Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

BibTeX - '.bib' File Handling Memory Corruption

🗓️ 13 Nov 2009 00:00:00Reported by Vincent LafevreType 
exploitdb
 exploitdb🔗 www.exploit-db.com👁 36 Views

BibTeX '.bib' File Handling Memory Corruption May Cause Denial-of-Servic

Code
Bugtraq ID: 34332
Class: Failure to Handle Exceptional Conditions

Published: Apr 01 2009 12:00AM
Updated: Nov 13 2009 03:46PM
Credit: Vincent Lafevre
Vulnerable: RedHat Linux 2.1
RedHat Fedora 9 0
RedHat Fedora 11
RedHat Fedora 10
RedHat Enterprise Linux WS 5
RedHat Enterprise Linux WS 4
RedHat Enterprise Linux WS 3
RedHat Enterprise Linux WS 2.1 IA64
RedHat Enterprise Linux WS 2.1
RedHat Enterprise Linux ES 4
RedHat Enterprise Linux ES 3
RedHat Enterprise Linux ES 2.1 IA64
RedHat Enterprise Linux ES 2.1
RedHat Enterprise Linux Desktop Workstation 5 client
RedHat Enterprise Linux Desktop 5 client
RedHat Enterprise Linux AS 4
RedHat Enterprise Linux AS 3
RedHat Enterprise Linux AS 2.1 IA64
RedHat Enterprise Linux AS 2.1
RedHat Enterprise Linux Desktop version 4
Debian Linux 5.0 sparc
Debian Linux 5.0 s/390
Debian Linux 5.0 powerpc
Debian Linux 5.0 mipsel
Debian Linux 5.0 mips
Debian Linux 5.0 m68k
Debian Linux 5.0 ia-64
Debian Linux 5.0 ia-32
Debian Linux 5.0 hppa
Debian Linux 5.0 armel
Debian Linux 5.0 arm
Debian Linux 5.0 amd64
Debian Linux 5.0 alpha
Debian Linux 5.0
Debian Linux 4.0 sparc
Debian Linux 4.0 s/390
Debian Linux 4.0 powerpc
Debian Linux 4.0 mipsel
Debian Linux 4.0 mips
Debian Linux 4.0 m68k
Debian Linux 4.0 ia-64
Debian Linux 4.0 ia-32
Debian Linux 4.0 hppa
Debian Linux 4.0 armel
Debian Linux 4.0 arm
Debian Linux 4.0 amd64
Debian Linux 4.0 alpha
Debian Linux 4.0
BibTeX BibTeX 0

BibTeX is prone to a memory-corruption vulnerability because it fails to properly handle excessively large '.bib' files.

Remote attackers may leverage this issue to cause denial-of-service conditions. Given the nature of this issue, attackers may also be able to execute code, but this has not been confirmed.

NOTE: BibTeX may be shipped with various packages, such as TeTeX or TexLive, that may also be vulnerable. 


Exploit-DB Mirror: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/10203.tar.bz2 (2009-11-22-bibtex-crash.tar.bz2)

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
13 Nov 2009 00:00Current
7High risk
Vulners AI Score7
bibtexmemory corruptiondenial-of-servicebugtraq id 34332vincent lafevreredhat linuxredhat fedoraredhat enterprise linuxdebian linuxexploit-db mirror
36