Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2007-5937

Published: 13/11/2007 Updated: 15/10/2018
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Texlive 2007

Vulnerability Summary

Multiple buffer overflows in dvi2xx.c in dviljk in teTeX and TeXlive 2007 and previous versions might allow user-assisted malicious users to execute arbitrary code via a crafted DVI input file.

Vulnerable Product Search on Vulmon Subscribe to Product

tug texlive 2007

tetex tetex

Vendor Advisories

Ubuntu Security Notice: tetex-bin, texlive-bin vulnerabilities
Bastien Roucaries discovered that dvips as included in tetex-bin and texlive-bin did not properly perform bounds checking If a user or automated system were tricked into processing a specially crafted dvi file, dvips could be made to crash and execute code as the user invoking the program (CVE-2007-5935) ...

References

CWE-119http://bugs.gentoo.org/attachment.cgi?id=135423https://bugzilla.redhat.com/show_bug.cgi?id=368641http://bugs.gentoo.org/show_bug.cgi?id=198238http://security.gentoo.org/glsa/glsa-200711-26.xmlhttp://security.gentoo.org/glsa/glsa-200711-34.xmlhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:230http://www.securityfocus.com/bid/26469http://www.securitytracker.com/id?1019058http://secunia.com/advisories/27672http://secunia.com/advisories/27686http://secunia.com/advisories/27743https://issues.rpath.com/browse/RPL-1928http://secunia.com/advisories/27967http://secunia.com/advisories/28107https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.htmlhttp://secunia.com/advisories/27718http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.htmlhttp://secunia.com/advisories/28412http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0266http://security.gentoo.org/glsa/glsa-200805-13.xmlhttp://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.htmlhttp://secunia.com/advisories/30168http://www.vupen.com/english/advisories/2007/3896https://usn.ubuntu.com/554-1/http://www.securityfocus.com/archive/1/487984/100/0/threadedhttps://usn.ubuntu.com/554-1/https://nvd.nist.gov
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111CVE-2024-32884IDORCVE-2023-1000CVE-2024-33260CVE-2024-3682reflected XSSrace conditionCVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook