oval:org.mitre.oval:def:13271
| Definition Id: oval:org.mitre.oval:def:13271 | |||
| Oval ID: | oval:org.mitre.oval:def:13271 | ||
| Title: | DSA-1917-1 mimetex -- several vulnerabilities | ||
| Description: | Several vulnerabilities have been discovered in mimetex, a lightweight alternative to MathML. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-1382 Chris Evans and Damien Miller, discovered multiple stack-based buffer overflow. An attacker could execute arbitrary code via a TeX file with long picture, circle, input tags. CVE-2009-2459 Chris Evans discovered that mimeTeX contained certain directives that may be unsuitable for handling untrusted user input. A remote attacker can obtain sensitive information. For the oldstable distribution, these problems have been fixed in version 1.50-1+etch1. Due to a bug in the archive system, the fix for the stable distribution will be released as version 1.50-1+lenny1 once it is available. For the testing distribution, and the unstable distribution, these problems have been fixed in version 1.50-1.1. We recommend that you upgrade your mimetex packages. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-1917-1 CVE-2009-1382 CVE-2009-2459 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 4.0 | Product(s): | mimetex |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:6461 | |||
| Oval ID: | oval:org.mitre.oval:def:6461 | ||
| Title: | Debian GNU/Linux 4.0 is installed. | ||
| Description: | Debian GNU/Linux 4.0 (etch) is installed | ||
| Family: | unix | Class: | inventory |
| Reference(s): | cpe:/o:debian:debian_gnu/linux:4.0 | Version: | 9 |
| Platform(s): | Debian GNU/Linux 4.0 | Product(s): | |
| Definition Synopsis: | |||
| Referenced By: | |||
| oval:org.mitre.oval:def:13271 | |||
