Oval Definition:	oval:com.ubuntu.xenial:def:201817407000
Revision Date: 2018-09-23 Version: 1 Title: CVE-2018-17407 on Ubuntu 16.04 LTS (xenial) - medium. Description: An issue was discovered in t1_check_unusual_charstring functions in writet1.c files in TeX Live before 2018-09-21. A buffer overflow in the handling of Type 1 fonts allows arbitrary code execution when a malicious font is loaded by one of the vulnerable tools: pdflatex, pdftex, dvips, or luatex. Family: unix Class: vulnerability Status: Reference(s): CVE-2018-17407 Platform(s): Ubuntu 16.04 LTS Product(s): Definition Synopsis Ubuntu 16.04 LTS (xenial) is installed. AND The 'texlive-bin' package in xenial was vulnerable but has been fixed (note: '2015.20160222.37495-1ubuntu0.1').
BACK