Search for vulnerabilities
Vulnerability details: VCID-bn5s-9aus-aaag
Vulnerability ID VCID-bn5s-9aus-aaag
Aliases CVE-2007-5936
Summary dvips in teTeX and TeXlive 2007 and earlier allows local users to obtain sensitive information and modify certain data by creating certain temporary files before they are processed by dviljk, which can then be read or modified in place.
Status Published
Exploitability 0.5
Weighted Severity 3.2
Risk 1.6
Affected and Fixed Packages Package Details
Weaknesses (2)
CWE-264 Permissions, Privileges, and Access Controls
CWE-377 Insecure Temporary File
System Score Found at
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.0009 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
epss 0.01783 https://api.first.org/data/v1/epss?cve=CVE-2007-5936
cvssv2 3.6 https://nvd.nist.gov/vuln/detail/CVE-2007-5936
Reference id Reference type URL
http://bugs.gentoo.org/attachment.cgi?id=135423
http://bugs.gentoo.org/show_bug.cgi?id=198238
http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html
http://osvdb.org/42238
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5936.json
https://api.first.org/data/v1/epss?cve=CVE-2007-5936
https://bugzilla.redhat.com/show_bug.cgi?id=368611
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5936
http://secunia.com/advisories/27672
http://secunia.com/advisories/27686
http://secunia.com/advisories/27718
http://secunia.com/advisories/27743
http://secunia.com/advisories/27967
http://secunia.com/advisories/28107
http://secunia.com/advisories/28412
http://secunia.com/advisories/30168
http://security.gentoo.org/glsa/glsa-200711-26.xml
http://security.gentoo.org/glsa/glsa-200711-34.xml
http://security.gentoo.org/glsa/glsa-200805-13.xml
https://issues.rpath.com/browse/RPL-1928
https://usn.ubuntu.com/554-1/
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html
http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0266
http://www.mandriva.com/security/advisories?name=MDKSA-2007:230
http://www.securityfocus.com/archive/1/487984/100/0/threaded
http://www.securityfocus.com/bid/26469
http://www.securitytracker.com/id?1019058
http://www.vupen.com/english/advisories/2007/3896
cpe:2.3:a:tetex:tetex:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tetex:tetex:*:*:*:*:*:*:*:*
cpe:2.3:a:tug:texlive_2007:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:texlive_2007:*:*:*:*:*:*:*:*
CVE-2007-5936 https://nvd.nist.gov/vuln/detail/CVE-2007-5936
GLSA-200711-26 https://security.gentoo.org/glsa/200711-26
No exploits are available.
Vector: AV:L/AC:L/Au:N/C:P/I:P/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2007-5936
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.10982
EPSS Score 0.00044
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.