CVE-2007-0650 — Vulnetix

Try Vulnetix Request Demo

CVE-2007-0650 PUBLISHED CVSS 6.800000190734863 MEDIUM

Buffer overflow in the open_sty function in mkind.c for makeindex 2.14 in teTeX might allow user-assisted remote attackers to overwrite files and possibly execute arbitrary code via a long filename. NOTE: other overflows exist but might not be exploitable, such as a heap-based overflow in the check_idx function.

EPSS 5.27% · 89.9th percentile

Risk Scores

CVSS v2.0

6.800000190734863

EPSS Score

5.27%

89.9th percentile

Affected Products

Vendor	Product	Versions
makeindex	makeindex	2.14
n/a	n/a	n/a

Timeline

Feb 1, 2007 CVE Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 28, 2023 EPSS Score
May 19, 2023 EPSS Score
Jul 10, 2023 EPSS Score
Aug 31, 2023 EPSS Score

References

26982 third-party-advisory
23872 vdb
tetex-makeindex-opensty-bo(32284) vdb
GLSA-200805-13 vendor-advisory
30168 third-party-advisory
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=225491 url
GLSA-200709-17 vendor-advisory
ADV-2007-1706 vdb
MDKSA-2007:109 vendor-advisory
GLSA-200711-34 vendor-advisory
https://issues.rpath.com/browse/RPL-1036 url
https://nvd.nist.gov/vuln/detail/CVE-2007-0650 advisory

Open in Interactive Console →