CVE-2009-2944

Incomplete blacklist vulnerability in the teximg plugin in ikiwiki before 3.1415926 and 2.x before 2.53.4 allows context-dependent attackers to read arbitrary files via crafted TeX commands.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 66%
VendorProductVersion
ikiwikiikiwiki
𝑥
≤ 3.141592
ikiwikiikiwiki
2.0
ikiwikiikiwiki
2.00
ikiwikiikiwiki
2.1
ikiwikiikiwiki
2.2
ikiwikiikiwiki
2.3
ikiwikiikiwiki
2.4
ikiwikiikiwiki
2.5
ikiwikiikiwiki
2.6
ikiwikiikiwiki
2.6.1
ikiwikiikiwiki
2.7
ikiwikiikiwiki
2.8
ikiwikiikiwiki
2.9
ikiwikiikiwiki
2.10
ikiwikiikiwiki
2.11
ikiwikiikiwiki
2.12
ikiwikiikiwiki
2.13
ikiwikiikiwiki
2.14
ikiwikiikiwiki
2.15
ikiwikiikiwiki
2.16
ikiwikiikiwiki
2.17
ikiwikiikiwiki
2.18
ikiwikiikiwiki
2.19
ikiwikiikiwiki
2.20
ikiwikiikiwiki
2.30
ikiwikiikiwiki
2.31
ikiwikiikiwiki
2.31.1
ikiwikiikiwiki
2.31.2
ikiwikiikiwiki
2.31.3
ikiwikiikiwiki
2.40
ikiwikiikiwiki
2.41
ikiwikiikiwiki
2.42
ikiwikiikiwiki
2.43
ikiwikiikiwiki
2.44
ikiwikiikiwiki
2.45
ikiwikiikiwiki
2.46
ikiwikiikiwiki
2.47
ikiwikiikiwiki
2.48
ikiwikiikiwiki
2.49
ikiwikiikiwiki
2.50
ikiwikiikiwiki
2.51
ikiwikiikiwiki
2.52
ikiwikiikiwiki
2.53
ikiwikiikiwiki
2.54
ikiwikiikiwiki
2.55
ikiwikiikiwiki
2.56
ikiwikiikiwiki
2.60
ikiwikiikiwiki
2.61
ikiwikiikiwiki
2.62
ikiwikiikiwiki
2.62.1
ikiwikiikiwiki
2.63
ikiwikiikiwiki
2.64
ikiwikiikiwiki
2.65
ikiwikiikiwiki
2.66
ikiwikiikiwiki
2.67
ikiwikiikiwiki
2.68
ikiwikiikiwiki
2.69
ikiwikiikiwiki
2.70
ikiwikiikiwiki
2.71
ikiwikiikiwiki
2.72
ikiwikiikiwiki
3.0
ikiwikiikiwiki
3.00
ikiwikiikiwiki
3.01
ikiwikiikiwiki
3.02
ikiwikiikiwiki
3.03
ikiwikiikiwiki
3.04
ikiwikiikiwiki
3.06
ikiwikiikiwiki
3.07
ikiwikiikiwiki
3.08
ikiwikiikiwiki
3.09
ikiwikiikiwiki
3.10
ikiwikiikiwiki
3.11
ikiwikiikiwiki
3.12
ikiwikiikiwiki
3.13
ikiwikiikiwiki
3.14
ikiwikiikiwiki
3.141
ikiwikiikiwiki
3.1415
ikiwikiikiwiki
3.14159
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
ikiwiki
bookworm
3.20200202.3-1
fixed
bullseye
3.20200202.3-1
fixed
sid
3.20200202.4-2.1
fixed
trixie
3.20200202.4-2.1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
ikiwiki
oneiric
not-affected
natty
not-affected
maverick
not-affected
lucid
not-affected
karmic
ignored
jaunty
ignored
intrepid
ignored
hardy
ignored
dapper
dne
References
http://ikiwiki.info/security/#index35h2
http://osvdb.org/57575
http://secunia.com/advisories/36516
http://secunia.com/advisories/36539
http://www.debian.org/security/2009/dsa-1875
http://www.securityfocus.com/bid/36181
http://www.vupen.com/english/advisories/2009/2475
https://exchange.xforce.ibmcloud.com/vulnerabilities/52922
http://ikiwiki.info/security/#index35h2
http://osvdb.org/57575
http://secunia.com/advisories/36516
http://secunia.com/advisories/36539
http://www.debian.org/security/2009/dsa-1875
http://www.securityfocus.com/bid/36181
http://www.vupen.com/english/advisories/2009/2475
https://exchange.xforce.ibmcloud.com/vulnerabilities/52922