CVE-2007-0650

Name of the Vulnerable Software and Affected Versions makeindex version 2.14 in teTeX

Description A buffer overflow issue exists in the open sty function in mkind.c, potentially allowing user-assisted remote attackers to overwrite files and possibly execute arbitrary code via a long filename. Other overflows, such as a heap-based overflow in the check idx function, might also exist but their exploitability is uncertain.

Recommendations For makeindex version 2.14 in teTeX, consider restricting the length of filenames to prevent potential buffer overflows until a patch is available. As a temporary workaround, avoid using long filenames with the open sty function to minimize the risk of exploitation.