Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in t1_check_unusual_charstring functions in writet1.c files in TeX Live before 2018-09-21. A buffer overflow in the handling of Type 1 fonts allows arbitrary code execution when a malicious font is loaded by one of the vulnerable tools: pdflatex, pdftex, dvips, or luatex.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
TeX Live 缓冲区错误漏洞
Vulnerability Description
TeX Live是国际TeX用户组织TUG开发的一套TeX电子排版系统。该系统提供排版语言、宏定义等功能。 TeX Live 2018-09-21之前版本中的writet1.c文件的‘t1_check_unusual_charstring’函数存在缓冲区溢出漏洞。攻击者可借助恶意的字体(.pfb)利用该漏洞执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A