CVE-2007-5936

Sažetak

dvips in teTeX and TeXlive 2007 and earlier allows local users to obtain sensitive information and modify certain data by creating certain temporary files before they are processed by dviljk, which can then be read or modified in place.

Reference

http://bugs.gentoo.org/attachment.cgi?id=135423
http://bugs.gentoo.org/show_bug.cgi?id=198238
http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html
http://osvdb.org/42238
http://secunia.com/advisories/27672
http://secunia.com/advisories/27686
http://secunia.com/advisories/27718
http://secunia.com/advisories/27743
http://secunia.com/advisories/27967
http://secunia.com/advisories/28107
http://secunia.com/advisories/28412
http://secunia.com/advisories/30168
http://security.gentoo.org/glsa/glsa-200711-26.xml
http://security.gentoo.org/glsa/glsa-200711-34.xml
http://security.gentoo.org/glsa/glsa-200805-13.xml
http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0266
http://www.mandriva.com/security/advisories?name=MDKSA-2007:230
http://www.securityfocus.com/archive/1/487984/100/0/threaded
http://www.securityfocus.com/bid/26469
http://www.securitytracker.com/id?1019058
http://www.vupen.com/english/advisories/2007/3896
https://bugzilla.redhat.com/show_bug.cgi?id=368611
https://issues.rpath.com/browse/RPL-1928
https://usn.ubuntu.com/554-1/
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html

CVSS

Base:	3.6
Impact:	4.9
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	NONE

CVSS vektor

AV:L/AC:L/Au:N/C:P/I:P/A:N

Zadnje važnije ažuriranje

15-10-2018 - 21:47

Objavljeno

13-11-2007 - 22:46