CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-6641

An Arbitrary Free (Remote Code Execution) issue was discovered in Design Science MathType 6.9c. Crafted input can overwrite a structure, leading to a function call with an invalid parameter, and a subsequent free of important data such as a function pointer or list pointer. This is fixed in 6.9d.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.042

EPSS Ranking 88.3%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

http://www.dessci.com/en/dl/
https://drive.google.com/open?id=1qrHKzDA1daHh0mM2T8FRybL8we-mHRW9
http://www.dessci.com/en/dl/
https://drive.google.com/open?id=1qrHKzDA1daHh0mM2T8FRybL8we-mHRW9

Products affected by CVE-2018-6641

Wiris » Mathtype » Version: 6.9c

cpe:2.3:a:wiris:mathtype:6.9c

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-6641

Products

Pricing

Contact Us