CVE-2007-5936 (GCVE-0-2007-5936)
Vulnerability from cvelistv5
Published
2007-11-13 22:00
Modified
2024-08-07 15:47
Severity ?
CWE
  • n/a
Summary
dvips in teTeX and TeXlive 2007 and earlier allows local users to obtain sensitive information and modify certain data by creating certain temporary files before they are processed by dviljk, which can then be read or modified in place.
References
cve@mitre.org http://bugs.gentoo.org/attachment.cgi?id=135423
cve@mitre.org http://bugs.gentoo.org/show_bug.cgi?id=198238
cve@mitre.org http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.html
cve@mitre.org http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html
cve@mitre.org http://osvdb.org/42238
cve@mitre.org http://secunia.com/advisories/27672 Vendor Advisory
cve@mitre.org http://secunia.com/advisories/27686 Vendor Advisory
cve@mitre.org http://secunia.com/advisories/27718 Vendor Advisory
cve@mitre.org http://secunia.com/advisories/27743 Vendor Advisory
cve@mitre.org http://secunia.com/advisories/27967 Vendor Advisory
cve@mitre.org http://secunia.com/advisories/28107 Vendor Advisory
cve@mitre.org http://secunia.com/advisories/28412 Vendor Advisory
cve@mitre.org http://secunia.com/advisories/30168 Vendor Advisory
cve@mitre.org http://security.gentoo.org/glsa/glsa-200711-26.xml
cve@mitre.org http://security.gentoo.org/glsa/glsa-200711-34.xml
cve@mitre.org http://security.gentoo.org/glsa/glsa-200805-13.xml
cve@mitre.org http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0266
cve@mitre.org http://www.mandriva.com/security/advisories?name=MDKSA-2007:230
cve@mitre.org http://www.securityfocus.com/archive/1/487984/100/0/threaded
cve@mitre.org http://www.securityfocus.com/bid/26469
cve@mitre.org http://www.securitytracker.com/id?1019058
cve@mitre.org http://www.vupen.com/english/advisories/2007/3896
cve@mitre.org https://bugzilla.redhat.com/show_bug.cgi?id=368611
cve@mitre.org https://issues.rpath.com/browse/RPL-1928
cve@mitre.org https://usn.ubuntu.com/554-1/
cve@mitre.org https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html
af854a3a-2127-422b-91ae-364da2661108 http://bugs.gentoo.org/attachment.cgi?id=135423
af854a3a-2127-422b-91ae-364da2661108 http://bugs.gentoo.org/show_bug.cgi?id=198238
af854a3a-2127-422b-91ae-364da2661108 http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.html
af854a3a-2127-422b-91ae-364da2661108 http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html
af854a3a-2127-422b-91ae-364da2661108 http://osvdb.org/42238
af854a3a-2127-422b-91ae-364da2661108 http://secunia.com/advisories/27672 Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 http://secunia.com/advisories/27686 Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 http://secunia.com/advisories/27718 Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 http://secunia.com/advisories/27743 Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 http://secunia.com/advisories/27967 Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 http://secunia.com/advisories/28107 Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 http://secunia.com/advisories/28412 Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 http://secunia.com/advisories/30168 Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 http://security.gentoo.org/glsa/glsa-200711-26.xml
af854a3a-2127-422b-91ae-364da2661108 http://security.gentoo.org/glsa/glsa-200711-34.xml
af854a3a-2127-422b-91ae-364da2661108 http://security.gentoo.org/glsa/glsa-200805-13.xml
af854a3a-2127-422b-91ae-364da2661108 http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0266
af854a3a-2127-422b-91ae-364da2661108 http://www.mandriva.com/security/advisories?name=MDKSA-2007:230
af854a3a-2127-422b-91ae-364da2661108 http://www.securityfocus.com/archive/1/487984/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108 http://www.securityfocus.com/bid/26469
af854a3a-2127-422b-91ae-364da2661108 http://www.securitytracker.com/id?1019058
af854a3a-2127-422b-91ae-364da2661108 http://www.vupen.com/english/advisories/2007/3896
af854a3a-2127-422b-91ae-364da2661108 https://bugzilla.redhat.com/show_bug.cgi?id=368611
af854a3a-2127-422b-91ae-364da2661108 https://issues.rpath.com/browse/RPL-1928
af854a3a-2127-422b-91ae-364da2661108 https://usn.ubuntu.com/554-1/
af854a3a-2127-422b-91ae-364da2661108 https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:47:00.575Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://bugs.gentoo.org/attachment.cgi?id=135423"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-1928"
          },
          {
            "name": "27672",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27672"
          },
          {
            "name": "27743",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27743"
          },
          {
            "name": "SUSE-SR:2008:011",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html"
          },
          {
            "name": "28412",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28412"
          },
          {
            "name": "27686",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27686"
          },
          {
            "name": "USN-554-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/554-1/"
          },
          {
            "name": "42238",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/42238"
          },
          {
            "name": "26469",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/26469"
          },
          {
            "name": "GLSA-200805-13",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200805-13.xml"
          },
          {
            "name": "GLSA-200711-26",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200711-26.xml"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.gentoo.org/show_bug.cgi?id=198238"
          },
          {
            "name": "30168",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30168"
          },
          {
            "name": "ADV-2007-3896",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3896"
          },
          {
            "name": "27718",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27718"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=368611"
          },
          {
            "name": "GLSA-200711-34",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200711-34.xml"
          },
          {
            "name": "27967",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27967"
          },
          {
            "name": "FEDORA-2007-3390",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0266"
          },
          {
            "name": "1019058",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1019058"
          },
          {
            "name": "28107",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28107"
          },
          {
            "name": "MDKSA-2007:230",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:230"
          },
          {
            "name": "20080212 FLEA-2008-0006-1 tetex tetex-dvips tetex-fonts",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/487984/100/0/threaded"
          },
          {
            "name": "SUSE-SR:2008:001",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-11-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "dvips in teTeX and TeXlive 2007 and earlier allows local users to obtain sensitive information and modify certain data by creating certain temporary files before they are processed by dviljk, which can then be read or modified in place."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-15T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://bugs.gentoo.org/attachment.cgi?id=135423"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-1928"
        },
        {
          "name": "27672",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27672"
        },
        {
          "name": "27743",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27743"
        },
        {
          "name": "SUSE-SR:2008:011",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html"
        },
        {
          "name": "28412",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28412"
        },
        {
          "name": "27686",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27686"
        },
        {
          "name": "USN-554-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/554-1/"
        },
        {
          "name": "42238",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/42238"
        },
        {
          "name": "26469",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/26469"
        },
        {
          "name": "GLSA-200805-13",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200805-13.xml"
        },
        {
          "name": "GLSA-200711-26",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200711-26.xml"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.gentoo.org/show_bug.cgi?id=198238"
        },
        {
          "name": "30168",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30168"
        },
        {
          "name": "ADV-2007-3896",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3896"
        },
        {
          "name": "27718",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27718"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=368611"
        },
        {
          "name": "GLSA-200711-34",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200711-34.xml"
        },
        {
          "name": "27967",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27967"
        },
        {
          "name": "FEDORA-2007-3390",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0266"
        },
        {
          "name": "1019058",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1019058"
        },
        {
          "name": "28107",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28107"
        },
        {
          "name": "MDKSA-2007:230",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:230"
        },
        {
          "name": "20080212 FLEA-2008-0006-1 tetex tetex-dvips tetex-fonts",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/487984/100/0/threaded"
        },
        {
          "name": "SUSE-SR:2008:001",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-5936",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "dvips in teTeX and TeXlive 2007 and earlier allows local users to obtain sensitive information and modify certain data by creating certain temporary files before they are processed by dviljk, which can then be read or modified in place."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://bugs.gentoo.org/attachment.cgi?id=135423",
              "refsource": "MISC",
              "url": "http://bugs.gentoo.org/attachment.cgi?id=135423"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-1928",
              "refsource": "CONFIRM",
              "url": "https://issues.rpath.com/browse/RPL-1928"
            },
            {
              "name": "27672",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27672"
            },
            {
              "name": "27743",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27743"
            },
            {
              "name": "SUSE-SR:2008:011",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html"
            },
            {
              "name": "28412",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28412"
            },
            {
              "name": "27686",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27686"
            },
            {
              "name": "USN-554-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/554-1/"
            },
            {
              "name": "42238",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/42238"
            },
            {
              "name": "26469",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/26469"
            },
            {
              "name": "GLSA-200805-13",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200805-13.xml"
            },
            {
              "name": "GLSA-200711-26",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200711-26.xml"
            },
            {
              "name": "http://bugs.gentoo.org/show_bug.cgi?id=198238",
              "refsource": "CONFIRM",
              "url": "http://bugs.gentoo.org/show_bug.cgi?id=198238"
            },
            {
              "name": "30168",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30168"
            },
            {
              "name": "ADV-2007-3896",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/3896"
            },
            {
              "name": "27718",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27718"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=368611",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=368611"
            },
            {
              "name": "GLSA-200711-34",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200711-34.xml"
            },
            {
              "name": "27967",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27967"
            },
            {
              "name": "FEDORA-2007-3390",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html"
            },
            {
              "name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0266",
              "refsource": "CONFIRM",
              "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0266"
            },
            {
              "name": "1019058",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1019058"
            },
            {
              "name": "28107",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28107"
            },
            {
              "name": "MDKSA-2007:230",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:230"
            },
            {
              "name": "20080212 FLEA-2008-0006-1 tetex tetex-dvips tetex-fonts",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/487984/100/0/threaded"
            },
            {
              "name": "SUSE-SR:2008:001",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-5936",
    "datePublished": "2007-11-13T22:00:00",
    "dateReserved": "2007-11-13T00:00:00",
    "dateUpdated": "2024-08-07T15:47:00.575Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2007-5936\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2007-11-13T22:46:00.000\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"dvips in teTeX and TeXlive 2007 and earlier allows local users to obtain sensitive information and modify certain data by creating certain temporary files before they are processed by dviljk, which can then be read or modified in place.\"},{\"lang\":\"es\",\"value\":\"dvips en teTex y TeXlive 2007 y anteriores permite a usuarios locales obtener informaci\u00f3n sensible y modificar ciertos datos a trav\u00e9s de la creaci\u00f3n de ciertos archivos temporales antes de que sean procesados por dviljk, lo cual permite que puedan ser leidos o modificados en el lugar.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:P/A:N\",\"baseScore\":3.6,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.9,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tetex:tetex:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87CCAA71-B817-48A0-81C0-9E4DC4953C9C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tug:texlive_2007:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B01AD712-1D5C-49B6-AF51-4A4A2BA3FD83\"}]}]}],\"references\":[{\"url\":\"http://bugs.gentoo.org/attachment.cgi?id=135423\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://bugs.gentoo.org/show_bug.cgi?id=198238\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://osvdb.org/42238\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/27672\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/27686\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/27718\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/27743\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/27967\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28107\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28412\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/30168\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://security.gentoo.org/glsa/glsa-200711-26.xml\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://security.gentoo.org/glsa/glsa-200711-34.xml\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://security.gentoo.org/glsa/glsa-200805-13.xml\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0266\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDKSA-2007:230\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/487984/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/26469\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securitytracker.com/id?1019058\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/3896\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=368611\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://issues.rpath.com/browse/RPL-1928\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://usn.ubuntu.com/554-1/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://bugs.gentoo.org/attachment.cgi?id=135423\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://bugs.gentoo.org/show_bug.cgi?id=198238\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://osvdb.org/42238\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/27672\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/27686\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/27718\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/27743\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/27967\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28107\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/28412\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/30168\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://security.gentoo.org/glsa/glsa-200711-26.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://security.gentoo.org/glsa/glsa-200711-34.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://security.gentoo.org/glsa/glsa-200805-13.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0266\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDKSA-2007:230\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/487984/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/26469\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1019058\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/3896\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=368611\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://issues.rpath.com/browse/RPL-1928\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://usn.ubuntu.com/554-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}],\"vendorComments\":[{\"organization\":\"Red Hat\",\"comment\":\"Not vulnerable.\\n\\nteTeX is packaged without the dviljk binary in Red Hat Enterprise Linux, making it impossible to exploit this flaw. We are however including this fix in RHSA-2010:0399, RHSA-2010:0400, and RHSA-2010:0401 in the event the binary is shipped in the future.\",\"lastModified\":\"2010-05-06T00:00:00\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.