Bug 20770 - mimeTeX Multiple Vulnerabilities: CVE-2009-1382, CVE-2009-2459
Summary: mimeTeX Multiple Vulnerabilities: CVE-2009-1382, CVE-2009-2459
Status: CLOSED FIXED
Alias: None
Product: Sisyphus
Classification: Development
Component: mimetex (show other bugs)
Version: unstable
Hardware: all Linux
: P3 blocker
Assignee: Anton Farygin
QA Contact: qa-sisyphus
URL: http://secunia.com/advisories/35752
Keywords: security
Depends on:
Blocks:
 
Reported: 2009-07-13 17:03 MSD by Vladimir Lettiev
Modified: 2009-08-29 08:23 MSD (History)
2 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Vladimir Lettiev 2009-07-13 17:03:30 MSD 
Chris Evans has reported some vulnerabilities in mimeTeX, which can be exploited by malicious people to disclose sensitive information or compromise a vulnerable system.

1) Multiple boundary errors when processing TeX input can be exploited to cause buffer overflows via e.g. overly long strings passed in "\picture", \circle", or "\input" expressions.

2) Multiple errors when handling the "\environ", "\input", and "\counter" directives can be exploited to disclose sensitive information.

Problem fixed in version 1.71
Comment 1 Vladimir A. Svyatoshenko 2009-08-29 08:23:30 MSD 
в последней выложенной версии исправлены обнаруженные уязвимости