Summary
Ubuntu Update for Linux kernel vulnerabilities USN-937-1
Solution
Please Install the Updated Packages.
Insight
It was discovered that TeX Live incorrectly handled certain long .bib bibliography files. If a user or automated system were tricked into processing a specially crafted bib file, an attacker could cause a denial of service via application crash. This issue only affected Ubuntu 8.04 LTS, 9.04 and 9.10. (CVE-2009-1284)
Marc Schoenefeld, Karel Š
rot and Ludwig Nussel discovered that TeX Live
incorrectly handled certain malformed dvi files. If a user or automated system were tricked into processing a specially crafted dvi file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-0739, CVE-2010-1440)
Dan Rosenberg discovered that TeX Live incorrectly handled certain malformed dvi files. If a user or automated system were tricked into processing a specially crafted dvi file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-0827)
Affected
texlive-bin vulnerabilities on Ubuntu 8.04 LTS ,
Ubuntu 9.04 ,
Ubuntu 9.10
Severity
Classification
-
CVE CVE-2009-1284, CVE-2010-0739, CVE-2010-0827, CVE-2010-1440 -
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P
Related Vulnerabilities