Mark Richters

**Name of the Vulnerable Software and Affected Versions** makeindex version 2.14 in teTeX **Description** A buffer overflow issue exists in the open sty function in mkind.c, potentially allowing user-assisted remote attackers to overwrite files and possibly execute arbitrary code via a long filename. Other overflows, such as a heap-based overflow in the check idx function, might also exist but their exploitability is uncertain. **Recommendations** For makeindex version 2.14 in teTeX, consider restricting the length of filenames to prevent potential buffer overflows until a patch is available. As a temporary workaround, avoid using long filenames with the open sty function to minimize the risk of exploitation.