Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-2461

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2009-2461
Last Modified 12 Aug 2009 01:30:20
Published 14 Jul 2009 04:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2009-2461

Summary

mathtex.cgi in mathTeX, when downloaded before 20090713, does not securely create temporary files, which has unspecified impact and local attack vectors.

Vulnerable Systems

Application

  • Forkosh Mathtex 1.00

  • Forkosh Mathtex 1.01

  • Forkosh Mathtex 1.02


References

XF - mathtex-mathtex-unspecifed(51797)

VUPEN - ADV-2009-1875

BUGTRAQ - 20090713 [oCERT-2009-010] mimeTeX and mathTeX buffer overflows and commandinjection

MISC - http://www.ocert.org/advisories/ocert-2009-010.html

SECUNIA - 35816

MISC - http://groups.google.com/group/comp.text.tex/browse_thread/thread/5d56d3d744351578


Last Updated: 27 May 2016 10:50:54