CVE-2007-5936

medium

Description

dvips in teTeX and TeXlive 2007 and earlier allows local users to obtain sensitive information and modify certain data by creating certain temporary files before they are processed by dviljk, which can then be read or modified in place.

References

https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html

https://usn.ubuntu.com/554-1/

https://issues.rpath.com/browse/RPL-1928

https://bugzilla.redhat.com/show_bug.cgi?id=368611

http://www.vupen.com/english/advisories/2007/3896

http://www.securitytracker.com/id?1019058

http://www.securityfocus.com/bid/26469

http://www.securityfocus.com/archive/1/487984/100/0/threaded

http://www.mandriva.com/security/advisories?name=MDKSA-2007:230

http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0266

http://security.gentoo.org/glsa/glsa-200805-13.xml

http://security.gentoo.org/glsa/glsa-200711-34.xml

http://security.gentoo.org/glsa/glsa-200711-26.xml

http://secunia.com/advisories/30168

http://secunia.com/advisories/28412

http://secunia.com/advisories/28107

http://secunia.com/advisories/27967

http://secunia.com/advisories/27743

http://secunia.com/advisories/27718

http://secunia.com/advisories/27686

http://secunia.com/advisories/27672

http://osvdb.org/42238

http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html

http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.html

http://bugs.gentoo.org/show_bug.cgi?id=198238

http://bugs.gentoo.org/attachment.cgi?id=135423

Details

Source: Mitre, NVD

Published: 2007-11-13

Updated: 2018-10-15

Risk Information

CVSS v2

Base Score: 3.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:N

Severity: Low

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Severity: Medium

Detections

Analytics