Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5936

Overview

Vulnerability Score 3.6 3.6
CVE Id CVE-2007-5936
Last Modified 05 Nov 2012 10:50:19
Published 13 Nov 2007 05:46:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2007-5936

Summary

dvips in teTeX and TeXlive 2007 and earlier allows local users to obtain sensitive information and modify certain data by creating certain temporary files before they are processed by dviljk, which can then be read or modified in place.

Vulnerable Systems

Application

  • Tetex

  • Tug Texlive 2007


References

FEDORA - FEDORA-2007-3390

CONFIRM - https://issues.rpath.com/browse/RPL-1928

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=368611

VUPEN - ADV-2007-3896

UBUNTU - USN-554-1

SECTRACK - 1019058

BID - 26469

BUGTRAQ - 20080212 FLEA-2008-0006-1 tetex tetex-dvips tetex-fonts

MANDRIVA - MDKSA-2007:230

CONFIRM - http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0266

GENTOO - GLSA-200805-13

GENTOO - GLSA-200711-34

GENTOO - GLSA-200711-26

SECUNIA - 30168

SECUNIA - 28412

SECUNIA - 28107

SECUNIA - 27967

SECUNIA - 27743

SECUNIA - 27718

SECUNIA - 27686

SECUNIA - 27672

SUSE - SUSE-SR:2008:011

SUSE - SUSE-SR:2008:001

CONFIRM - http://bugs.gentoo.org/show_bug.cgi?id=198238

MISC - http://bugs.gentoo.org/attachment.cgi?id=135423

OSVDB - 42238


Last Updated: 27 May 2016 10:47:21