latex2rtf: arbitrary code execution

2016-05-06T00:00:00
ID ASA-201605-9
Type archlinux
Reporter Arch Linux
Modified 2016-05-06T00:00:00

Description

A format string vulnerability was found in the CmdKeywords() function, where the user-controlled variable 'keywords' is passed as a format argument to vnsprintf(), when processing the \keywords command in a TeX file.