CPE-88975FD5-1FF8-45B5-9A6A-965E6AB2FB00 Detail

CPE Details

Tug TeX Live

Vendor

tug

Product

tex_live

Version

Created

2017-05-12
16h18 +00:00

Modified

2021-08-09
15h49 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:a:tug:tex_live:-:::::::*

Informations

Vendor

tug

Product

tex_live

Version

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score	Severity
CVE-2018-17407	2018-09-23 19h00 +00:00	An issue was discovered in t1_check_unusual_charstring functions in writet1.c files in TeX Live before 2018-09-21. A buffer overflow in the handling of Type 1 fonts allows arbitrary code execution when a malicious font is loaded by one of the vulnerable tools: pdflatex, pdftex, dvips, or luatex.	7.8	High
CVE-2017-17513	2017-12-14 15h00 +00:00	TeX Live through 20170524 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL, related to linked_scripts/context/stubs/unix/mtxrun, texmf-dist/scripts/context/stubs/mswin/mtxrun.lua, and texmf-dist/tex/luatex/lualibs/lualibs-os.lua.	8.8	High
CVE-2016-10243	2017-05-02 12h00 +00:00	TeX Live allows remote attackers to execute arbitrary commands by leveraging inclusion of mpost in shell_escape_commands in the texmf.cnf config file.	9.8	Critical
CVE-2010-0827	2010-05-07 15h43 +00:00	Integer overflow in dvips in TeX Live 2009 and earlier, and teTeX, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted virtual font (VF) file associated with a DVI file.	6.8
CVE-2010-1440	2010-05-07 15h43 +00:00	Multiple integer overflows in dvipsk/dospecial.c in dvips in TeX Live 2009 and earlier, and teTeX, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a special command in a DVI file, related to the (1) predospecial and (2) bbdospecial functions, a different vulnerability than CVE-2010-0739.	6.8
CVE-2010-0739	2010-04-16 16h00 +00:00	Integer overflow in the predospecial function in dospecial.c in dvips in (1) TeX Live and (2) teTeX might allow user-assisted remote attackers to execute arbitrary code via a crafted DVI file that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information.	6.8

Tug TeX Live

CPE Details

CPE Name: cpe:2.3:a:tug:tex_live:-:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:a:tug:tex_live:-:::::::*