cbcvebase.

Ctan Mathtex vulnerabilities

9 known vulnerabilities affecting ctan/mathtex.

Total CVEs
9
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL4HIGH5

Vulnerabilities

Page 1 of 1
CVE-2023-51887P2CRITICALCVSS 9.8≤ 1.052024-01-24
CVE-2023-51887 [CRITICAL] CWE-77 CVE-2023-51887: Command Injection vulnerability in Mathtex v.1.05 and before allows a remote attacker to execute arb Command Injection vulnerability in Mathtex v.1.05 and before allows a remote attacker to execute arbitrary code via crafted string in application URL.
nvd
CVE-2023-51889P3CRITICALCVSS 9.8≤ 1.052024-01-24
CVE-2023-51889 [CRITICAL] CWE-787 CVE-2023-51889: Stack Overflow vulnerability in the validate() function in Mathtex v.1.05 and before allows a remote Stack Overflow vulnerability in the validate() function in Mathtex v.1.05 and before allows a remote attacker to execute arbitrary code via crafted string in the application URL.
nvd
CVE-2023-51885P3CRITICALCVSS 9.8≤ 1.052024-01-24
CVE-2023-51885 [CRITICAL] CWE-120 CVE-2023-51885: Buffer Overflow vulnerability in Mathtex v.1.05 and before allows a remote attacker to execute arbit Buffer Overflow vulnerability in Mathtex v.1.05 and before allows a remote attacker to execute arbitrary code via the length of the LaTeX string component.
nvd
CVE-2009-1383P3HIGHCVSS 7.5≥ 0, < 1.03-12009-07-14
CVE-2009-1383 [HIGH] CVE-2009-1383: The getdirective function in mathtex The getdirective function in mathtex.cgi in mathTeX, when downloaded before 20090713, allows remote attackers to execute arbitrary commands via shell metacharacters in the dpi tag.
osv
CVE-2009-2460P3CRITICALCVSS 10.0≥ 0, < 1.03-12009-07-14
CVE-2009-2460 [CRITICAL] CVE-2009-2460: Multiple stack-based buffer overflows in mathtex Multiple stack-based buffer overflows in mathtex.cgi in mathTeX, when downloaded before 20090713, have unspecified impact and remote attack vectors.
osv
CVE-2023-51890P3HIGHCVSS 7.5≤ 1.052024-01-24
CVE-2023-51890 [HIGH] CWE-835 CVE-2023-51890: An infinite loop issue discovered in Mathtex 1.05 and before allows a remote attackers to consume CP An infinite loop issue discovered in Mathtex 1.05 and before allows a remote attackers to consume CPU resources via crafted string in the application URL.
nvd
CVE-2023-51886P3HIGHCVSS 7.5≤ 1.052024-01-24
CVE-2023-51886 [HIGH] CWE-120 CVE-2023-51886: Buffer Overflow vulnerability in the main() function in Mathtex 1.05 and before allows a remote atta Buffer Overflow vulnerability in the main() function in Mathtex 1.05 and before allows a remote attacker to cause a denial of service when using \convertpath.
nvd
CVE-2023-51888P3HIGHCVSS 7.5≤ 1.052024-01-24
CVE-2023-51888 [HIGH] CWE-120 CVE-2023-51888: Buffer Overflow vulnerability in the nomath() function in Mathtex v.1.05 and before allows a remote Buffer Overflow vulnerability in the nomath() function in Mathtex v.1.05 and before allows a remote attacker to cause a denial of service via a crafted string in the application URL.
nvd
CVE-2009-2461P4HIGHCVSS 7.2≥ 0, < 1.03-12009-07-14
CVE-2009-2461 [HIGH] CVE-2009-2461: mathtex mathtex.cgi in mathTeX, when downloaded before 20090713, does not securely create temporary files, which has unspecified impact and local attack vectors.
osv
Ctan Mathtex vulnerabilities | cvebase