CVE-2010-0829
published 2010-05-07CVE-2010-0829: Multiple array index errors in set.c in dvipng 1.11 and 1.12, and teTeX, allow remote attackers to cause a denial of service (application crash) or possibly…
PriorityP424medium4.3CVSS 2.0
AVNACMAuNCNINAP
EPSS
4.54%
90.4th percentile
Multiple array index errors in set.c in dvipng 1.11 and 1.12, and teTeX, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed DVI file.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | dvipng | < dvipng 1.13-1 (bookworm) | dvipng 1.13-1 (bookworm) |
| debian | texlive-bin | < dvipng 1.13-1 (bookworm) | dvipng 1.13-1 (bookworm) |
| jan-ake_larsson | dvipng | — | — |
| jan-ake_larsson | dvipng | — | — |
| jan-ake_larsson | dvipng | >= 0 < 1.13-1 | 1.13-1 |
| jan-ake_larsson | dvipng | >= 0 < 1.13-1 | 1.13-1 |
| jan-ake_larsson | dvipng | >= 0 < 1.13-1 | 1.13-1 |
| jan-ake_larsson | dvipng | >= 0 < 1.13-1 | 1.13-1 |
CVSS provenance
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:N/A:P
osv4.3MEDIUM
vendor_debian4.3LOW
vendor_redhat4.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
dvipng vulnerability
vendor_ubuntu·2010-05-06
CVE-2010-0829 dvipng vulnerability
Title: dvipng vulnerability
Summary: dvipng vulnerability
Dan Rosenberg discovered that dvipng incorrectly handled certain malformed
dvi files. If a user or automated system were tricked into processing a
specially crafted dvi file, an attacker could cause a denial of service via
application crash, or possibly execute arbitrary code with the privileges
of the user invoking the program.
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
dvipng: Multiple array index errors during DVI-to-PNG translation
vendor_redhat·2010-03-25·CVSS 4.3
CVE-2010-0829 [MEDIUM] dvipng: Multiple array index errors during DVI-to-PNG translation
dvipng: Multiple array index errors during DVI-to-PNG translation
Multiple array index errors in set.c in dvipng 1.11 and 1.12, and teTeX, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed DVI file.
Debian
CVE-2010-0829: dvipng - Multiple array index errors in set.c in dvipng 1.11 and 1.12, and teTeX, allow r...
vendor_debian·2010·CVSS 4.3
CVE-2010-0829 [MEDIUM] CVE-2010-0829: dvipng - Multiple array index errors in set.c in dvipng 1.11 and 1.12, and teTeX, allow r...
Multiple array index errors in set.c in dvipng 1.11 and 1.12, and teTeX, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed DVI file.
Scope: local
bookworm: resolved (fixed in 1.13-1)
bullseye: resolved (fixed in 1.13-1)
forky: resolved (fixed in 1.13-1)
sid: resolved (fixed in 1.13-1)
trixie: resolved (fixed in 1.13-1)
GHSA
GHSA-838g-ff3f-wpf6: Multiple array index errors in set
ghsa_unreviewed·2022-05-02
CVE-2010-0829 [MEDIUM] CWE-119 GHSA-838g-ff3f-wpf6: Multiple array index errors in set
Multiple array index errors in set.c in dvipng 1.11 and 1.12, and teTeX, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed DVI file.
OSV
CVE-2010-0829: Multiple array index errors in set
osv·2010-05-07·CVSS 4.3
CVE-2010-0829 [MEDIUM] CVE-2010-0829: Multiple array index errors in set
Multiple array index errors in set.c in dvipng 1.11 and 1.12, and teTeX, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed DVI file.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2010-0829 tetex, dvipng: Multiple array index errors during DVI-to-PNG translation [Fedora all]
bugzilla·2010-05-06·CVSS 4.3
CVE-2010-0829 [MEDIUM] CVE-2010-0829 tetex, dvipng: Multiple array index errors during DVI-to-PNG translation [Fedora all]
CVE-2010-0829 tetex, dvipng: Multiple array index errors during DVI-to-PNG translation [Fedora all]
This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected Fedora versions.
For comments that are specific to the vulnerability please use bugs filed against "Security Response" product referenced in "Blocks" field.
bug #573999:
CVE-2010-0829 tetex, dvipng: Multiple array index errors during DVI-to-PNG translation
When creating a Bodhi update request, please include the bug IDs of the respective parent bugs filed against the "Security Response" product. Please mention CVE ids in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.org/updates/new/?type_=security&bugs=57399
Bugzilla
CVE-2010-0829 tetex, dvipng: Multiple array index errors during DVI-to-PNG translation
bugzilla·2010-03-16·CVSS 4.3
CVE-2010-0829 [MEDIUM] CVE-2010-0829 tetex, dvipng: Multiple array index errors during DVI-to-PNG translation
CVE-2010-0829 tetex, dvipng: Multiple array index errors during DVI-to-PNG translation
Dan Rosenberg reported multiple instances of an array index
error in the way TeX text formatting system translated
typesetter-independent .dvi (DeVice Independent) files into
their Portable Network Graphics (PNG) alternatives. If a user
was tricked into translation of a specially-crafted DVI file(s)
into its PNG equivalent(s), it could lead to dvipng executable crash.
Discussion:
These issues did NOT affect the versions of the tetex package,
as shipped with Red Hat Enterprise Linux 3 and 4.
These issues affect the version of the tetex package, as shipped
with Red Hat Enterprise Linux 5.
These issues affect the versions of the dvipng package, as shipped
with Fedora release of 11 and 12.
---
Created
http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041587.htmlhttp://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.htmlhttp://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.htmlhttp://secunia.com/advisories/39914http://www.debian.org/security/2010/dsa-2048http://www.ubuntu.com/usn/USN-936-1http://www.vupen.com/english/advisories/2010/1219https://bugzilla.redhat.com/show_bug.cgi?id=573999https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9718http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041587.htmlhttp://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.htmlhttp://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.htmlhttp://secunia.com/advisories/39914http://www.debian.org/security/2010/dsa-2048http://www.ubuntu.com/usn/USN-936-1http://www.vupen.com/english/advisories/2010/1219https://bugzilla.redhat.com/show_bug.cgi?id=573999https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9718
2010-05-07
Published