MidnightBSD

Advisories for wolfram_research

CVE-2001-1057 MEDIUM

The License Manager (mathlm) for Mathematica 4.0 and 4.1 allows remote attackers to cause a denial of service (resource exhaustion) by connecting to port 16286 and not disconnecting, which prevents users from making license requests.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
wolfram_research mathematica 4.0
wolfram_research mathematica 4.1
CVE-2001-1058 HIGH

The License Manager (mathlm) for Mathematica 4.0 and 4.1 allows remote attackers to bypass access control (specified by the -restrict argument) and steal a license via a client request that includes the name of a host that is allowed to obtain the license.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
wolfram_research mathematica 4.0
wolfram_research mathematica 4.1
CVE-2002-0926 MEDIUM

Directory traversal vulnerability in Wolfram Research webMathematica 1.0.0 and 1.0.0.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the MSPStoreID parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
wolfram_research webmathematica 4.0_amateur
wolfram_research webmathematica 4.0_professional
CVE-2010-2027 LOW

Mathematica 7, when running on Linux, allows local users to overwrite arbitrary files via a symlink attack on (1) files within /tmp/MathLink/ or (2) /tmp/fonts$$.conf.

CVSS 2.0

Severity: LOW

Problem Type: CWE-59,

Products Affected

Vendor Product Version
wolfram_research mathematica 7