CVE-2005-3011

CVE-2005-3011 and related texinfo issues affect the GNU texinfo package up to version 4.8 and earlier, specifically in the texindex utility. The root cause is insecure handling of temporary files, allowing a local attacker to overwrite files writable by the victim via a symlink/temporary-file rac...

CVE-2006-4810

The CVE-2006-4810 entry concerns Texinfo 4.8 and earlier, where a buffer overflow in Texinfo’s texindex.c readline path (used by texi2dvi and texindex) could allow a local attacker to run arbitrary code via a crafted Texinfo file. The connected advisories (Ubuntu USN-379-1, Red Hat/CentOS advisor...