texlive_2007 信息泄露漏洞

admin

0
文章

0
评论

2023-12-12 15:15:42 Ali_nvd 来源：ZONE.CI 全球网 0 阅读模式

低危 texlive_2007 信息泄露漏洞

CVE编号

CVE-2007-5936

利用情况

暂无

补丁情况

官方补丁

披露时间

2007-11-14

漏洞描述

dvips in teTeX and TeXlive 2007 and earlier allows local users to obtain sensitive information and modify certain data by creating certain temporary files before they are processed by dviljk, which can then be read or modified in place.

解决建议

建议您更新当前系统或软件至最新版，完成漏洞的修复。

参考链接
http://bugs.gentoo.org/attachment.cgi?id=135423
http://bugs.gentoo.org/show_bug.cgi?id=198238
http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html
http://osvdb.org/42238
http://secunia.com/advisories/27672
http://secunia.com/advisories/27686
http://secunia.com/advisories/27718
http://secunia.com/advisories/27743
http://secunia.com/advisories/27967
http://secunia.com/advisories/28107
http://secunia.com/advisories/28412
http://secunia.com/advisories/30168
http://security.gentoo.org/glsa/glsa-200711-26.xml
http://security.gentoo.org/glsa/glsa-200711-34.xml
http://security.gentoo.org/glsa/glsa-200805-13.xml
http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0266
http://www.mandriva.com/security/advisories?name=MDKSA-2007:230
http://www.securityfocus.com/archive/1/487984/100/0/threaded
http://www.securityfocus.com/bid/26469
http://www.securitytracker.com/id?1019058
http://www.vupen.com/english/advisories/2007/3896
https://bugzilla.redhat.com/show_bug.cgi?id=368611
https://issues.rpath.com/browse/RPL-1928
https://usn.ubuntu.com/554-1/
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html

受影响软件情况

1
#	类型	厂商	产品	版本	影响面
	运行在以下环境
	应用	tetex	tetex	*	-
	运行在以下环境
	应用	tug	texlive_2007	*	-
	运行在以下环境
	系统	debian_10	texlive-bin	*		Up to (excluding) 2007-13
	运行在以下环境
	系统	debian_11	texlive-bin	*		Up to (excluding) 2007-13
	运行在以下环境
	系统	debian_12	texlive-bin	*		Up to (excluding) 2007-13
	运行在以下环境
	系统	debian_sid	texlive-bin	*		Up to (excluding) 2007-13