PT-2018-17691 · Design Science · Mathtype

Published

2018-02-28

Updated

2021-05-27

CVE-2018-6641

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Design Science MathType version 6.9c

Description A Remote Code Execution issue was discovered, where crafted input can overwrite a structure, leading to a function call with an invalid parameter, and a subsequent free of important data.

Recommendations For Design Science MathType version 6.9c, update to version 6.9d to resolve the issue.

Exploit

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

CVE-2018-6641

Affected Products

Mathtype

PT-2018-17691 · Design Science · Mathtype

CVE-2018-6641

Weakness Enumeration

Related Identifiers

Affected Products

References · 4