Vulnerability Details : CVE-2004-2167
Multiple buffer overflows in LaTeX2rtf 1.9.15, and possibly other versions, allow remote attackers to execute arbitrary code via (1) the expandmacro function, and possibly (2) Environments and (3) TranslateCommand.
Vulnerability category: Execute code
Products affected by CVE-2004-2167
- cpe:2.3:a:latex2rtf:latex2rtf:1.9.15:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2004-2167
11.07%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 95 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2004-2167
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
References for CVE-2004-2167
-
http://cvs.sourceforge.net/viewcvs.py/latex2rtf/latex2rtf/definitions.c?rev=1.22&view=log
LaTeX to RTF converter download | SourceForge.net
-
http://www.securityfocus.com/bid/11233
Exploit;Vendor Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/17460
LaTeX2rtf expandmacro function buffer overflow CVE-2004-2167 Vulnerability Report
-
http://www.securitytracker.com/alerts/2004/Sep/1011367.html
GoDaddy Domain Name SearchExploit
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/17487
LaTeX2rtf Environments and TranslateCommand functions buffer overflows undefined Vulnerability Report
Jump to