First published: Fri Aug 25 2017(Updated: )
mktexlsr revision 36855, and before revision 36626 as packaged in texlive allows local users to write to arbitrary files via a symlink attack. NOTE: this vulnerability exists due to the reversion of a fix of CVE-2015-5700.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Tug Texlive | =20100722 | |
Tug Texlive | =20110705 | |
Tug Texlive | =20120701 | |
Tug Texlive | =20130530 | |
Tug Texlive | =20140525 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.