Vulnerabilities > CVE-2007-0650 - Remote Buffer Overflow vulnerability in Makeindex 2.14
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Buffer overflow in the open_sty function in mkind.c for makeindex 2.14 in teTeX might allow user-assisted remote attackers to overwrite files and possibly execute arbitrary code via a long filename. NOTE: other overflows exist but might not be exploitable, such as a heap-based overflow in the check_idx function.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Nessus
NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200709-17.NASL description The remote host is affected by the vulnerability described in GLSA-200709-17 (teTeX: Multiple buffer overflows) Mark Richters discovered a buffer overflow in the open_sty() function in file mkind.c. Other vulnerabilities have also been discovered in the same file but might not be exploitable (CVE-2007-0650). Tetex also includes vulnerable code from GD library (GLSA 200708-05), and from Xpdf (CVE-2007-3387). Impact : A remote attacker could entice a user to process a specially crafted PNG, GIF or PDF file, or to execute last seen 2020-06-01 modified 2020-06-02 plugin id 26215 published 2007-10-03 reporter This script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/26215 title GLSA-200709-17 : teTeX: Multiple buffer overflows NASL family Mandriva Local Security Checks NASL id MANDRAKE_MDKSA-2007-109.NASL description Buffer overflow in the gdImageStringFTEx function in gdft.c in the GD Graphics Library 2.0.33 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted string with a JIS encoded font. Tetex 3.x uses an embedded copy of the gd source and may also be affected by this issue (CVE-2007-0455). A buffer overflow in the open_sty function for makeindex in Tetex could allow user-assisted remote attackers to overwrite files and possibly execute arbitrary code via a long filename (CVE-2007-0650). The updated packages have been patched to prevent these issues. last seen 2020-06-01 modified 2020-06-02 plugin id 25311 published 2007-05-25 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/25311 title Mandrake Linux Security Advisory : tetex (MDKSA-2007:109)
Statements
| contributor | Mark J Cox |
| lastmodified | 2007-02-13 |
| organization | Red Hat |
| statement | Red Hat does not consider this issue to be a security vulnerability. The user would have to voluntarily interact with the attack mechanism to exploit the flaw, and the result would be the ability to run code as themselves. |
References
- http://secunia.com/advisories/26982
- http://secunia.com/advisories/30168
- http://security.gentoo.org/glsa/glsa-200709-17.xml
- http://security.gentoo.org/glsa/glsa-200711-34.xml
- http://security.gentoo.org/glsa/glsa-200805-13.xml
- http://www.mandriva.com/security/advisories?name=MDKSA-2007:109
- http://www.securityfocus.com/bid/23872
- http://www.vupen.com/english/advisories/2007/1706
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=225491
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32284
- https://issues.rpath.com/browse/RPL-1036