Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2007-5936

dvips in teTeX and TeXlive 2007 and earlier allows local users to obtain sensitive information and modify certain data by creating certain temporary files before they are processed by dviljk, which can then be read or modified in place.

Published

2007-11-13T22:46:00.000

Last Modified

2025-04-09T00:30:58.490

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 3.6 (LOW)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:P/I:P/A:N

Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: PARTIAL
Availability Impact: NONE

Exploitability Score

3.9

Impact Score

4.9

Weaknesses

Type: Primary
CWE-264

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	tetex	tetex	*	Yes
Application	tug	texlive_2007	*	Yes

References

http://bugs.gentoo.org/attachment.cgi?id=135423 ([email protected])
http://bugs.gentoo.org/show_bug.cgi?id=198238 ([email protected])
http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.html ([email protected])
http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html ([email protected])
http://osvdb.org/42238 ([email protected])
http://secunia.com/advisories/27672 Vendor Advisory ([email protected])
http://secunia.com/advisories/27686 Vendor Advisory ([email protected])
http://secunia.com/advisories/27718 Vendor Advisory ([email protected])
http://secunia.com/advisories/27743 Vendor Advisory ([email protected])
http://secunia.com/advisories/27967 Vendor Advisory ([email protected])
http://secunia.com/advisories/28107 Vendor Advisory ([email protected])
http://secunia.com/advisories/28412 Vendor Advisory ([email protected])
http://secunia.com/advisories/30168 Vendor Advisory ([email protected])
http://security.gentoo.org/glsa/glsa-200711-26.xml ([email protected])
http://security.gentoo.org/glsa/glsa-200711-34.xml ([email protected])
http://security.gentoo.org/glsa/glsa-200805-13.xml ([email protected])
http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0266 ([email protected])
http://www.mandriva.com/security/advisories?name=MDKSA-2007:230 ([email protected])
http://www.securityfocus.com/archive/1/487984/100/0/threaded ([email protected])
http://www.securityfocus.com/bid/26469 ([email protected])
http://www.securitytracker.com/id?1019058 ([email protected])
http://www.vupen.com/english/advisories/2007/3896 ([email protected])
https://bugzilla.redhat.com/show_bug.cgi?id=368611 ([email protected])
https://issues.rpath.com/browse/RPL-1928 ([email protected])
https://usn.ubuntu.com/554-1/ ([email protected])
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html ([email protected])
http://bugs.gentoo.org/attachment.cgi?id=135423 (af854a3a-2127-422b-91ae-364da2661108)
http://bugs.gentoo.org/show_bug.cgi?id=198238 (af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.html (af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html (af854a3a-2127-422b-91ae-364da2661108)
http://osvdb.org/42238 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/27672 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/27686 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/27718 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/27743 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/27967 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/28107 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/28412 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/30168 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://security.gentoo.org/glsa/glsa-200711-26.xml (af854a3a-2127-422b-91ae-364da2661108)
http://security.gentoo.org/glsa/glsa-200711-34.xml (af854a3a-2127-422b-91ae-364da2661108)
http://security.gentoo.org/glsa/glsa-200805-13.xml (af854a3a-2127-422b-91ae-364da2661108)
http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0266 (af854a3a-2127-422b-91ae-364da2661108)
http://www.mandriva.com/security/advisories?name=MDKSA-2007:230 (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/487984/100/0/threaded (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/26469 (af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id?1019058 (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2007/3896 (af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=368611 (af854a3a-2127-422b-91ae-364da2661108)
https://issues.rpath.com/browse/RPL-1928 (af854a3a-2127-422b-91ae-364da2661108)
https://usn.ubuntu.com/554-1/ (af854a3a-2127-422b-91ae-364da2661108)
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html (af854a3a-2127-422b-91ae-364da2661108)