VulnerableCode Package Details - pkg:deb/ubuntu/texlive-bin@2016.20160512.41045-1

Search for packages

Package details: pkg:deb/ubuntu/texlive-bin@2016.20160512.41045-1

Essentials
History (0)

purl	pkg:deb/ubuntu/texlive-bin@2016.20160512.41045-1

Next non-vulnerable version	2018.20181218.49446-2
Latest non-vulnerable version	2018.20181218.49446-2
Risk	4.0

Vulnerabilities affecting this package (2)

Vulnerability	Summary	Fixed by
VCID-ghqb-bf1j-aaaa Aliases: CVE-2018-17407	An issue was discovered in t1_check_unusual_charstring functions in writet1.c files in TeX Live before 2018-09-21. A buffer overflow in the handling of Type 1 fonts allows arbitrary code execution when a malicious font is loaded by one of the vulnerable tools: pdflatex, pdftex, dvips, or luatex.	2017.20170613.44572-8ubuntu0.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-jeet-y58g-aaan Aliases: CVE-2019-9589	There is a NULL pointer dereference vulnerability in PSOutputDev::setupResources() located in PSOutputDev.cc in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdftops binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact.	2018.20181218.49446-2 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version