What is CVE-2010-0739?

CVE-2010-0739 is a vulnerability in Tug Tetex, classified under CWE-189. Published 2010-04-16.

Is CVE-2010-0739 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Tug Tetex

CVE-2010-0739

Integer overflow in the predospecial function in dospecial.c in dvips in (1) TeX Live and (2) teTeX might allow user-assisted remote attackers to execute arbitrary code via a crafted DVI file that triggers a heap-based buffer overflow. NO…

EPSS: 0.077 (92.1th percentile) — read the EPSS interpretation.

Affected products

Tug Tetex
Tug Tex_live
N/a — versions n/a

Weakness classification (CWE)

CWE-189

Public proof-of-concept exploits

References

secalert@redhat.com (x_refsource_CONFIRM)
FEDORA-2010-8273 (vendor-advisory, x_refsource_FEDORA)
SUSE-SR:2010:012 (vendor-advisory, x_refsource_SUSE)
SUSE-SR:2010:013 (vendor-advisory, x_refsource_SUSE)
39390 (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
GLSA-201206-28 (vendor-advisory, x_refsource_GENTOO)
39500 (vdb-entry, x_refsource_BID)
USN-937-1 (x_refsource_UBUNTU, vendor-advisory)
secalert@redhat.com (x_refsource_CONFIRM)
oval:org.mitre.oval:def:11468 (signature, x_refsource_OVAL, vdb-entry)

Frequently asked questions

What is CVE-2010-0739?: CVE-2010-0739 is a vulnerability in Tug Tetex, classified under CWE-189. Published 2010-04-16.
Is CVE-2010-0739 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.