Buffer Overflow in Texinfo Commands Affects Various Linux Distributions
CVE-2006-4810

Currently unrated

Key Information:

Vendor: Gnu
Status: Texinfo
Vendor: CVE Published:; 8 November 2006

What is CVE-2006-4810?

A buffer overflow vulnerability exists in the readline function located in util/texindex.c, utilized by the texi2dvi and texindex commands of Texinfo. Local users can exploit this vulnerability by supplying a specially crafted Texinfo file, potentially enabling the execution of arbitrary code. This affects Texinfo version 4.8 and earlier, posing a significant risk across various Linux distributions that are incorporating these commands. Users are encouraged to apply security patches and updates to mitigate this risk.

References

http://secunia.com/advisories/22725

third-party-advisoryx_refsource_SECUNIA

http://www.mandriva.com/security/advisories?name=MDKSA-20...

vendor-advisoryx_refsource_MANDRIVA

http://www.redhat.com/support/errata/RHSA-2006-0727.html

vendor-advisoryx_refsource_REDHAT

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 8, 2006
Vulnerability Reserved
Sep 15, 2006

Gnu

What is CVE-2006-4810?

References

Timeline