Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5935

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2007-5935
Last Modified 07 Mar 2011 10:01:31
Published 13 Nov 2007 05:46:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-5935

Summary

Stack-based buffer overflow in hpc.c in dvips in teTeX and TeXlive 2007 and earlier allows user-assisted attackers to execute arbitrary code via a DVI file with a long href tag.

Vulnerable Systems

Application

  • Tetex

  • Tug Texlive 2007


References

FEDORA - FEDORA-2007-3390

CONFIRM - https://issues.rpath.com/browse/RPL-1928

MISC - https://bugzilla.redhat.com/show_bug.cgi?id=368591

VUPEN - ADV-2007-3896

UBUNTU - USN-554-1

SECTRACK - 1019058

BID - 26469

BUGTRAQ - 20080212 FLEA-2008-0006-1 tetex tetex-dvips tetex-fonts

MANDRIVA - MDKSA-2007:230

CONFIRM - http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0266

GENTOO - GLSA-200805-13

GENTOO - GLSA-200711-34

GENTOO - GLSA-200711-26

SECUNIA - 30168

SECUNIA - 28412

SECUNIA - 28107

SECUNIA - 27967

SECUNIA - 27743

SECUNIA - 27718

SECUNIA - 27686

SECUNIA - 27672

SUSE - SUSE-SR:2008:011

SUSE - SUSE-SR:2008:001

CONFIRM - http://bugs.gentoo.org/show_bug.cgi?id=198238

CONFIRM - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=447081


Last Updated: 27 May 2016 10:46:20