MathType
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-6640 | 0.01 | — | 0.07 | Feb 28, 2018 | A Heap Overflow (Remote Code Execution) issue was discovered in Design Science MathType 6.9c. Crafted input can modify the next pointer of a linked list. This is fixed in 6.9d. | |||
| CVE-2018-6638 | 0.01 | — | 0.07 | Feb 28, 2018 | A stack-based buffer overflow (Remote Code Execution) issue was discovered in Design Science MathType 6.9c. This occurs in a function call in which the first argument is a corrupted offset value and the second argument is a stack buffer. This is fixed in 6.9d. | |||
| CVE-2022-31372 | 0.00 | — | 0.00 | Jun 16, 2022 | Wiris Mathtype v7.28.0 was discovered to contain a path traversal vulnerability in the resourceFile parameter. This vulnerability is exploited via a crafted request to the resource handler. | |||
| CVE-2018-6641 | 0.00 | — | 0.05 | Feb 28, 2018 | An Arbitrary Free (Remote Code Execution) issue was discovered in Design Science MathType 6.9c. Crafted input can overwrite a structure, leading to a function call with an invalid parameter, and a subsequent free of important data such as a function pointer or list pointer. This… | |||
| CVE-2018-6639 | 0.00 | — | 0.04 | Feb 28, 2018 | An out-of-bounds write (Remote Code Execution) issue was discovered in Design Science MathType 6.9c. A size used by memmove is read from the input file. This is fixed in 6.9d. |
- CVE-2018-6640Feb 28, 2018risk 0.01cvss —epss 0.07
A Heap Overflow (Remote Code Execution) issue was discovered in Design Science MathType 6.9c. Crafted input can modify the next pointer of a linked list. This is fixed in 6.9d.
- CVE-2018-6638Feb 28, 2018risk 0.01cvss —epss 0.07
A stack-based buffer overflow (Remote Code Execution) issue was discovered in Design Science MathType 6.9c. This occurs in a function call in which the first argument is a corrupted offset value and the second argument is a stack buffer. This is fixed in 6.9d.
- CVE-2022-31372Jun 16, 2022risk 0.00cvss —epss 0.00
Wiris Mathtype v7.28.0 was discovered to contain a path traversal vulnerability in the resourceFile parameter. This vulnerability is exploited via a crafted request to the resource handler.
- CVE-2018-6641Feb 28, 2018risk 0.00cvss —epss 0.05
An Arbitrary Free (Remote Code Execution) issue was discovered in Design Science MathType 6.9c. Crafted input can overwrite a structure, leading to a function call with an invalid parameter, and a subsequent free of important data such as a function pointer or list pointer. This…
- CVE-2018-6639Feb 28, 2018risk 0.00cvss —epss 0.04
An out-of-bounds write (Remote Code Execution) issue was discovered in Design Science MathType 6.9c. A size used by memmove is read from the input file. This is fixed in 6.9d.