Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-554-1
HistoryDec 06, 2007 - 12:00 a.m.

teTeX and TeX Live vulnerabilities

2007-12-0600:00:00
ubuntu.com
32

6.5 Medium

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.015 Low

EPSS

Percentile

86.9%

JSON

Releases

  • Ubuntu 7.10
  • Ubuntu 7.04
  • Ubuntu 6.10
  • Ubuntu 6.06

Packages

  • tetex-bin -
  • texlive-bin -

Details

Bastien Roucaries discovered that dvips as included in tetex-bin
and texlive-bin did not properly perform bounds checking. If a
user or automated system were tricked into processing a specially
crafted dvi file, dvips could be made to crash and execute code as
the user invoking the program. (CVE-2007-5935)

Joachim Schrod discovered that the dviljk utilities created
temporary files in an insecure way. Local users could exploit a
race condition to create or overwrite files with the privileges of
the user invoking the program. (CVE-2007-5936)

Joachim Schrod discovered that the dviljk utilities did not
perform bounds checking in many instances. If a user or automated
system were tricked into processing a specially crafted dvi file,
the dviljk utilities could be made to crash and execute code as
the user invoking the program. (CVE-2007-5937)

OSVersionArchitecturePackageVersionFilename
Ubuntu7.10noarchtexlive-extra-utils< 2007-12ubuntu3.1UNKNOWN
Ubuntu7.10noarchlibkpathsea-dev< 2007-12ubuntu3.1UNKNOWN
Ubuntu7.10noarchlibkpathsea4< 2007-12ubuntu3.1UNKNOWN
Ubuntu7.10noarchtexlive-base-bin< 2007-12ubuntu3.1UNKNOWN
Ubuntu7.10noarchtexlive-font-utils< 2007-12ubuntu3.1UNKNOWN
Ubuntu7.10noarchtexlive-lang-indic< 2007-12ubuntu3.1UNKNOWN
Ubuntu7.10noarchtexlive-metapost< 2007-12ubuntu3.1UNKNOWN
Ubuntu7.10noarchtexlive-music< 2007-12ubuntu3.1UNKNOWN
Ubuntu7.10noarchtexlive-omega< 2007-12ubuntu3.1UNKNOWN
Ubuntu7.10noarchtexlive-xetex< 2007-12ubuntu3.1UNKNOWN
Rows per page:
1-10 of 191

Related

nessus 16
gentoo 1
openvas 23
fedora 2
oraclelinux 3
cve 3
prion 3
debiancve 3
ubuntucve 3
redhat 2
centos 2
nessus
nessus
Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : tetex-bin, texlive-bin vulnerabilities (USN-554-1)
2007-12-07 00:00:00
openSUSE 10 Security Update : te_ams (te_ams-4819)
2008-01-08 00:00:00
GLSA-200711-26 : teTeX: Multiple vulnerabilities
2007-11-20 00:00:00
gentoo
gentoo
teTeX: Multiple vulnerabilities
2007-11-18 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-554-1)
2009-03-23 00:00:00
Gentoo Security Advisory GLSA 200711-26 (tetex)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200711-26 (tetex)
2008-09-24 00:00:00
fedora
fedora
[SECURITY] Fedora 8 Update: tetex-3.0-44.3.fc8
2007-11-20 18:04:54
[SECURITY] Fedora 7 Update: tetex-3.0-40.3.fc7
2007-11-20 18:00:44
oraclelinux
oraclelinux
tetex security update
2010-05-06 00:00:00
tetex security update
2010-05-06 00:00:00
tetex security update
2010-05-06 00:00:00
cve
cve
CVE-2007-5936
2007-11-13 22:46:00
CVE-2007-5935
2007-11-13 22:46:00
CVE-2007-5937
2007-11-13 22:46:00
prion
prion
Code injection
2007-11-13 22:46:00
Buffer overflow
2007-11-13 22:46:00
Stack overflow
2007-11-13 22:46:00
debiancve
debiancve
CVE-2007-5936
2007-11-13 22:46:00
CVE-2007-5935
2007-11-13 22:46:00
CVE-2007-5937
2007-11-13 22:46:00
ubuntucve
ubuntucve
CVE-2007-5936
2007-11-13 00:00:00
CVE-2007-5935
2007-11-13 00:00:00
CVE-2007-5937
2007-11-13 00:00:00
redhat
redhat
(RHSA-2010:0401) Moderate: tetex security update
2010-05-06 00:00:00
(RHSA-2010:0399) Moderate: tetex security update
2010-05-06 00:00:00
centos
centos
tetex security update
2010-05-07 22:13:10
tetex security update
2010-05-07 22:21:31

6.5 Medium

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.015 Low

EPSS

Percentile

86.9%

JSON
Related for USN-554-1
nessus16gentoo1openvas23fedora2oraclelinux3cve3prion3debiancve3ubuntucve3redhat2centos2