Log in or Sign up

ShareLaTeX vulnerable to remote command execution and information disclosure

Discussion in 'other security issues & news' started by ronjor, Mar 3, 2015.

ronjor Global Moderator

Joined:

Jul 21, 2003

Posts:

164,185

Location:

Texas

Original Release date: 03 Mar 2015 | Last revised: 03 Mar 2015

Overview

ShareLaTeX is a server-based software allowing group collaboration on LaTeX documents. ShareLaTeX prior to version 0.1.3 has been found to be vulnerable to command injections and information disclosure.
Click to expand...

http://www.kb.cert.org/vuls/id/302668

ronjor, Mar 3, 2015

#1
142395 Guest

Woops, thanks for the info.
Good to know someone is watching at the program for vuln.

142395, Mar 6, 2015

#2

(You must log in or sign up to reply here.)

This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.

Accept Learn More...