Vulnerability Description
Multiple buffer overflows in LaTeX2rtf 1.9.15, and possibly other versions, allow remote attackers to execute arbitrary code via (1) the expandmacro function, and possibly (2) Environments and (3) TranslateCommand.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Latex2Rtf | Latex2Rtf | 1.9.15 |
References
- http://cvs.sourceforge.net/viewcvs.py/latex2rtf/latex2rtf/definitions.c?rev=1.22
- http://www.osvdb.org/displayvuln.php?osvdb_id=10216
- http://www.securityfocus.com/bid/11233ExploitVendor Advisory
- http://www.securitytracker.com/alerts/2004/Sep/1011367.htmlExploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17460
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17487
- http://cvs.sourceforge.net/viewcvs.py/latex2rtf/latex2rtf/definitions.c?rev=1.22
- http://www.osvdb.org/displayvuln.php?osvdb_id=10216
- http://www.securityfocus.com/bid/11233ExploitVendor Advisory
- http://www.securitytracker.com/alerts/2004/Sep/1011367.htmlExploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17460
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17487
FAQ
What is CVE-2004-2167?
CVE-2004-2167 is a vulnerability with a CVSS score of 7.5 (HIGH). Multiple buffer overflows in LaTeX2rtf 1.9.15, and possibly other versions, allow remote attackers to execute arbitrary code via (1) the expandmacro function, and possibly (2) Environments and (3) Tra...
How severe is CVE-2004-2167?
CVE-2004-2167 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-2167?
Check the references section above for vendor advisories and patch information. Affected products include: Latex2Rtf Latex2Rtf.