CVE-2010-0827

Publication date 20 April 2010

Last updated 24 July 2024

Ubuntu priority

Description

Integer overflow in dvips in TeX Live 2009 and earlier, and teTeX, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted virtual font (VF) file associated with a DVI file.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
texlive-bin	10.04 LTS lucid	Fixed 2009-5ubuntu0.1
	9.10 karmic	Fixed 2007.dfsg.2-7ubuntu1.1
	9.04 jaunty	Fixed 2007.dfsg.2-4ubuntu2.1
	8.10 intrepid	Ignored end of life, was needed
	8.04 LTS hardy	Fixed 2007.dfsg.1-2ubuntu0.1
	6.06 LTS dapper	Not in release

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-937-1
TeX Live vulnerabilities
6 May 2010

Other references

https://www.cve.org/CVERecord?id=CVE-2010-0827