CVE-2019-18604
published 2019-10-29CVE-2019-18604: In axohelp.c before 1.3 in axohelp in axodraw2 before 2.1.1b, as distributed in TeXLive and other collections, sprintf is mishandled.
PriorityP343critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
1.93%
77.4th percentile
In axohelp.c before 1.3 in axohelp in axodraw2 before 2.1.1b, as distributed in TeXLive and other collections, sprintf is mishandled.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| axodraw2_project | axodraw2 | <= 2.1.1 | — |
| axohelp.c_project | axohelp.c | < 1.3 | 1.3 |
| debian | texlive-bin | < texlive-bin 2020.20200327.54578-2 (bookworm) | texlive-bin 2020.20200327.54578-2 (bookworm) |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv9.8CRITICAL
vendor_debian9.8CRITICAL
vendor_ubuntu9.8CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
TeX Live vulnerabilities
vendor_ubuntu·2024-03-14·CVSS 9.8
CVE-2024-25262 [CRITICAL] TeX Live vulnerabilities
Title: TeX Live vulnerabilities
Summary: Several security issues were fixed in TeX Live.
It was discovered that TeX Live incorrectly handled certain memory
operations in the embedded axodraw2 tool. An attacker could possibly use
this issue to cause TeX Live to crash, resulting in a denial of service.
This issue only affected Ubuntu 20.04 LTS. (CVE-2019-18604)
It was discovered that TeX Live allowed documents to make arbitrary
network requests. If a user or automated system were tricked into opening a
specially crafted document, a remote attacker could possibly use this issue
to exfiltrate sensitive information, or perform other network-related
attacks. This issue only affected Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS.
(CVE-2023-32668)
It was discovered that TeX Live incorrectly handled c
Debian
CVE-2019-18604: texlive-bin - In axohelp.c before 1.3 in axohelp in axodraw2 before 2.1.1b, as distributed in ...
vendor_debian·2019·CVSS 9.8
CVE-2019-18604 [CRITICAL] CVE-2019-18604: texlive-bin - In axohelp.c before 1.3 in axohelp in axodraw2 before 2.1.1b, as distributed in ...
In axohelp.c before 1.3 in axohelp in axodraw2 before 2.1.1b, as distributed in TeXLive and other collections, sprintf is mishandled.
Scope: local
bookworm: resolved (fixed in 2020.20200327.54578-2)
bullseye: resolved (fixed in 2020.20200327.54578-2)
forky: resolved (fixed in 2020.20200327.54578-2)
sid: resolved (fixed in 2020.20200327.54578-2)
trixie: resolved (fixed in 2020.20200327.54578-2)
OSV
texlive-bin vulnerabilities
osv·2024-03-14·CVSS 9.8
CVE-2019-18604 [CRITICAL] texlive-bin vulnerabilities
texlive-bin vulnerabilities
It was discovered that TeX Live incorrectly handled certain memory
operations in the embedded axodraw2 tool. An attacker could possibly use
this issue to cause TeX Live to crash, resulting in a denial of service.
This issue only affected Ubuntu 20.04 LTS. (CVE-2019-18604)
It was discovered that TeX Live allowed documents to make arbitrary
network requests. If a user or automated system were tricked into opening a
specially crafted document, a remote attacker could possibly use this issue
to exfiltrate sensitive information, or perform other network-related
attacks. This issue only affected Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS.
(CVE-2023-32668)
It was discovered that TeX Live incorrectly handled certain TrueType fonts.
If a user or automated system were tric
GHSA
GHSA-hfg3-f7fm-c9xc: In axohelp
ghsa_unreviewed·2022-05-24
CVE-2019-18604 [CRITICAL] CWE-20 GHSA-hfg3-f7fm-c9xc: In axohelp
In axohelp.c before 1.3 in axohelp in axodraw2 before 2.1.1b, as distributed in TeXLive and other collections, sprintf is mishandled.
OSV
CVE-2019-18604: In axohelp
osv·2019-10-29·CVSS 9.8
CVE-2019-18604 [CRITICAL] CVE-2019-18604: In axohelp
In axohelp.c before 1.3 in axohelp in axodraw2 before 2.1.1b, as distributed in TeXLive and other collections, sprintf is mishandled.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://github.com/TeX-Live/texlive-source/commit/9216833a3888a4105a18e8c349f65b045ddb1079#diff-987e40c0e27ee43f6a2414ada73a191ahttps://lists.debian.org/debian-lts-announce/2023/05/msg00033.htmlhttps://github.com/TeX-Live/texlive-source/commit/9216833a3888a4105a18e8c349f65b045ddb1079#diff-987e40c0e27ee43f6a2414ada73a191ahttps://lists.debian.org/debian-lts-announce/2023/05/msg00033.html
2019-10-29
Published