CVE-2024-40445

CVSS 7.3 HIGHEPSS 0.6%CWE-77

A directory traversal vulnerability in forkosh Mime TeX before version 1.77 allows attackers on Windows systems to read or append arbitrary files by manipulating crafted input paths.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Productos afectados

n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://github.com/Oefenweb/mimetex/blob/master/mimetex.c#L12414-L12423 https://github.com/TaiYou-TW/CVE-2024-40445_CVE-2024-40446/https://youtu.be/OII16TteaJw https://youtu.be/W2KPHFNfgrg