Oval Definition:oval:org.mitre.oval:def:23808
Revision Date:2014-05-26Version:36
Title:ELSA-2012:0137: texlive security update (Moderate)
Description:Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers to cause a denial of service (application crash) via a PDF document containing a crafted Type 1 font that triggers an invalid memory read, integer overflow, and invalid pointer dereference, a different vulnerability than CVE-2011-0764.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2010-2642
CVE-2011-0433
CVE-2011-0764
CVE-2011-1552
CVE-2011-1553
CVE-2011-1554
ELSA-2012:0137-01
Platform(s):Oracle Linux 6
Product(s):texlive
Definition Synopsis
  • Oracle Linux 6.x
  • AND rpm test
  • texlive-dvips is earlier than 0:2007-57.el6_2
  • OR texlive-latex is earlier than 0:2007-57.el6_2
  • OR kpathsea is earlier than 0:2007-57.el6_2
  • OR texlive-context is earlier than 0:2007-57.el6_2
  • OR texlive-afm is earlier than 0:2007-57.el6_2
  • OR mendexk is earlier than 0:2.6e-57.el6_2
  • OR texlive-dviutils is earlier than 0:2007-57.el6_2
  • OR texlive-east-asian is earlier than 0:2007-57.el6_2
  • OR texlive-utils is earlier than 0:2007-57.el6_2
  • OR texlive-xetex is earlier than 0:2007-57.el6_2
  • OR kpathsea-devel is earlier than 0:2007-57.el6_2
  • OR texlive is earlier than 0:2007-57.el6_2
  • BACK