Debian Linux Security Advisory 2048-1 - Dan Rosenberg discovered that in dvipng, a utility that converts DVI files to PNG graphics, several array index errors allow context-dependent attackers, via a specially crafted DVI file, to cause a denial of service (crash of the application), and possibly arbitrary code execution.
b33cc64d4d349d0e62b276519f5d16f67fba2874d40653bf72218ee1e1a25199