CVE-2009-2944

EUVD-2009-2931
Incomplete blacklist vulnerability in the teximg plugin in ikiwiki before 3.1415926 and 2.x before 2.53.4 allows context-dependent attackers to read arbitrary files via crafted TeX commands.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 66%
Affected Products (NVD)
VendorProductVersion
ikiwikiikiwiki
𝑥
≤ 3.141592
ikiwikiikiwiki
2.0
ikiwikiikiwiki
2.00
ikiwikiikiwiki
2.1
ikiwikiikiwiki
2.2
ikiwikiikiwiki
2.3
ikiwikiikiwiki
2.4
ikiwikiikiwiki
2.5
ikiwikiikiwiki
2.6
ikiwikiikiwiki
2.6.1
ikiwikiikiwiki
2.7
ikiwikiikiwiki
2.8
ikiwikiikiwiki
2.9
ikiwikiikiwiki
2.10
ikiwikiikiwiki
2.11
ikiwikiikiwiki
2.12
ikiwikiikiwiki
2.13
ikiwikiikiwiki
2.14
ikiwikiikiwiki
2.15
ikiwikiikiwiki
2.16
ikiwikiikiwiki
2.17
ikiwikiikiwiki
2.18
ikiwikiikiwiki
2.19
ikiwikiikiwiki
2.20
ikiwikiikiwiki
2.30
ikiwikiikiwiki
2.31
ikiwikiikiwiki
2.31.1
ikiwikiikiwiki
2.31.2
ikiwikiikiwiki
2.31.3
ikiwikiikiwiki
2.40
ikiwikiikiwiki
2.41
ikiwikiikiwiki
2.42
ikiwikiikiwiki
2.43
ikiwikiikiwiki
2.44
ikiwikiikiwiki
2.45
ikiwikiikiwiki
2.46
ikiwikiikiwiki
2.47
ikiwikiikiwiki
2.48
ikiwikiikiwiki
2.49
ikiwikiikiwiki
2.50
ikiwikiikiwiki
2.51
ikiwikiikiwiki
2.52
ikiwikiikiwiki
2.53
ikiwikiikiwiki
2.54
ikiwikiikiwiki
2.55
ikiwikiikiwiki
2.56
ikiwikiikiwiki
2.60
ikiwikiikiwiki
2.61
ikiwikiikiwiki
2.62
ikiwikiikiwiki
2.62.1
ikiwikiikiwiki
2.63
ikiwikiikiwiki
2.64
ikiwikiikiwiki
2.65
ikiwikiikiwiki
2.66
ikiwikiikiwiki
2.67
ikiwikiikiwiki
2.68
ikiwikiikiwiki
2.69
ikiwikiikiwiki
2.70
ikiwikiikiwiki
2.71
ikiwikiikiwiki
2.72
ikiwikiikiwiki
3.0
ikiwikiikiwiki
3.00
ikiwikiikiwiki
3.01
ikiwikiikiwiki
3.02
ikiwikiikiwiki
3.03
ikiwikiikiwiki
3.04
ikiwikiikiwiki
3.06
ikiwikiikiwiki
3.07
ikiwikiikiwiki
3.08
ikiwikiikiwiki
3.09
ikiwikiikiwiki
3.10
ikiwikiikiwiki
3.11
ikiwikiikiwiki
3.12
ikiwikiikiwiki
3.13
ikiwikiikiwiki
3.14
ikiwikiikiwiki
3.141
ikiwikiikiwiki
3.1415
ikiwikiikiwiki
3.14159
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
ikiwiki
bookworm
3.20200202.3-1
fixed
bullseye
3.20200202.3-1
fixed
sid
3.20200202.4-2.1
fixed
trixie
3.20200202.4-2.1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
ikiwiki
dapper
dne
hardy
ignored
intrepid
ignored
jaunty
ignored
karmic
ignored
lucid
not-affected
maverick
not-affected
natty
not-affected
oneiric
not-affected
References
http://ikiwiki.info/security/#index35h2
http://osvdb.org/57575
http://secunia.com/advisories/36516
http://secunia.com/advisories/36539
http://www.debian.org/security/2009/dsa-1875
http://www.securityfocus.com/bid/36181
http://www.vupen.com/english/advisories/2009/2475
https://exchange.xforce.ibmcloud.com/vulnerabilities/52922
http://ikiwiki.info/security/#index35h2
http://osvdb.org/57575
http://secunia.com/advisories/36516
http://secunia.com/advisories/36539
http://www.debian.org/security/2009/dsa-1875
http://www.securityfocus.com/bid/36181
http://www.vupen.com/english/advisories/2009/2475
https://exchange.xforce.ibmcloud.com/vulnerabilities/52922