CVE-2009-1383

Published: Jul 14, 2009

Modified: Aug 7, 2024

PUBLISHED

Description

The getdirective function in mathtex.cgi in mathTeX, when downloaded before 20090713, allows remote attackers to execute arbitrary commands via shell metacharacters in the dpi tag.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

ADV-2009-1875

vdb-entry

x_refsource_VUPEN

20090713 [oCERT-2009-010] mimeTeX and mathTeX buffer overflows and commandinjection

mailing-list

x_refsource_BUGTRAQ

35816

third-party-advisory

x_refsource_SECUNIA

mathtex-getdirective-command-execution(51795)

vdb-entry

x_refsource_XF

http://www.ocert.org/advisories/ocert-2009-010.html

x_refsource_MISC

http://groups.google.com/group/comp.text.tex/browse_thread/thread/5d56d3d744351578

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2009-1383

Description

Affected Products

References