Vulnerability Details : CVE-2015-8106
Format string vulnerability in the CmdKeywords function in funct1.c in latex2rtf before 2.3.10 allows remote attackers to execute arbitrary code via format string specifiers in the \keywords command in a crafted TeX file.
Vulnerability category: OverflowExecute code
Products affected by CVE-2015-8106
- cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
- cpe:2.3:a:latex2rtf_project:latex2rtf:2.3.8:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2015-8106
4.08%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 92 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2015-8106
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST | |
7.8
|
HIGH | CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
CWE ids for CVE-2015-8106
-
The product uses a function that accepts a format string as an argument, but the format string originates from an external source.Assigned by: nvd@nist.gov (Primary)
References for CVE-2015-8106
-
http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181276.html
[SECURITY] Fedora 24 Update: latex2rtf-2.3.10-1.fc24
-
http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181677.html
[SECURITY] Fedora 22 Update: latex2rtf-2.3.10-1.fc22
-
http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181725.html
[SECURITY] Fedora 23 Update: latex2rtf-2.3.10-1.fc23
-
https://sourceforge.net/p/latex2rtf/code/1244/
LaTeX to RTF converter / Code / Commit [r1244]
-
https://bugzilla.redhat.com/show_bug.cgi?id=1282492
1282492 – (CVE-2015-8106) CVE-2015-8106 latex2rtf: Format string vulnerability in CmdKeywords
-
http://www.openwall.com/lists/oss-security/2015/11/16/3
oss-security - CVE-2015-8106 - latex2rtf v2.3.8 format string vulnerability
Jump to