Vulnerability Name:

CVE-2010-0827 (CCN-58383)

Assigned:2010-03-25
Published:2010-03-25
Updated:2017-09-19
Summary:Integer overflow in dvips in TeX Live 2009 and earlier, and teTeX, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted virtual font (VF) file associated with a DVI file.
CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
6.8 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
6.8 Medium (REDHAT CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (REDHAT Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-189
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2010-0827

Source: SUSE
Type: UNKNOWN
SUSE-SR:2010:012

Source: SUSE
Type: UNKNOWN
SUSE-SR:2010:013

Source: CCN
Type: RHSA-2010-0399
Moderate: tetex security update

Source: CCN
Type: RHSA-2010-0401
Moderate: tetex security update

Source: CONFIRM
Type: UNKNOWN
http://security-tracker.debian.org/tracker/CVE-2010-0827

Source: GENTOO
Type: UNKNOWN
GLSA-201206-28

Source: CCN
Type: OSVDB ID: 64389
Tex Live Unspecified DVI File Handling Issue

Source: BID
Type: UNKNOWN
39971

Source: CCN
Type: BID-39971
TeX Live '.dvi' File Parsing (CVE-2010-0827) Remote Code Execution Vulnerability

Source: CONFIRM
Type: UNKNOWN
http://www.tug.org/svn/texlive/trunk/Build/source/texk/dvipsk/ChangeLog?r1=18009&r2=18095

Source: CONFIRM
Type: UNKNOWN
http://www.tug.org/svn/texlive/trunk/Build/source/texk/dvipsk/ChangeLog?view=log

Source: CCN
Type: teTeX Web page
teTeX

Source: CCN
Type: USN-937-1
TeX Live vulnerabilities

Source: UBUNTU
Type: UNKNOWN
USN-937-1

Source: CCN
Type: Red Hat Bugzilla Bug 572914
CVE-2010-0827 tetex, texlive: Buffer overflow flaw by processing virtual font files

Source: CONFIRM
Type: UNKNOWN
https://bugzilla.redhat.com/show_bug.cgi?id=572914

Source: XF
Type: UNKNOWN
tetex-dvips-code-execution(58383)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:10052

Source: SUSE
Type: SUSE-SR:2010:013
SUSE Security Summary Report

Vulnerable Configuration:Configuration 1:
  • cpe:/a:tug:tex_live:1996:*:*:*:*:*:*:*
  • OR cpe:/a:tug:tex_live:1998:*:*:*:*:*:*:*
  • OR cpe:/a:tug:tex_live:1999:*:*:*:*:*:*:*
  • OR cpe:/a:tug:tex_live:2000:*:*:*:*:*:*:*
  • OR cpe:/a:tug:tex_live:2001:*:*:*:*:*:*:*
  • OR cpe:/a:tug:tex_live:2002:*:*:*:*:*:*:*
  • OR cpe:/a:tug:tex_live:2003:*:*:*:*:*:*:*
  • OR cpe:/a:tug:tex_live:2004:*:*:*:*:*:*:*
  • OR cpe:/a:tug:tex_live:2005:*:*:*:*:*:*:*
  • OR cpe:/a:tug:tex_live:2007:*:*:*:*:*:*:*
  • OR cpe:/a:tug:tex_live:2008:*:*:*:*:*:*:*
  • OR cpe:/a:tug:tex_live:*:*:*:*:*:*:*:* (Version <= 2009)

    • Configuration 2:
  • cpe:/a:tug:tetex:*:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:tug:tex_live:1996:*:*:*:*:*:*:*
  • OR cpe:/a:tug:tex_live:1998:*:*:*:*:*:*:*
  • OR cpe:/a:tug:tex_live:1999:*:*:*:*:*:*:*
  • OR cpe:/a:tug:tex_live:2000:*:*:*:*:*:*:*
  • OR cpe:/a:tug:tex_live:2001:*:*:*:*:*:*:*
  • OR cpe:/a:tug:tex_live:2002:*:*:*:*:*:*:*
  • OR cpe:/a:tug:tex_live:2003:*:*:*:*:*:*:*
  • OR cpe:/a:tug:tex_live:2004:*:*:*:*:*:*:*
  • OR cpe:/a:tug:tex_live:2005:*:*:*:*:*:*:*
  • OR cpe:/a:tug:tex_live:2007:*:*:*:*:*:*:*
  • OR cpe:/a:tug:tex_live:2008:*:*:*:*:*:*:*
  • OR cpe:/a:tug:tex_live:2009:*:*:*:*:*:*:*
  • AND
  • cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0::x86_64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.0::x86-64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:8.04::lts:*:*:*:*:*
  • OR cpe:/o:mandriva:linux:2009.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandriva:linux:2009.0:-:x86_64:*:*:*:*:*
  • OR cpe:/o:mandriva:linux:2009.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandriva:linux:2009.1:*:*:*:x86_64:*:*:*
  • OR cpe:/o:mandriva:enterprise_server:5:*:*:*:*:*:*:*
  • OR cpe:/o:mandriva:enterprise_server:5:*:*:*:x86_64:*:*:*
  • OR cpe:/o:mandriva:linux:2010:*:*:*:x86_64:*:*:*
  • OR cpe:/o:mandriva:linux:2010:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20100827
    V
    		CVE-2010-0827
    2017-09-27
    oval:org.mitre.oval:def:13403
    P
    		USN-937-1 -- texlive-bin vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:10052
    V
    		Integer overflow in dvips in TeX Live 2009 and earlier, and teTeX, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted virtual font (VF) file associated with a DVI file.
    2013-04-29
    oval:com.redhat.rhsa:def:20100399
    P
    		RHSA-2010:0399: tetex security update (Moderate)
    2010-05-06
    oval:com.redhat.rhsa:def:20100401
    P
    		RHSA-2010:0401: tetex security update (Moderate)
    2010-05-06
    BACK
    tug tex live 1996
    tug tex live 1998
    tug tex live 1999
    tug tex live 2000
    tug tex live 2001
    tug tex live 2002
    tug tex live 2003
    tug tex live 2004
    tug tex live 2005
    tug tex live 2007
    tug tex live 2008
    tug tex live *
    tug tetex *
    tug tex live 1996
    tug tex live 1998
    tug tex live 1999
    tug tex live 2000
    tug tex live 2001
    tug tex live 2002
    tug tex live 2003
    tug tex live 2004
    tug tex live 2005
    tug tex live 2007
    tug tex live 2008
    tug tex live 2009
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    mandrakesoft mandrake linux corporate server 4.0
    mandrakesoft mandrake linux corporate server 4.0
    mandrakesoft mandrake linux 2008.0
    mandrakesoft mandrake linux 2008.0
    canonical ubuntu 8.04
    mandriva linux 2009.0
    mandriva linux 2009.0 -
    mandriva linux 2009.1
    mandriva linux 2009.1
    mandriva enterprise server 5
    mandriva enterprise server 5
    mandriva linux 2010
    mandriva linux 2010