Published: 23/09/2018 Updated: 15/11/2018

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

An issue exists in t1_check_unusual_charstring functions in writet1.c files in TeX Live prior to 2018-09-21. A buffer overflow in the handling of Type 1 fonts allows arbitrary code execution when a malicious font is loaded by one of the vulnerable tools: pdflatex, pdftex, dvips, or luatex.

Vulnerable Product	Search on Vulmon	Subscribe to Product
tug tex live
canonical ubuntu linux 18.10
canonical ubuntu linux 14.04
canonical ubuntu linux 16.04
canonical ubuntu linux 18.04
debian debian linux 9.0
debian debian linux 8.0

Synopsis Moderate: texlive security update Type/Severity Security Advisory: Moderate Topic An update for texlive is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, wh ...

Debian Bug report logs - #909317 texlive-bin: CVE-2018-17407: buffer overflow (DSA-4299-1) Package: src:texlive-bin; Maintainer for src:texlive-bin is Debian TeX Maintainers <debian-tex-maint@listsdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 21 Sep 2018 14:51:01 UTC Severity: grave T ...

Several security issues were fixed in Tex Live ...

Nick Roessler from the University of Pennsylvania has found a buffer overflow in texlive-bin, the executables for TexLive, the popular distribution of TeX document production system This buffer overflow can be used for arbitrary code execution by crafting a special type1 font (pfb) and provide it to users running pdf(la)tex, dvips or luatex in a ...

An issue was discovered in t1_check_unusual_charstring functions in writet1c files in TeX Live before 2018-09-21 A buffer overflow in the handling of Type 1 fonts allows arbitrary code execution when a malicious font is loaded by one of the vulnerable tools: pdflatex, pdftex, dvips, or luatex (CVE-2018-17407) ...

An issue was discovered in t1_check_unusual_charstring functions in writet1c files in TeX Live before 2018-09-21 A buffer overflow in the handling of Type 1 fonts allows arbitrary code execution when a malicious font is loaded by one of the vulnerable tools: pdflatex, pdftex, dvips, or luatex ...

CWE-119 https://lists.debian.org/debian-security-announce/2018/msg00230.html https://github.com/TeX-Live/texlive-source/commit/6ed0077520e2b0da1fd060c7f88db7b2e6068e4c https://www.debian.org/security/2018/dsa-4299 https://usn.ubuntu.com/3788-1/https://usn.ubuntu.com/3788-2/https://access.redhat.com/errata/RHSA-2020:1036 https://nvd.nist.gov https://usn.ubuntu.com/3788-2/

CVE-2018-17407

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect