CVE-2023-51889

CVE-2023-51889 : The vulnerability affects Mathtex versions 1.05 and earlier, caused by a stack overflow in the validate() function. This allows a remote attacker to execute arbitrary code via a crafted string in the application URL. Exploitation details are not provided in the core CVE descripti...

CVE-2023-51887

The CVE-2023-51887 issue affects Mathtex versions 1.05 and earlier and is a Command Injection vulnerability. A remote attacker can send a crafted string in the application URL to execute arbitrary code on the affected system. The NVD/Red Hat/UBUNTU OSV entries confirm the same vector and indicate...

CVE-2023-51890

This CVE affects Mathtex 1.05 and earlier, where an infinite loop triggered by a crafted string in the application URL can cause a remote attacker to exhaust CPU. Affected component: Mathtex (URL parsing/handler logic) with a vulnerability leading to high impact on availability (A=High) and netwo...

CVE-2023-51888

CVE-2023-51888 describes a buffer overflow in the nomath() function of Mathtex

CVE-2023-51886

CVE-2023-51886 is a confirmed buffer overflow vulnerability in the Mathtex package (versions 1.05 and earlier) affecting the main() function and the use of the \convertpath feature. Multiple connected sources (Red Hat, Ubuntu, OSV, Debian, UBUNTU OSV, Nessus plugin entry) describe that a remote a...

CVE-2023-51885

CVE-2023-51885 affects Mathtex v1.05 and earlier. The vulnerability is a buffer overflow in how the LaTeX string length is processed, enabling a remote attacker to execute arbitrary code. The provided connected documents confirm the existence and impact but do not include concrete remediation ste...