Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

Mageia Linux Local Check: mgasa-2015-0453

Information

Severity

Severity

Critical

Family

Family

Mageia Linux Local Security Checks

CVSSv2 Base

CVSSv2 Base

9.3

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Solution Type

Solution Type

Vendor Patch

Created

Created

8 years ago

Modified

Modified

5 years ago

Summary

Mageia Linux Local Security Checks mgasa-2015-0453

Insight

Insight

A format string vulnerability was found in CmdKeywords function when processing \keywords command in tex file. When the user runs latex2rtf with malicious crafted tex file, an attacker can execute arbitrary code. The variable 'keywords' in the function CmdKeywords may hold a malicious input string, which can be used as a format argument of vsnprintf (CVE-2015-8106).

Solution

Solution

Update the affected packages to the latest available version.

Common Vulnerabilities and Exposures (CVE)