SecurityTracker: teTeX Buffer Overflows Let Remote Users Execute Arbitrary Code and Unsafe Temporary Files Let Local Users Overwrite Files

	Keep Track of the Latest Vulnerabilities with SecurityTracker!

Home | View Topics | Search | Contact Us |

SecurityTracker
Archives

Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary

Instant Alerts

Buy our Premium Vulnerability Notification Service to receive customized, instant alerts

Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!

Become a Partner and License Our Database or Notification Service

Report a Bug

Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com

Category: Application (Generic) > teTeX

Vendors: Esser, Thomas

teTeX Buffer Overflows Let Remote Users Execute Arbitrary Code and Unsafe Temporary Files Let Local Users Overwrite Files

SecurityTracker Alert ID: 1019058

SecurityTracker URL: http://securitytracker.com/id/1019058

CVE Reference: CVE-2007-5935, CVE-2007-5936, CVE-2007-5937 (Links to External Site)

Date: Dec 7 2007

Impact: Execution of arbitrary code via network, Modification of system information, Modification of user information, User access via local system, User access via network

Description: Several vulnerabilities were reported in teTeX. A remote user can cause arbitrary code to be executed on the target user's system. A local user can gain elevated privileges.

A remote user can create a specially crafted dvi file that, when loaded by the target user or application, will trigger a buffer overflow in dvips and execute arbitrary code on the target system [CVE-2007-5935]. The code will run with the privileges of the target user or application.

The dviljk utilities create unsafe temporary files [CVE-2007-5936]. A local user can exploit this to create or overwrite files with the privileges of the target user.

A remote user can create a specially crafted dvi file that, when loaded by the target user or application, will trigger a buffer overflow in the dviljk utilities and execute arbitrary code on the target system [CVE-2007-5937]. The code will run with the privileges of the target user or application.

Bastien Roucaries reported the dvips buffer overflow and Joachim Schrod reported the other two vulnerabilities.

Impact: A remote user can create a file that, when loaded by the target user or application, will execute arbitrary code on the target system.

A local user can create or modify files with the privileges of the target user.

Solution: No solution was available at the time of this entry.

Cause: Access control error, Boundary error, State error

Underlying OS: Linux (Any), UNIX (Any)

Message History: None.

Source Message Contents


[Original Message Not Available for Viewing]

Go to the Top of This SecurityTracker Archive Page

Home | View Topics | Search | Contact Us
Copyright 2012, SecurityGlobal.net LLC