ByteOS Network

Vulnerability Details :

CVE-2007-5936

Assigner-mitre

Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca

Published At-13 Nov, 2007 | 22:00

Updated At-07 Aug, 2024 | 15:47

dvips in teTeX and TeXlive 2007 and earlier allows local users to obtain sensitive information and modify certain data by creating certain temporary files before they are processed by dviljk, which can then be read or modified in place.

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

▼Common Vulnerabilities and Exposures (CVE)

cve.org

Assigner:mitre

Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca

Published At:13 Nov, 2007 | 22:00

Updated At:07 Aug, 2024 | 15:47

▼CVE Numbering Authority (CNA)

Affected Products

Vendor

n/a

Product

n/a

Versions

Affected

Problem Types

Type	CWE ID	Description
text	N/A	n/a

Type: text

CWE ID: N/A

Description: n/a

References

Hyperlink	Resource
http://bugs.gentoo.org/attachment.cgi?id=135423	x_refsource_MISC
https://issues.rpath.com/browse/RPL-1928	x_refsource_CONFIRM
http://secunia.com/advisories/27672	third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/27743	third-party-advisory x_refsource_SECUNIA
http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html	vendor-advisory x_refsource_SUSE
http://secunia.com/advisories/28412	third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/27686	third-party-advisory x_refsource_SECUNIA
https://usn.ubuntu.com/554-1/	vendor-advisory x_refsource_UBUNTU
http://osvdb.org/42238	vdb-entry x_refsource_OSVDB
http://www.securityfocus.com/bid/26469	vdb-entry x_refsource_BID
http://security.gentoo.org/glsa/glsa-200805-13.xml	vendor-advisory x_refsource_GENTOO
http://security.gentoo.org/glsa/glsa-200711-26.xml	vendor-advisory x_refsource_GENTOO
http://bugs.gentoo.org/show_bug.cgi?id=198238	x_refsource_CONFIRM
http://secunia.com/advisories/30168	third-party-advisory x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2007/3896	vdb-entry x_refsource_VUPEN
http://secunia.com/advisories/27718	third-party-advisory x_refsource_SECUNIA
https://bugzilla.redhat.com/show_bug.cgi?id=368611	x_refsource_CONFIRM
http://security.gentoo.org/glsa/glsa-200711-34.xml	vendor-advisory x_refsource_GENTOO
http://secunia.com/advisories/27967	third-party-advisory x_refsource_SECUNIA
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html	vendor-advisory x_refsource_FEDORA
http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0266	x_refsource_CONFIRM
http://www.securitytracker.com/id?1019058	vdb-entry x_refsource_SECTRACK
http://secunia.com/advisories/28107	third-party-advisory x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2007:230	vendor-advisory x_refsource_MANDRIVA
http://www.securityfocus.com/archive/1/487984/100/0/threaded	mailing-list x_refsource_BUGTRAQ
http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.html	vendor-advisory x_refsource_SUSE

Hyperlink: http://bugs.gentoo.org/attachment.cgi?id=135423

Resource:

x_refsource_MISC

Hyperlink: https://issues.rpath.com/browse/RPL-1928

Resource:

x_refsource_CONFIRM

Hyperlink: http://secunia.com/advisories/27672

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://secunia.com/advisories/27743

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html

Resource:

vendor-advisory

x_refsource_SUSE

Hyperlink: http://secunia.com/advisories/28412

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://secunia.com/advisories/27686

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: https://usn.ubuntu.com/554-1/

Resource:

vendor-advisory

x_refsource_UBUNTU

Hyperlink: http://osvdb.org/42238

Resource:

vdb-entry

x_refsource_OSVDB

Hyperlink: http://www.securityfocus.com/bid/26469

Resource:

vdb-entry

x_refsource_BID

Hyperlink: http://security.gentoo.org/glsa/glsa-200805-13.xml

Resource:

vendor-advisory

x_refsource_GENTOO

Hyperlink: http://security.gentoo.org/glsa/glsa-200711-26.xml

Resource:

vendor-advisory

x_refsource_GENTOO

Hyperlink: http://bugs.gentoo.org/show_bug.cgi?id=198238

Resource:

x_refsource_CONFIRM

Hyperlink: http://secunia.com/advisories/30168

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://www.vupen.com/english/advisories/2007/3896

Resource:

vdb-entry

x_refsource_VUPEN

Hyperlink: http://secunia.com/advisories/27718

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=368611

Resource:

x_refsource_CONFIRM

Hyperlink: http://security.gentoo.org/glsa/glsa-200711-34.xml

Resource:

vendor-advisory

x_refsource_GENTOO

Hyperlink: http://secunia.com/advisories/27967

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html

Resource:

vendor-advisory

x_refsource_FEDORA

Hyperlink: http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0266

Resource:

x_refsource_CONFIRM

Hyperlink: http://www.securitytracker.com/id?1019058

Resource:

vdb-entry

x_refsource_SECTRACK

Hyperlink: http://secunia.com/advisories/28107

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:230

Resource:

vendor-advisory

x_refsource_MANDRIVA

Hyperlink: http://www.securityfocus.com/archive/1/487984/100/0/threaded

Resource:

mailing-list

x_refsource_BUGTRAQ

Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.html

Resource:

vendor-advisory

x_refsource_SUSE

▼Authorized Data Publishers (ADP)

CVE Program Container

References

Hyperlink	Resource
http://bugs.gentoo.org/attachment.cgi?id=135423	x_refsource_MISC x_transferred
https://issues.rpath.com/browse/RPL-1928	x_refsource_CONFIRM x_transferred
http://secunia.com/advisories/27672	third-party-advisory x_refsource_SECUNIA x_transferred
http://secunia.com/advisories/27743	third-party-advisory x_refsource_SECUNIA x_transferred
http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html	vendor-advisory x_refsource_SUSE x_transferred
http://secunia.com/advisories/28412	third-party-advisory x_refsource_SECUNIA x_transferred
http://secunia.com/advisories/27686	third-party-advisory x_refsource_SECUNIA x_transferred
https://usn.ubuntu.com/554-1/	vendor-advisory x_refsource_UBUNTU x_transferred
http://osvdb.org/42238	vdb-entry x_refsource_OSVDB x_transferred
http://www.securityfocus.com/bid/26469	vdb-entry x_refsource_BID x_transferred
http://security.gentoo.org/glsa/glsa-200805-13.xml	vendor-advisory x_refsource_GENTOO x_transferred
http://security.gentoo.org/glsa/glsa-200711-26.xml	vendor-advisory x_refsource_GENTOO x_transferred
http://bugs.gentoo.org/show_bug.cgi?id=198238	x_refsource_CONFIRM x_transferred
http://secunia.com/advisories/30168	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.vupen.com/english/advisories/2007/3896	vdb-entry x_refsource_VUPEN x_transferred
http://secunia.com/advisories/27718	third-party-advisory x_refsource_SECUNIA x_transferred
https://bugzilla.redhat.com/show_bug.cgi?id=368611	x_refsource_CONFIRM x_transferred
http://security.gentoo.org/glsa/glsa-200711-34.xml	vendor-advisory x_refsource_GENTOO x_transferred
http://secunia.com/advisories/27967	third-party-advisory x_refsource_SECUNIA x_transferred
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html	vendor-advisory x_refsource_FEDORA x_transferred
http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0266	x_refsource_CONFIRM x_transferred
http://www.securitytracker.com/id?1019058	vdb-entry x_refsource_SECTRACK x_transferred
http://secunia.com/advisories/28107	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.mandriva.com/security/advisories?name=MDKSA-2007:230	vendor-advisory x_refsource_MANDRIVA x_transferred
http://www.securityfocus.com/archive/1/487984/100/0/threaded	mailing-list x_refsource_BUGTRAQ x_transferred
http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.html	vendor-advisory x_refsource_SUSE x_transferred

Hyperlink: http://bugs.gentoo.org/attachment.cgi?id=135423

Resource:

x_refsource_MISC

x_transferred

Hyperlink: https://issues.rpath.com/browse/RPL-1928

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://secunia.com/advisories/27672

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://secunia.com/advisories/27743

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html

Resource:

vendor-advisory

x_refsource_SUSE

x_transferred

Hyperlink: http://secunia.com/advisories/28412

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://secunia.com/advisories/27686

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: https://usn.ubuntu.com/554-1/

Resource:

vendor-advisory

x_refsource_UBUNTU

x_transferred

Hyperlink: http://osvdb.org/42238

Resource:

vdb-entry

x_refsource_OSVDB

x_transferred

Hyperlink: http://www.securityfocus.com/bid/26469

Resource:

vdb-entry

x_refsource_BID

x_transferred

Hyperlink: http://security.gentoo.org/glsa/glsa-200805-13.xml

Resource:

vendor-advisory

x_refsource_GENTOO

x_transferred

Hyperlink: http://security.gentoo.org/glsa/glsa-200711-26.xml

Resource:

vendor-advisory

x_refsource_GENTOO

x_transferred

Hyperlink: http://bugs.gentoo.org/show_bug.cgi?id=198238

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://secunia.com/advisories/30168

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://www.vupen.com/english/advisories/2007/3896

Resource:

vdb-entry

x_refsource_VUPEN

x_transferred

Hyperlink: http://secunia.com/advisories/27718

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=368611

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://security.gentoo.org/glsa/glsa-200711-34.xml

Resource:

vendor-advisory

x_refsource_GENTOO

x_transferred

Hyperlink: http://secunia.com/advisories/27967

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html

Resource:

vendor-advisory

x_refsource_FEDORA

x_transferred

Hyperlink: http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0266

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://www.securitytracker.com/id?1019058

Resource:

vdb-entry

x_refsource_SECTRACK

x_transferred

Hyperlink: http://secunia.com/advisories/28107

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:230

Resource:

vendor-advisory

x_refsource_MANDRIVA

x_transferred

Hyperlink: http://www.securityfocus.com/archive/1/487984/100/0/threaded

Resource:

mailing-list

x_refsource_BUGTRAQ

x_transferred

Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.html

Resource:

vendor-advisory

x_refsource_SUSE

x_transferred

▼National Vulnerability Database (NVD)

nvd.nist.gov

Source:cve@mitre.org

Published At:13 Nov, 2007 | 22:46

Updated At:15 Oct, 2018 | 21:47

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	3.6	LOW	AV:L/AC:L/Au:N/C:P/I:P/A:N

Type: Primary

Version: 2.0

Base score: 3.6

Base severity: LOW

Vector:

AV:L/AC:L/Au:N/C:P/I:P/A:N

CPE Matches

tetex>>tetex>>*

cpe:2.3:a:tetex:tetex:*:*:*:*:*:*:*:*

tug>>texlive_2007>>*

cpe:2.3:a:tug:texlive_2007:*:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-264	Primary	nvd@nist.gov

CWE ID: CWE-264

Type: Primary

Source: nvd@nist.gov

Vendor Statements

Organization : Red Hat

Last Modified : 2010-05-06T00:00:00

Not vulnerable. teTeX is packaged without the dviljk binary in Red Hat Enterprise Linux, making it impossible to exploit this flaw. We are however including this fix in RHSA-2010:0399, RHSA-2010:0400, and RHSA-2010:0401 in the event the binary is shipped in the future.

References

Hyperlink	Source	Resource
http://bugs.gentoo.org/attachment.cgi?id=135423	cve@mitre.org	N/A
http://bugs.gentoo.org/show_bug.cgi?id=198238	cve@mitre.org	N/A
http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.html	cve@mitre.org	N/A
http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html	cve@mitre.org	N/A
http://osvdb.org/42238	cve@mitre.org	N/A
http://secunia.com/advisories/27672	cve@mitre.org	Vendor Advisory
http://secunia.com/advisories/27686	cve@mitre.org	Vendor Advisory
http://secunia.com/advisories/27718	cve@mitre.org	Vendor Advisory
http://secunia.com/advisories/27743	cve@mitre.org	Vendor Advisory
http://secunia.com/advisories/27967	cve@mitre.org	Vendor Advisory
http://secunia.com/advisories/28107	cve@mitre.org	Vendor Advisory
http://secunia.com/advisories/28412	cve@mitre.org	Vendor Advisory
http://secunia.com/advisories/30168	cve@mitre.org	Vendor Advisory
http://security.gentoo.org/glsa/glsa-200711-26.xml	cve@mitre.org	N/A
http://security.gentoo.org/glsa/glsa-200711-34.xml	cve@mitre.org	N/A
http://security.gentoo.org/glsa/glsa-200805-13.xml	cve@mitre.org	N/A
http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0266	cve@mitre.org	N/A
http://www.mandriva.com/security/advisories?name=MDKSA-2007:230	cve@mitre.org	N/A
http://www.securityfocus.com/archive/1/487984/100/0/threaded	cve@mitre.org	N/A
http://www.securityfocus.com/bid/26469	cve@mitre.org	N/A
http://www.securitytracker.com/id?1019058	cve@mitre.org	N/A
http://www.vupen.com/english/advisories/2007/3896	cve@mitre.org	N/A
https://bugzilla.redhat.com/show_bug.cgi?id=368611	cve@mitre.org	N/A
https://issues.rpath.com/browse/RPL-1928	cve@mitre.org	N/A
https://usn.ubuntu.com/554-1/	cve@mitre.org	N/A
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html	cve@mitre.org	N/A

Hyperlink: http://bugs.gentoo.org/attachment.cgi?id=135423

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://bugs.gentoo.org/show_bug.cgi?id=198238

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.html

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://osvdb.org/42238

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://secunia.com/advisories/27672

Source: cve@mitre.org

Resource:

Vendor Advisory

Hyperlink: http://secunia.com/advisories/27686

Source: cve@mitre.org

Resource:

Vendor Advisory

Hyperlink: http://secunia.com/advisories/27718

Source: cve@mitre.org

Resource:

Vendor Advisory

Hyperlink: http://secunia.com/advisories/27743

Source: cve@mitre.org

Resource:

Vendor Advisory

Hyperlink: http://secunia.com/advisories/27967

Source: cve@mitre.org

Resource:

Vendor Advisory

Hyperlink: http://secunia.com/advisories/28107

Source: cve@mitre.org

Resource:

Vendor Advisory

Hyperlink: http://secunia.com/advisories/28412

Source: cve@mitre.org

Resource:

Vendor Advisory

Hyperlink: http://secunia.com/advisories/30168

Source: cve@mitre.org

Resource:

Vendor Advisory

Hyperlink: http://security.gentoo.org/glsa/glsa-200711-26.xml

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://security.gentoo.org/glsa/glsa-200711-34.xml

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://security.gentoo.org/glsa/glsa-200805-13.xml

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0266

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:230

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://www.securityfocus.com/archive/1/487984/100/0/threaded

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://www.securityfocus.com/bid/26469

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://www.securitytracker.com/id?1019058

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://www.vupen.com/english/advisories/2007/3896

Source: cve@mitre.org

Resource: N/A

Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=368611

Source: cve@mitre.org

Resource: N/A

Hyperlink: https://issues.rpath.com/browse/RPL-1928

Source: cve@mitre.org

Resource: N/A

Hyperlink: https://usn.ubuntu.com/554-1/

Source: cve@mitre.org

Resource: N/A

Hyperlink: https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html

Source: cve@mitre.org

Resource: N/A

Similar CVEs

2Records found

CVE-2009-0835

Matching Score-4

Assigner-MITRE Corporation

View Details

Matching Score-4

Assigner-MITRE Corporation

CVSS Score-3.6||LOW

EPSS-0.18% / 40.46%

7 Day CHG~0.00%

Published-06 Mar, 2009 | 11:00

Updated-07 Aug, 2024 | 04:48

The __secure_computing function in kernel/seccomp.c in the seccomp subsystem in the Linux kernel 2.6.28.7 and earlier on the x86_64 platform, when CONFIG_SECCOMP is enabled, does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass intended access restrictions via crafted syscalls that are misinterpreted as (a) stat or (b) chmod, a related issue to CVE-2009-0342 and CVE-2009-0343.

Vendor-n/a Linux Kernel Organization, Inc

Product-linux_kernel n/a

CWE ID-CWE-264

Not Available

CVE-2007-5851

Matching Score-4

Assigner-MITRE Corporation

View Details

Matching Score-4

Assigner-MITRE Corporation

CVSS Score-3.6||LOW

EPSS-0.20% / 42.65%

7 Day CHG~0.00%

Published-19 Dec, 2007 | 21:00

Updated-07 Aug, 2024 | 15:47

iChat in Apple Mac OS X 10.4.11 allows network-adjacent remote attackers to automatically initiate a video connection to another user via unknown vectors.

Vendor-n/a Apple Inc.

Product-mac_os_x n/a

CWE ID-CWE-264

Not Available

CVE-2007-5936

Credits

Vendors

Products

Metrics (CVSS)

Weaknesses

Attack Patterns

Solution/Workaround

References

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

Stakeholder-Specific Vulnerability Categorization (SSVC)

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History

Similar CVEs