The mimeTeX and mathTeX CGIs suffer from several buffer overflows as well as command injection which result in remote code execution. Unfortunately mimeTeX and mathTex are provided without version numbers by the maintainer, who releases version-less zip archives. It is therefore impossible to provide affected version numbers.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/79181/oCERT-2009-010.txt
Source: https://packetstormsecurity.com/files/79181/Open-Source-CERT-Security-Advisory-2009.10.html