Buffer overflow in BibTeX 0.99 allows context-dependent malicious users to cause a denial of service (memory corruption and crash) via a long .bib bibliography file.
Debian Bug report logs -
#520920
texlive-base-bin: bibtex crashes with large bib file
Package:
texlive-base-bin;
Maintainer for texlive-base-bin is (unknown);
Reported by: Vincent Lefevre <vincent@vinc17org>
Date: Mon, 23 Mar 2009 16:06:02 UTC
Severity: important
Tags: patch, security
Found in versions texlive-bin/2007d ...
It was discovered that TeX Live incorrectly handled certain long bib
bibliography files If a user or automated system were tricked into
processing a specially crafted bib file, an attacker could cause a denial
of service via application crash This issue only affected Ubuntu 804 LTS,
904 and 910 (CVE-2009-1284) ...