CVE-2017-17513 — Injection in TEX Live

CWE-74 — Injection CWE-20 — Improper Input Validation7 documents6 sources

Severity

8.8HIGHNVD

EPSS

0.5%

top 33.65%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

TUG TEX Live Debian Context Debian Texlive-base +1 more

Timeline

PublishedDec 14

Latest updateMay 14

Description

TeX Live through 20170524 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL, related to linked_scripts/context/stubs/unix/mtxrun, texmf-dist/scripts/context/stubs/mswin/mtxrun.lua, and texmf-dist/tex/luatex/lualibs/lualibs-os.lua.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages4 packages

▶debiandebian/context

▶NVDtug/tex_live20170524

▶debiandebian/texlive-bin

▶debiandebian/texlive-base

🔴Vulnerability Details

GHSA

GHSA-5fq9-qwgg-j7pg: TeX Live through 20170524 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remo↗2022-05-14

▶

OSV

CVE-2017-17513: TeX Live through 20170524 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remo↗2017-12-14

▶

📋Vendor Advisories

Red Hat

texlive: Command injection in mswin/mtxrun.lua and lualibs/lualibs-os.lua↗2017-12-14

▶

Debian

CVE-2017-17513: context - TeX Live through 20170524 does not validate strings before launching the program...↗2017

▶

💬Community

Bugzilla

CVE-2017-17513 texlive: Command injection in mswin/mtxrun.lua and lualibs/lualibs-os.lua↗2017-12-14

▶

Bugzilla

CVE-2017-17513 texlive: Command injection in mswin/mtxrun.lua and lualibs/lualibs-os.lua [fedora-all]↗2017-12-14

▶