Bug#1061520: mathtex: CVE-2023-51885 CVE-2023-51886 CVE-2023-51887 CVE-2023-51888 CVE-2023-51889 CVE-2023-51890

Salvatore Bonaccorso Thu, 25 Jan 2024 13:00:16 -0800

Source: mathtex
Version: 1.03-2
Severity: important
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org>


Hi,

The following vulnerabilities were published for mathtex.

CVE-2023-51885[0]:
| Buffer Overflow vulnerability in Mathtex v.1.05 and before allows a
| remote attacker to execute arbitrary code via the length of the
| LaTeX string component.


CVE-2023-51886[1]:
| Buffer Overflow vulnerability in the main() function in Mathtex 1.05
| and before allows a remote attacker to cause a denial of service
| when using \convertpath.


CVE-2023-51887[2]:
| Command Injection vulnerability in Mathtex v.1.05 and before allows
| a remote attacker to execute arbitrary code via crafted string in
| application URL.


CVE-2023-51888[3]:
| Buffer Overflow vulnerability in the nomath() function in Mathtex
| v.1.05 and before allows a remote attacker to cause a denial of
| service via a crafted string in the application URL.


CVE-2023-51889[4]:
| Stack Overflow vulnerability in the validate() function in Mathtex
| v.1.05 and before allows a remote attacker to execute arbitrary code
| via crafted string in the application URL.


CVE-2023-51890[5]:
| An infinite loop issue discovered in Mathtex 1.05 and before allows
| a remote attackers to consume CPU resources via crafted string in
| the application URL.

[6] contains the "fuzzing mathtex" report.

If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2023-51885
    https://www.cve.org/CVERecord?id=CVE-2023-51885
[1] https://security-tracker.debian.org/tracker/CVE-2023-51886
    https://www.cve.org/CVERecord?id=CVE-2023-51886
[2] https://security-tracker.debian.org/tracker/CVE-2023-51887
    https://www.cve.org/CVERecord?id=CVE-2023-51887
[3] https://security-tracker.debian.org/tracker/CVE-2023-51888
    https://www.cve.org/CVERecord?id=CVE-2023-51888
[4] https://security-tracker.debian.org/tracker/CVE-2023-51889
    https://www.cve.org/CVERecord?id=CVE-2023-51889
[5] https://security-tracker.debian.org/tracker/CVE-2023-51890
    https://www.cve.org/CVERecord?id=CVE-2023-51890
[6] https://blog.yulun.ac.cn/posts/2023/fuzzing-mathtex/

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Bug#1061520: mathtex: CVE-2023-51885 CVE-2023-51886 CVE-2023-51887 CVE-2023-51888 CVE-2023-51889 CVE-2023-51890

Reply via email to