CVE-2009-2461

mathtex.cgi in mathTeX, when downloaded before 20090713, does not securely create temporary files, which has unspecified impact and local attack vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.2 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:C/I:C/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 18%
VendorProductVersion
forkoshmathtex
𝑥
≤ 1.02
forkoshmathtex
1.00
forkoshmathtex
1.01
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
mathtex
bullseye
1.03-1
fixed
bookworm
1.03-1.1
fixed
sid
1.03-3
fixed
trixie
1.03-3
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
mathtex
natty
not-affected
maverick
not-affected
lucid
not-affected
karmic
ignored
jaunty
dne
intrepid
dne
hardy
dne
dapper
dne
Common Weakness Enumeration
References
http://groups.google.com/group/comp.text.tex/browse_thread/thread/5d56d3d744351578
http://secunia.com/advisories/35816
http://www.ocert.org/advisories/ocert-2009-010.html
http://www.securityfocus.com/archive/1/504919/100/0/threaded
http://www.vupen.com/english/advisories/2009/1875
https://exchange.xforce.ibmcloud.com/vulnerabilities/51797
http://groups.google.com/group/comp.text.tex/browse_thread/thread/5d56d3d744351578
http://secunia.com/advisories/35816
http://www.ocert.org/advisories/ocert-2009-010.html
http://www.securityfocus.com/archive/1/504919/100/0/threaded
http://www.vupen.com/english/advisories/2009/1875
https://exchange.xforce.ibmcloud.com/vulnerabilities/51797