Debian Linux Security Advisory 1917-1 - Several vulnerabilities have been discovered in mimetex, a lightweight alternative to MathML.
f4eec4bd418d00f6295ba89cc77c83571f52da70023e4e2e892335b60cb58dc1
Ubuntu Security Notice 844-1 - Chris Evans discovered that mimeTeX incorrectly handled certain long tags. An attacker could exploit this with a crafted mimeTeX expression and cause a denial of service or possibly execute arbitrary code. Chris Evans discovered that mimeTeX contained certain directives that may be unsuitable for handling untrusted user input. This update fixed the issue by disabling the \\input and \\counter tags.
6ebcdd3ec522f75d7b824d647265faab643b4fafb8577e9bbd25a36e4e4fad79
The mimeTeX and mathTeX CGIs suffer from several buffer overflows as well as command injection which result in remote code execution. Unfortunately mimeTeX and mathTex are provided without version numbers by the maintainer, who releases version-less zip archives. It is therefore impossible to provide affected version numbers.
0181f431cd410e4c33142e0c3e7cd11c54e2c56b58df8719276e741e9c0c3aed