CVE-2009-1382

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions mimetex versions prior to 20090713

Description The issue concerns multiple stack-based buffer overflows in mimetex.cgi, part of the mimeTeX package. These overflows can be triggered by a remote attacker via a TeX file containing long picture, circle, or input tags, potentially allowing the execution of arbitrary code. The vulnerability may lead to a breach of confidentiality, integrity, and availability of protected information and can be exploited remotely.

Recommendations For versions prior to 20090713, update to a version released after 20090713 to resolve the issue. As a temporary workaround, consider restricting access to the mimetex.cgi file to minimize the risk of exploitation.

Exploit

Fix

RCE

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

ALT-PU-2020-3206

ALT-PU-2020-3220

ALT-PU-2024-11127

BDU:2015-03488

CVE-2009-1382

DSA-1917-1

Affected Products

Alt Linux

Mimetex

CVE-2009-1382

Weakness Enumeration

Related Identifiers

Affected Products

References · 22