107 matches found
Mathtex Security Breach
Mathtex is a CGI program written in C for the Manim community. A security vulnerability exists in Mathtex version 1.05 and earlier versions, which stems from the presence of a discovery infinite loop problem. A remote attacker can exploit this vulnerability to consume CPU resources via a crafted...
CVE-2023-51885
Buffer Overflow vulnerability in Mathtex v.1.05 and before allows a remote attacker to execute arbitrary code via the length of the LaTeX string component...
PT-2024-14317 · Mathtex +1 · Mathtex +1
Name of the Vulnerable Software and Affected Versions: Mathtex versions 1.05 and earlier Description: The issue allows a remote attacker to cause a denial of service when using convertpath. It is related to a Buffer Overflow vulnerability in the main function. Recommendations: For Mathtex version...
Buffer Overflow
mathtex is vulnerable to buffer overflow. The vulnerability is caused by improper bounds checking by the mathtex.cgi script. An attacker may inflict a buffer overflow and execute arbitrary code on the system or cause the application to crash...
Insecure Temporary File
mathtex is vulnerable to insecure temporary file. An attacker can gain access to the temporary files and use it for local attack vectors...
mathTeX mathtex.cgi getdirective Function dpi Tag Arbitrary Code Execution
The remote web server hosts mathTeX, a CGI script for displaying math on the web. The version of this application installed on the remote host fails to sanitize input via the 'dpi' or 'density' tags in an expression of shell metacharacters in the 'getdirective' function before using it in a call ...
DEBIAN-CVE-2009-2460
Multiple stack-based buffer overflows in mathtex.cgi in mathTeX, when downloaded before 20090713, have unspecified impact and remote attack vectors...
CVE-2009-2460
Multiple stack-based buffer overflows in mathtex.cgi in mathTeX, when downloaded before 20090713, have unspecified impact and remote attack vectors...
CVE-2009-2460
Multiple stack-based buffer overflows in mathtex.cgi in mathTeX, when downloaded before 20090713, have unspecified impact and remote attack vectors...
CVE-2009-1383
The getdirective function in mathtex.cgi in mathTeX, when downloaded before 20090713, allows remote attackers to execute arbitrary commands via shell metacharacters in the dpi tag...
CVE-2009-2461
mathtex.cgi in mathTeX, when downloaded before 20090713, does not securely create temporary files, which has unspecified impact and local attack vectors...
CVE-2009-2460
Multiple stack-based buffer overflows in mathtex.cgi in mathTeX, when downloaded before 20090713, have unspecified impact and remote attack vectors...
CVE-2009-1383
The getdirective function in mathtex.cgi in mathTeX, when downloaded before 20090713, allows remote attackers to execute arbitrary commands via shell metacharacters in the dpi tag...
CVE-2009-2461
mathtex.cgi in mathTeX, when downloaded before 20090713, does not securely create temporary files, which has unspecified impact and local attack vectors...
Design/Logic Flaw
mathtex.cgi in mathTeX, when downloaded before 20090713, does not securely create temporary files, which has unspecified impact and local attack vectors...
CVE-2009-2461
mathtex.cgi in mathTeX, when downloaded before 20090713, does not securely create temporary files, which has unspecified impact and local attack vectors...
Code injection
The getdirective function in mathtex.cgi in mathTeX, when downloaded before 20090713, allows remote attackers to execute arbitrary commands via shell metacharacters in the dpi tag...
DEBIAN-CVE-2009-2461
mathtex.cgi in mathTeX, when downloaded before 20090713, does not securely create temporary files, which has unspecified impact and local attack vectors...
DEBIAN-CVE-2009-1383
The getdirective function in mathtex.cgi in mathTeX, when downloaded before 20090713, allows remote attackers to execute arbitrary commands via shell metacharacters in the dpi tag...
CVE-2009-2460
Multiple stack-based buffer overflows in mathtex.cgi in mathTeX, when downloaded before 20090713, have unspecified impact and remote attack vectors...