Bug 20770

Summary: mimeTeX Multiple Vulnerabilities: CVE-2009-1382, CVE-2009-2459
Product: Sisyphus Reporter: Vladimir Lettiev <crux>
Component: mimetexAssignee: Anton Farygin <rider>
Status: CLOSED FIXED QA Contact: qa-sisyphus
Severity: blocker    
Priority: P3 CC: rider, svyt22
Version: unstableKeywords: security
Hardware: all   
OS: Linux   
URL: http://secunia.com/advisories/35752

Description Vladimir Lettiev 2009-07-13 17:03:30 MSD 
Chris Evans has reported some vulnerabilities in mimeTeX, which can be exploited by malicious people to disclose sensitive information or compromise a vulnerable system.

1) Multiple boundary errors when processing TeX input can be exploited to cause buffer overflows via e.g. overly long strings passed in "\picture", \circle", or "\input" expressions.

2) Multiple errors when handling the "\environ", "\input", and "\counter" directives can be exploited to disclose sensitive information.

Problem fixed in version 1.71
Comment 1 Vladimir A. Svyatoshenko 2009-08-29 08:23:30 MSD 
в последней выложенной версии исправлены обнаруженные уязвимости