An issue was discovered in t1_check_unusual_charstring functions in writet1.c files in TeX Live before 2018-09-21. A buffer overflow in the handling of Type 1 fonts allows arbitrary code execution when a malicious font is loaded by one of the vulnerable tools: pdflatex, pdftex, dvips, or luatex.
Metrics
Affected Vendors & Products
References
History
No history.

Status: PUBLISHED
Assigner: mitre
Published: 2018-09-23T21:00:00
Updated: 2024-08-05T10:47:04.498Z
Reserved: 2018-09-23T00:00:00
Link: CVE-2018-17407

No data.

Status : Modified
Published: 2018-09-23T21:29:00.280
Modified: 2024-11-21T03:54:20.870
Link: CVE-2018-17407
