CVE-2018-6639

{"id": "CVE-2018-6639", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": true, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2018-02-28T05:29:00.273", "references": [{"url": "http://www.dessci.com/en/dl/", "tags": ["Product", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://drive.google.com/open?id=175_n6KhbOUlu9l0ySw-8QYk0oQbAaoZV", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.dessci.com/en/dl/", "tags": ["Product", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://drive.google.com/open?id=175_n6KhbOUlu9l0ySw-8QYk0oQbAaoZV", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "An out-of-bounds write (Remote Code Execution) issue was discovered in Design Science MathType 6.9c. A size used by memmove is read from the input file. This is fixed in 6.9d."}, {"lang": "es", "value": "Se ha descubierto un problema de escritura fuera de l\u00edmites (ejecuci\u00f3n remota de c\u00f3digo) en Design Science MathType 6.9c. Se lee un tama\u00f1o empleado por memmove desde el archivo de entrada. Esto se ha solucionado en la versi\u00f3n 6.9d."}], "lastModified": "2024-11-21T04:11:02.793", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:wiris:mathtype:6.9c:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6F1B25CD-49B8-44AF-9A11-F0E8E43FEB64"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}