CVE-2007-5936
3.6 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:P/A:N
5.6 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
10.1%
dvips in teTeX and TeXlive 2007 and earlier allows local users to obtain sensitive information and modify certain data by creating certain temporary files before they are processed by dviljk, which can then be read or modified in place.
Affected configurations
References
bugs.gentoo.org/attachment.cgi?id=135423
bugs.gentoo.org/show_bug.cgi?id=198238
lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.html
lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html
osvdb.org/42238
secunia.com/advisories/27672
secunia.com/advisories/27686
secunia.com/advisories/27718
secunia.com/advisories/27743
secunia.com/advisories/27967
secunia.com/advisories/28107
secunia.com/advisories/28412
secunia.com/advisories/30168
security.gentoo.org/glsa/glsa-200711-26.xml
security.gentoo.org/glsa/glsa-200711-34.xml
security.gentoo.org/glsa/glsa-200805-13.xml
wiki.rpath.com/wiki/Advisories:rPSA-2007-0266
www.mandriva.com/security/advisories?name=MDKSA-2007:230
www.securityfocus.com/archive/1/487984/100/0/threaded
www.securityfocus.com/bid/26469
www.securitytracker.com/id?1019058
www.vupen.com/english/advisories/2007/3896
bugzilla.redhat.com/show_bug.cgi?id=368611
issues.rpath.com/browse/RPL-1928
usn.ubuntu.com/554-1/
www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html
Related
3.6 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:P/A:N
5.6 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
10.1%