Aggregates CVE and security vulnerability intelligence across all wolfram_research-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk path handling and vendor risk denial of service and related security problems, affecting vendor surface production workloads and vendor surface software deployment scenarios.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2010-2027 | Mathematica 7, when running on Linux, allows local users to overwrite arbitrary files via a symlink attack on (1) files within /tmp/MathLink/ or (2) /tmp/fonts$$.conf. | [email protected] | 1.9 | 0.04% | 2010-05-24 | 2026-04-29 |
| CVE-2002-0926 | Directory traversal vulnerability in Wolfram Research webMathematica 1.0.0 and 1.0.0.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the MSPStoreID parameter. | [email protected] | 5.0 | 18.07% | 2002-10-04 | 2026-04-16 |
| CVE-2001-1058 | The License Manager (mathlm) for Mathematica 4.0 and 4.1 allows remote attackers to bypass access control (specified by the -restrict argument) and steal a license via a client request that includes the name of a host that is allowed to obtain the license. | [email protected] | 7.5 | 0.42% | 2002-02-13 | 2026-04-16 |
| CVE-2001-1057 | The License Manager (mathlm) for Mathematica 4.0 and 4.1 allows remote attackers to cause a denial of service (resource exhaustion) by connecting to port 16286 and not disconnecting, which prevents users from making license requests. | [email protected] | 5.0 | 0.74% | 2001-07-30 | 2026-04-16 |