Don’t take LaTeX Files from Strangers

By Stephen Checkoway, Hovav Shacham, and Eric Rescorla.

USENIX ;login:, vol. 35, no. 4 (2010), pages 17–22.


TeX, LaTeX, and BibTeX files are a common method of collaboration for computer science professionals. It is widely assumed by users that LaTeX files are safe; that is, that no significant harm can come of running LaTeX on an arbitrary computer. Unfortunately, this is not the case: In this article we describe how to exploit LaTeX to build a virus that spreads between documents on the MiKTeX distribution on Windows XP as well as how to use malicious documents to steal data from web-based LaTeX previewer services.



@Article{checkoway-shacham-rescorla:texhack:login10, author = {Stephen Checkoway and Hovav Shacham and Eric Rescorla}, title = {Don't Take {\LaTeX} Files from Strangers}, journal = {USENIX ;login:}, year = 2010, volume = 35, number = 4, month = aug, pages = {17-22} }

Navigation: Hovav Shacham // Publications // [CSR10b]