Mandriva Linux Security Advisory : tetex (MDVSA-2010:094)

High Nessus Plugin ID 46330

Synopsis

The remote Mandriva Linux host is missing one or more security updates.

Description

Multiple vulnerabilities has been discovered and fixed in tetex :

Buffer overflow in BibTeX 0.99 allows context-dependent attackers to cause a denial of service (memory corruption and crash) via a long .bib bibliography file (CVE-2009-1284).

Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow (CVE-2009-3608).

Integer overflow in dvips in TeX Live 2009 and earlier, and teTeX, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted virtual font (VF) file associated with a DVI file (CVE-2010-0827).

Multiple array index errors in set.c in dvipng 1.11 and 1.12, and teTeX, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed DVI file (CVE-2010-0829).

Integer overflow in the predospecial function in dospecial.c in dvips in (1) TeX Live and (2) teTeX might allow user-assisted remote attackers to execute arbitrary code via a crafted DVI file that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third-party information (CVE-2010-0739).

Multiple integer overflows in dvipsk/dospecial.c in dvips in TeX Live 2009 and earlier, and teTeX, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a special command in a DVI file, related to the (1) predospecial and (2) bbdospecial functions, a different vulnerability than CVE-2010-0739 (CVE-2010-1440).

Packages for 2008.0 and 2009.0 are provided due to the Extended Maintenance Program for those products.

The corrected packages solves these problems.

Solution

Update the affected packages.

Plugin Details

Severity: High

ID: 46330

File Name: mandriva_MDVSA-2010-094.nasl

Version: 1.16

Type: local

Published: 2010/05/13

Updated: 2018/07/19

Dependencies: 12634

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 9.3

Temporal Score: 7.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:POC/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:jadetex, p-cpe:/a:mandriva:linux:tetex, p-cpe:/a:mandriva:linux:tetex-afm, p-cpe:/a:mandriva:linux:tetex-context, p-cpe:/a:mandriva:linux:tetex-devel, p-cpe:/a:mandriva:linux:tetex-doc, p-cpe:/a:mandriva:linux:tetex-dvilj, p-cpe:/a:mandriva:linux:tetex-dvipdfm, p-cpe:/a:mandriva:linux:tetex-dvips, p-cpe:/a:mandriva:linux:tetex-latex, p-cpe:/a:mandriva:linux:tetex-mfwin, p-cpe:/a:mandriva:linux:tetex-texi2html, p-cpe:/a:mandriva:linux:tetex-usrlocal, p-cpe:/a:mandriva:linux:tetex-xdvi, p-cpe:/a:mandriva:linux:xmltex, cpe:/o:mandriva:linux:2008.0, cpe:/o:mandriva:linux:2009.0, cpe:/o:mandriva:linux:2009.1, cpe:/o:mandriva:linux:2010.0

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2010/05/12

Reference Information

CVE: CVE-2009-1284, CVE-2009-3608, CVE-2010-0739, CVE-2010-0827, CVE-2010-0829, CVE-2010-1440

BID: 34332, 36703, 39500, 39966, 39969

MDVSA: 2010:094

CWE: 119, 189