VYPR
High severity7.8NVD Advisory· Published Sep 23, 2018· Updated Jun 17, 2026

CVE-2018-17407

CVE-2018-17407

Description

An issue was discovered in t1_check_unusual_charstring functions in writet1.c files in TeX Live before 2018-09-21. A buffer overflow in the handling of Type 1 fonts allows arbitrary code execution when a malicious font is loaded by one of the vulnerable tools: pdflatex, pdftex, dvips, or luatex.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

15

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.