VDB
CVE-2007-0650
CVE-2007-0650
PUBLISHED
CVSS 6.800000190734863 MEDIUM
Buffer overflow in the open_sty function in mkind.c for makeindex 2.14 in teTeX might allow user-assisted remote attackers to overwrite files and possibly execute arbitrary code via a long filename. NOTE: other overflows exist but might not be exploitable, such as a heap-based overflow in the check_idx function.
EPSS 5.27% · 90.2th percentile
Risk Scores
CVSS 2.0
6.800000190734863
EPSS Score
5.27%
90.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| makeindex | makeindex | 2.14 |
| n/a | n/a | n/a |
Exploit Intelligence
- 26982 (circl)
- 23872 (circl)
- tetex-makeindex-opensty-bo(32284) (circl)
- GLSA-200805-13 (circl)
- 30168 (circl)
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=225491 (circl)
- GLSA-200709-17 (circl)
- ADV-2007-1706 (circl)
- MDKSA-2007:109 (circl)
- GLSA-200711-34 (circl)
…and 1 more exploits
Timeline
- Feb 1, 2007 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
- Sep 8, 2023 EPSS Score
References
- 26982 third-party-advisory
- 23872 vdb
- tetex-makeindex-opensty-bo(32284) vdb
- GLSA-200805-13 vendor-advisory
- 30168 third-party-advisory
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=225491 url
- GLSA-200709-17 vendor-advisory
- ADV-2007-1706 vdb
- MDKSA-2007:109 vendor-advisory
- GLSA-200711-34 vendor-advisory
- https://issues.rpath.com/browse/RPL-1036 url
- https://nvd.nist.gov/vuln/detail/CVE-2007-0650 advisory