4 matches found
[oCERT-2009-010] mimeTeX and mathTeX buffer overflows and command injection
2009-010 mimeTeX and mathTeX buffer overflows and command injection Description: The mimeTeX and mathTeX CGIs are widely used helper executables that allow mathematical equation rendering in the form of images. Both applications suffer from several buffer overflows as well as command injection...
CVE-2009-1383
The getdirective function in mathtex.cgi in mathTeX, when downloaded before 20090713, allows remote attackers to execute arbitrary commands via shell metacharacters in the dpi tag...
CVE-2009-1383
The getdirective function in mathtex.cgi in mathTeX, when downloaded before 20090713, allows remote attackers to execute arbitrary commands via shell metacharacters in the dpi tag...
CVE-2009-1383
CVE-2009-1383 concerns mathTeX: the getdirective function in mathtex.cgi mishandles input in the dpi tag, allowing remote command execution via shell metacharacters before 20090713. Multiple sources (Veracode, Tenable NASL, NVD/OSVUbuntu/PRION) describe remote code execution risk for mathTeX, wit...