Oval Definition:oval:org.mitre.oval:def:20633
Revision Date:2014-02-24Version:87
Title:RHSA-2012:0137: texlive security update (Moderate)
Description:Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers to cause a denial of service (application crash) via a PDF document containing a crafted Type 1 font that triggers an invalid memory read, integer overflow, and invalid pointer dereference, a different vulnerability than CVE-2011-0764.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CESA-2012:0137
CVE-2010-2642
CVE-2011-0433
CVE-2011-0764
CVE-2011-1552
CVE-2011-1553
CVE-2011-1554
RHSA-2012:0137-01
Platform(s):CentOS Linux 6
Red Hat Enterprise Linux 6
Product(s):texlive
Definition Synopsis
  • Redhat 6 or Centos 6 release
  • The operating system installed on the system is Red Hat Enterprise Linux 6
  • OR The operating system installed on the system is CentOS Linux 6.x
  • AND Packages section
  • texlive-dvips is earlier than 0:2007-57.el6_2
  • OR texlive-latex is earlier than 0:2007-57.el6_2
  • OR kpathsea is earlier than 0:2007-57.el6_2
  • OR texlive-context is earlier than 0:2007-57.el6_2
  • OR texlive-afm is earlier than 0:2007-57.el6_2
  • OR mendexk is earlier than 0:2.6e-57.el6_2
  • OR texlive-dviutils is earlier than 0:2007-57.el6_2
  • OR texlive-east-asian is earlier than 0:2007-57.el6_2
  • OR texlive-utils is earlier than 0:2007-57.el6_2
  • OR texlive-xetex is earlier than 0:2007-57.el6_2
  • OR kpathsea-devel is earlier than 0:2007-57.el6_2
  • OR texlive is earlier than 0:2007-57.el6_2
    • BACK