-42EDC85955BB",
            "versionEndIncluding": "2009"
          },
          {
            "criteria": "cpe:2.3:a:tug:tex_live:1996:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1886321C-ACDD-476E-8311-6B82E15ADE30"
          },
          {
            "criteria": "cpe:2.3:a:tug:tex_live:1998:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D36BA107-EC67-4834-8018-3EAA5392A256"
          },
          {
            "criteria": "cpe:2.3:a:tug:tex_live:1999:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D2C238BF-91CF-46E5-97AA-6A53280C26D1"
          },
          {
            "criteria": "cpe:2.3:a:tug:tex_live:2000:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "053D41D8-701B-4822-9022-759D8EBA5A96"
          },
          {
            "criteria": "cpe:2.3:a:tug:tex_live:2001:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C283B085-0A4B-43F2-B308-68D317E5648C"
          },
          {
            "criteria": "cpe:2.3:a:tug:tex_live:2002:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "18EA31BF-D186-400D-895D-773E6382B03A"
          },
          {
            "criteria": "cpe:2.3:a:tug:tex_live:2003:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0B1936F4-CC35-45BE-9EDC-698B64C5E2F7"
          },
          {
            "criteria": "cpe:2.3:a:tug:tex_live:2004:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "41E85464-9235-4633-AFCA-5A7359439572"
          },
          {
            "criteria": "cpe:2.3:a:tug:tex_live:2005:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "18CE2C23-2A1E-41BB-A8BF-5E151B7BF45F"
          },
          {
            "criteria": "cpe:2.3:a:tug:tex_live:2007:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "87B6A525-428C-4A0C-994A-DE95B138A437"
          },
          {
            "criteria": "cpe:2.3:a:tug:tex_live:2008:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4D24333B-8305-4EEA-8DA5-240E773EF5FD"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References