Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
10
CVSSv2

CVE-2009-1382

Published: 14/07/2009 Updated: 10/10/2018
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 890
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Mimetex

Vulnerability Summary

Multiple stack-based buffer overflows in mimetex.cgi in mimeTeX, when downloaded prior to 20090713, allow remote malicious users to execute arbitrary code via a TeX file with long (1) picture, (2) circle, or (3) input tags.

Vulnerable Product Search on Vulmon Subscribe to Product

forkosh mimetex

Vendor Advisories

Debian CVElist Bug Report Logs: mimetex: CVE-2009-2459 CVE-2009-1382 multiple security issues
Debian Bug report logs - #537254 mimetex: CVE-2009-2459 CVE-2009-1382 multiple security issues Package: mimetex; Maintainer for mimetex is Hilmar Preuße <hille42@webde>; Source for mimetex is src:mimetex (PTS, buildd, popcon) Reported by: Nico Golde <nion@debianorg> Date: Thu, 16 Jul 2009 13:12:04 UTC Severity: g ...
Ubuntu Security Notice: mimetex vulnerabilities
Chris Evans discovered that mimeTeX incorrectly handled certain long tags An attacker could exploit this with a crafted mimeTeX expression and cause a denial of service or possibly execute arbitrary code (CVE-2009-1382) ...

References

CWE-119http://scary.beasts.org/security/CESA-2009-009.htmlhttp://secunia.com/advisories/35752http://www.vupen.com/english/advisories/2009/1875http://secunia.com/advisories/35816http://groups.google.com/group/comp.text.tex/browse_thread/thread/5d56d3d744351578http://www.ocert.org/advisories/ocert-2009-010.htmlhttp://www.vupen.com/english/advisories/2010/0877http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039314.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/51794http://www.securityfocus.com/archive/1/504919/100/0/threadedhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=537254https://usn.ubuntu.com/844-1/https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463CVE-2024-29895injectCVE-2023-52689CVE-2024-5049CVE-2024-5051privilege escalationphysicalCVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook