Be aware from little pieces you use in your web app
Page 1 of 1
Be aware from little pieces you use in your web app
I've just released the technical details behind some recently fixed vulnerabilities in mimetex:
http://scary.beasts.org/security/CESA-2009-009.html
"mimetex" is a little binary (written in the C language) used to render mathematical equations based on the TeX language. It looks very nice and is a cool concept to embed it in web apps. You can use a Google search to locate places that use it:
http://images.google.com/images?hl=en&q=inurl:mimetex.cgi
Unfortunately, the binary suffered from various classic stack-based buffer overflows as well as some commands that might leak inappropriate information.
So be careful what random little binaries and pieces you use to beef up your web app.
http://scary.beasts.org/security/CESA-2009-009.html
"mimetex" is a little binary (written in the C language) used to render mathematical equations based on the TeX language. It looks very nice and is a cool concept to embed it in web apps. You can use a Google search to locate places that use it:
http://images.google.com/images?hl=en&q=inurl:mimetex.cgi
Unfortunately, the binary suffered from various classic stack-based buffer overflows as well as some commands that might leak inappropriate information.
So be careful what random little binaries and pieces you use to beef up your web app.
andry- Moderator
- Posts : 467
Join date : 2010-05-07
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum
|
|