CVE-2009-2460
published 2009-07-14CVE-2009-2460: Multiple stack-based buffer overflows in mathtex.cgi in mathTeX, when downloaded before 20090713, have unspecified impact and remote attack vectors.
PriorityP340critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
2.71%
84.1th percentile
Multiple stack-based buffer overflows in mathtex.cgi in mathTeX, when downloaded before 20090713, have unspecified impact and remote attack vectors.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ctan | mathtex | >= 0 < 1.03-1 | 1.03-1 |
| ctan | mathtex | >= 0 < 1.03-1 | 1.03-1 |
| debian | mathtex | < mathtex 1.03-1 (bookworm) | mathtex 1.03-1 (bookworm) |
CVSS provenance
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
osv10.0CRITICAL
vendor_debian10.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Debian
CVE-2009-2460: mathtex - Multiple stack-based buffer overflows in mathtex.cgi in mathTeX, when downloaded...
vendor_debian·2009·CVSS 10.0
CVE-2009-2460 [CRITICAL] CVE-2009-2460: mathtex - Multiple stack-based buffer overflows in mathtex.cgi in mathTeX, when downloaded...
Multiple stack-based buffer overflows in mathtex.cgi in mathTeX, when downloaded before 20090713, have unspecified impact and remote attack vectors.
Scope: local
bookworm: resolved (fixed in 1.03-1)
bullseye: resolved (fixed in 1.03-1)
GHSA
GHSA-35r7-4rp8-9885: Multiple stack-based buffer overflows in mathtex
ghsa_unreviewed·2022-05-02
CVE-2009-2460 [HIGH] CWE-119 GHSA-35r7-4rp8-9885: Multiple stack-based buffer overflows in mathtex
Multiple stack-based buffer overflows in mathtex.cgi in mathTeX, when downloaded before 20090713, have unspecified impact and remote attack vectors.
OSV
CVE-2009-2460: Multiple stack-based buffer overflows in mathtex
osv·2009-07-14·CVSS 10.0
CVE-2009-2460 [CRITICAL] CVE-2009-2460: Multiple stack-based buffer overflows in mathtex
Multiple stack-based buffer overflows in mathtex.cgi in mathTeX, when downloaded before 20090713, have unspecified impact and remote attack vectors.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://groups.google.com/group/comp.text.tex/browse_thread/thread/5d56d3d744351578http://secunia.com/advisories/35816http://www.ocert.org/advisories/ocert-2009-010.htmlhttp://www.securityfocus.com/archive/1/504919/100/0/threadedhttp://www.vupen.com/english/advisories/2009/1875https://exchange.xforce.ibmcloud.com/vulnerabilities/51796http://groups.google.com/group/comp.text.tex/browse_thread/thread/5d56d3d744351578http://secunia.com/advisories/35816http://www.ocert.org/advisories/ocert-2009-010.htmlhttp://www.securityfocus.com/archive/1/504919/100/0/threadedhttp://www.vupen.com/english/advisories/2009/1875https://exchange.xforce.ibmcloud.com/vulnerabilities/51796
2009-07-14
Published