tetex-3.0-33.2.2.1AX

TeTeX is an implementation of TeX for Linux or UNIX systems. TeX takes a text file and a set of formatting commands as input and creates a typesetter-independent .dvi (DeVice Independent) file as output.
Usually, TeX is used in conjunction with a higher level formatting package like LaTeX or PlainTeX, since TeX by itself is not very user-friendly. The output format needn't to be DVI, but also PDF, when using pdflatex or similar tools.
Array index error in the DCTStream::readProgressiveDataUnit method in xpdf/Stream.cc in Xpdf 3.02 with xpdf-3.02pl1.patch allows remote attackers to trigger memory corruption and execute arbitrary code via a crafted PDF file. (CVE-2007-4352)
Buffer overflow in the intT1_EnvGetCompletePath function in lib/t1lib/t1env.c in t1lib 5.1.1 allows context-dependent attackers to execute arbitrary code via a long FileName parameter. NOTE: this issue was originally reported to be in the imagepsloadfont function in php_gd2.dll in the gd (PHP_GD2) extension in PHP 5.2.3. (CVE-2007-4033)
Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in Xpdf 3.02 with xpdf-3.02pl1.patch allows remote attackers to execute arbitrary code via a crafted PDF file, resulting in a heap-based buffer overflow. (CVE-2007-5392)
Heap-based buffer overflow in the CCITTFaxStream::lookChar method in
xpdf/Stream.cc in Xpdf 3.02 with xpdf-3.02pl1.patch allows remote attackers to execute arbitrary code via a PDF file that contains a crafted CCITTFaxDecode filter. (CVE-2007-5393)