CVE-2007-5937 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Texlive-bin

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer7 documents7 sources

Severity

6.8MEDIUMNVD

EPSS

2.1%

top 15.88%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Debian Texlive-bin

Timeline

PublishedNov 13

Latest updateMay 1

Description

Multiple buffer overflows in dvi2xx.c in dviljk in teTeX and TeXlive 2007 and earlier might allow user-assisted attackers to execute arbitrary code via a crafted DVI input file.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages1 packages

▶debiandebian/texlive-bin< texlive-bin 2007-13 (bookworm)

🔴Vulnerability Details

GHSA

GHSA-3v5h-fmqv-x9mj: Multiple buffer overflows in dvi2xx↗2022-05-01

▶

OSV

CVE-2007-5937: Multiple buffer overflows in dvi2xx↗2007-11-13

▶

📋Vendor Advisories

Ubuntu

teTeX and TeX Live vulnerabilities↗2007-12-06

▶

Red Hat

Multiple dviljk buffer overflows↗2007-11-06

▶

Debian

CVE-2007-5937: texlive-bin - Multiple buffer overflows in dvi2xx.c in dviljk in teTeX and TeXlive 2007 and ea...↗2007

▶

💬Community

Bugzilla

CVE-2007-5937 Multiple dviljk buffer overflows↗2007-11-06

▶