CyberSec.Space Logo
CVEブラウザに戻る

CVE-2009-1382

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1720%
EPSS Percentile7.76th
Published2009年7月14日
Last Modified2026年4月23日

Vulnerability Description

Multiple stack-based buffer overflows in mimetex.cgi in mimeTeX, when downloaded before 20090713, allow remote attackers to execute arbitrary code via a TeX file with long (1) picture, (2) circle, or (3) input tags.

Affected Platforms (CPE)

📦
Forkosh

Mimetex

<= 1.71

References & Advisories

🔗 http://groups.google.com/group/comp.text.tex/browse_thread/thread/5d56d3d744351578
🔗 http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039314.html
🔗 http://scary.beasts.org/security/CESA-2009-009.html
🔗 http://secunia.com/advisories/35752
🔗 http://secunia.com/advisories/35816
🔗 http://www.ocert.org/advisories/ocert-2009-010.html
🔗 http://www.securityfocus.com/archive/1/504919/100/0/threaded
🔗 http://www.vupen.com/english/advisories/2009/1875

関連する脆弱性情報

CVE-2009-245910.0

Multiple unspecified vulnerabilities in mimeTeX, when downloaded before 20090713, have unknown impact and attack vectors related t...

CVE-2006-49424.6

Moodle before 1.6.2, when the configuration lacks (1) algebra or (2) tex filters, allows remote authenticated users to write LaTeX...

CVE-2009-227110.0

The Huawei D100 has (1) a certain default administrator password for the web interface, and does not force a password change; and ...

CVE-2009-303210.0

Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Syman...