CVE-2009-2459

Multiple unspecified vulnerabilities in mimeTeX, when downloaded before 20090713, have unknown impact and attack vectors related to the (1) \environ, (2) \input, and (3) \counter TeX directives.

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039314.html
http://scary.beasts.org/security/CESA-2009-009.html	Exploit
http://secunia.com/advisories/35752	Vendor Advisory
http://www.vupen.com/english/advisories/2009/1875	Patch Vendor Advisory
http://www.vupen.com/english/advisories/2010/0877
http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039314.html
http://scary.beasts.org/security/CESA-2009-009.html	Exploit
http://secunia.com/advisories/35752	Vendor Advisory
http://www.vupen.com/english/advisories/2009/1875	Patch Vendor Advisory
http://www.vupen.com/english/advisories/2010/0877

Configurations

Configuration 1 (hide)

cpe:2.3:a:forkosh:mimetex:*:*:*:*:*:*:*:*

History

21 Nov 2024, 01:04

Type	Values Removed	Values Added
References	~~() http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039314.html -~~	() http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039314.html -
References	~~() http://scary.beasts.org/security/CESA-2009-009.html - Exploit~~	() http://scary.beasts.org/security/CESA-2009-009.html - Exploit
References	~~() http://secunia.com/advisories/35752 - Vendor Advisory~~	() http://secunia.com/advisories/35752 - Vendor Advisory
References	~~() http://www.vupen.com/english/advisories/2009/1875 - Patch, Vendor Advisory~~	() http://www.vupen.com/english/advisories/2009/1875 - Patch, Vendor Advisory
References	~~() http://www.vupen.com/english/advisories/2010/0877 -~~	() http://www.vupen.com/english/advisories/2010/0877 -

Information

Published : 2009-07-14 20:30

Updated : 2024-11-21 01:04

NVD link : CVE-2009-2459

Mitre link : CVE-2009-2459

CVE.ORG link : CVE-2009-2459

JSON object : View

Products Affected

forkosh

mimetex

CWE

NVD-CWE-noinfo

{"id": "CVE-2009-2459", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": true, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2009-07-14T20:30:00.453", "references": [{"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039314.html", "source": "cve@mitre.org"}, {"url": "http://scary.beasts.org/security/CESA-2009-009.html", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/35752", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2009/1875", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2010/0877", "source": "cve@mitre.org"}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039314.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://scary.beasts.org/security/CESA-2009-009.html", "tags": ["Exploit"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/35752", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2009/1875", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2010/0877", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Multiple unspecified vulnerabilities in mimeTeX, when downloaded before 20090713, have unknown impact and attack vectors related to the (1) \\environ, (2) \\input, and (3) \\counter TeX directives."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades inespec\u00edficas en mimeTeX, cuando se ha descargado antes de 20090713, tiene un impacto desconocido y vectores de ataque relacionados con las directivas TeX (1) \\environ, (2) \\input, and (3) \\counter ."}], "lastModified": "2024-11-21T01:04:55.420", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:forkosh:mimetex:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0205895B-D777-43B6-B4B4-E57B333CAC40", "versionEndIncluding": "1.71"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}