CVE-2004-2167

LaTeX2rtf <1.9.15 - RCE

Title source: llm

Description

Multiple buffer overflows in LaTeX2rtf 1.9.15, and possibly other versions, allow remote attackers to execute arbitrary code via (1) the expandmacro function, and possibly (2) Environments and (3) TranslateCommand.

Exploits (2)

exploitdb WORKING POC VERIFIED

by D. J. Bernstein · cremotelinux

https://www.exploit-db.com/exploits/24622

View Code ZIP pw:eip

nomisec WORKING POC

by uzzzval · poc

https://github.com/uzzzval/cve-2004-2167

View Code ZIP pw:eip

References (6)

[Exploit] http://www.securitytracker.com/alerts/2004/Sep/1011367.html

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/17487

[Product] http://cvs.sourceforge.net/viewcvs.py/latex2rtf/latex2rtf/definitions.c?rev=1.22&view=log

[Exploit, Vendor Advisory] http://www.securityfocus.com/bid/11233

[Third Party Advisory, VDB Entry] http://www.osvdb.org/displayvuln.php?osvdb_id=10216

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/17460

Scores

EPSS 0.0717

EPSS Percentile 91.6%

Details

Status published

Products (1)

latex2rtf/latex2rtf 1.9.15

Published Dec 31, 2004

Tracked Since Feb 18, 2026