Tetex · Makeindex · CVE-2007-0650
**Name of the Vulnerable Software and Affected Versions**
makeindex version 2.14 in teTeX
**Description**
A buffer overflow issue exists in the open sty function in mkind.c, potentially allowing user-assisted remote attackers to overwrite files and possibly execute arbitrary code via a long filename. Other overflows, such as a heap-based overflow in the check idx function, might also exist but their exploitability is uncertain.
**Recommendations**
For makeindex version 2.14 in teTeX, consider restricting the length of filenames to prevent potential buffer overflows until a patch is available. As a temporary workaround, avoid using long filenames with the open sty function to minimize the risk of exploitation.