CVE-2010-1440

描述

Multiple integer overflows in dvipsk/dospecial.c in dvips in TeX Live 2009 and earlier, and teTeX, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a special command in a DVI file, related to the (1) predospecial and (2) bbdospecial functions, a different vulnerability than CVE-2010-0739.

受影響套件(1)

• Debian/texlive-binfrom 0, < 2009-6

參考連結(1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2010-1440