Launchpad.net

CVE 2007-5935

Stack-based buffer overflow in hpc.c in dvips in teTeX and TeXlive 2007 and earlier allows user-assisted attackers to execute arbitrary code via a DVI file with a long href tag.

Related bugs and status

CVE-2007-5935 (Candidate) is related to these bugs:

Bug #163820: [tetex] Multiple vulnerabilities possibly allowing to execute arbitrary code or overwrite arbitrary files

Summary				In	Importance	Status
	163820	[tetex] Multiple vulnerabilities possibly allowing to execute arbitrary code or overwrite arbitrary files		tetex-bin (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://bugs.debian.org...
MISC: https://bugzilla.redha...
CONFIRM: http://bugs.gentoo.org...
GENTOO: GLSA-200711-26
BID: 26469
SECUNIA: 27672
SECUNIA: 27686
MANDRIVA: MDKSA-2007:230
SECUNIA: 27743
GENTOO: GLSA-200711-34
SECTRACK: 1019058
SECUNIA: 27967
CONFIRM: https://issues.rpath.c...
SECUNIA: 28107
FEDORA: FEDORA-2007-3390
SECUNIA: 27718
SUSE: SUSE-SR:2008:001
SECUNIA: 28412
CONFIRM: http://wiki.rpath.com/...
GENTOO: GLSA-200805-13
SUSE: SUSE-SR:2008:011
SECUNIA: 30168
VUPEN: ADV-2007-3896
OVAL: oval:org.mitre.oval:de...
UBUNTU: USN-554-1
BUGTRAQ: 20080212 FLEA-2008-000...