CVE-2009-1284

BibTeX 0.99 - Denial of Service via Long .bib File

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-1284. PoCs published by Vincent Lafevre.

AI-analyzed exploit summary The provided text describes a memory-corruption vulnerability in BibTeX (CVE-2009-1284) due to improper handling of excessively large '.bib' files, potentially leading to denial-of-service or arbitrary code execution. No actual exploit code is included; it is purely an advisory.

Description

Buffer overflow in BibTeX 0.99 allows context-dependent attackers to cause a denial of service (memory corruption and crash) via a long .bib bibliography file.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Vincent Lafevre · textdoslinux

https://www.exploit-db.com/exploits/10203

View Code ZIP pw:eip

The provided text describes a memory-corruption vulnerability in BibTeX (CVE-2009-1284) due to improper handling of excessively large '.bib' files, potentially leading to denial-of-service or arbitrary code execution. No actual exploit code is included; it is purely an advisory.

Classification

Writeup 90%

Attack Type

Dos

Complexity

Moderate

Reliability

Theoretical

Target: BibTeX (various versions, including those shipped with TeTeX or TexLive)

No auth needed

Prerequisites: Ability to deliver a maliciously crafted .bib file to the target system

MITRE ATT&CK