CVE-2010-0829

EPSS 5.0%

dvipng - arbitrary code execution

Published: 5/7/2010Modified: 4/28/2026

Description

Multiple array index errors in set.c in dvipng 1.11 and 1.12, and teTeX, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed DVI file.

Affected packages (2)

Debian/dvipngfrom 0, < 1.13-1
Debian/dvipngfrom 0, < 1.11-1+lenny1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2010-0829