Vulnerability Description
dvips in teTeX and TeXlive 2007 and earlier allows local users to obtain sensitive information and modify certain data by creating certain temporary files before they are processed by dviljk, which can then be read or modified in place.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Tetex | Tetex | All versions |
| Tug | Texlive 2007 | All versions |
Related Weaknesses (CWE)
References
- http://bugs.gentoo.org/attachment.cgi?id=135423
- http://bugs.gentoo.org/show_bug.cgi?id=198238
- http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.html
- http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html
- http://osvdb.org/42238
- http://secunia.com/advisories/27672Vendor Advisory
- http://secunia.com/advisories/27686Vendor Advisory
- http://secunia.com/advisories/27718Vendor Advisory
- http://secunia.com/advisories/27743Vendor Advisory
- http://secunia.com/advisories/27967Vendor Advisory
- http://secunia.com/advisories/28107Vendor Advisory
- http://secunia.com/advisories/28412Vendor Advisory
- http://secunia.com/advisories/30168Vendor Advisory
- http://security.gentoo.org/glsa/glsa-200711-26.xml
- http://security.gentoo.org/glsa/glsa-200711-34.xml
FAQ
What is CVE-2007-5936?
CVE-2007-5936 is a vulnerability with a CVSS score of 3.6 (LOW). dvips in teTeX and TeXlive 2007 and earlier allows local users to obtain sensitive information and modify certain data by creating certain temporary files before they are processed by dviljk, which ca...
How severe is CVE-2007-5936?
CVE-2007-5936 has been rated LOW with a CVSS base score of 3.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-5936?
Check the references section above for vendor advisories and patch information. Affected products include: Tetex Tetex, Tug Texlive 2007.