CVE-2024-40445
7.3HIGHA directory traversal vulnerability in forkosh Mime TeX before version 1.77 allows attackers on Windows systems to read or append arbitrary files by manipulating crafted input paths.
Publicado: 4/22/2025Actualizado: 6/23/2025
Descripción
A directory traversal vulnerability in forkosh Mime TeX before version 1.77 allows attackers on Windows systems to read or append arbitrary files by manipulating crafted input paths.
Análisis IAImpulsado por IA
Productos Afectados
ctanmimetex
Referencias
- https://github.com/Oefenweb/mimetex/blob/master/mimetex.c#L12414-L12423Product
- https://github.com/TaiYou-TW/CVE-2024-40445_CVE-2024-40446/MitigationThird Party Advisory
- https://youtu.be/OII16TteaJwBroken Link
- https://youtu.be/W2KPHFNfgrgBroken Link