English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.59629
Category:Fedora Local Security Checks
Title:Fedora Core 6 FEDORA-2007-750 (tetex)
Summary:NOSUMMARY
Description:Description:

The remote host is missing an update to tetex
announced via advisory FEDORA-2007-750.

TeTeX is an implementation of TeX for Linux or UNIX systems. TeX takes
a text file and a set of formatting commands as input and creates a
typesetter-independent .dvi (DeVice Independent) file as output.
Usually, TeX is used in conjunction with a higher level formatting
package like LaTeX or PlainTeX, since TeX by itself is not very
user-friendly. The output format needn't to be DVI, but also PDF,
when using pdflatex or similar tools.

Install tetex if you want to use the TeX text formatting system. Consider
to install tetex-latex (a higher level formatting package which provides
an easier-to-use interface for TeX). Unless you are an expert at using TeX,
you should also install the tetex-doc package, which includes the
documentation for TeX.

Update Information:

- fix dvips -z buffer overflow with long href (#368591)
- fix insecure usage of temporary file in dviljk (#368611,
#368641)
- update License and BuildRoot tags
- fix t1lib flaw CVE-2007-4033 (#352271)
- fix CVE-2007-4352 CVE-2007-5392 CVE-2007-5393, various
xpdf flaws (#345121)
- xdvi won't segfault if DVI file contains character which
is not present in font (#243630)
- enable compilation with ccache

* Thu Nov 15 2007 Jindrich Novy 3.0-36
- fix dvips -z buffer overflow with long href (#368591)
- fix insecure usage of temporary file in dviljk (#368611, #368641)
- update License and BuildRoot tags
- fix t1lib flaw CVE-2007-4033 (#352271)
- fix CVE-2007-4352 CVE-2007-5392 CVE-2007-5393, various xpdf flaws (#345121)
- xdvi won't segfault if DVI file contains character which
is not present in font (#243630)
- enable compilation with ccache

Solution: Apply the appropriate updates.

This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/


This update can be installed with the 'yum' update program. Use 'yum update
package-name' at the command line. For more information, refer to 'Managing
Software with yum,' available at http://fedora.redhat.com/docs/yum/.


http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2007-750

Risk factor : Critical

CVSS Score:
9.3

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2007-4033
BugTraq ID: 25079
http://www.securityfocus.com/bid/25079
Bugtraq: 20070921 Re: [Full-disclosure] [USN-515-1] t1lib vulnerability (Google Search)
http://www.securityfocus.com/archive/1/480239/100/100/threaded
Bugtraq: 20070921 Re: [USN-515-1] t1lib vulnerability (Google Search)
http://www.securityfocus.com/archive/1/480244/100/100/threaded
Bugtraq: 20080105 rPSA-2008-0007-1 tetex tetex-afm tetex-dvips tetex-fonts tetex-latex tetex-xdvi (Google Search)
http://www.securityfocus.com/archive/1/485823/100/0/threaded
Bugtraq: 20080212 FLEA-2008-0006-1 tetex tetex-dvips tetex-fonts (Google Search)
http://www.securityfocus.com/archive/1/487984/100/0/threaded
Debian Security Information: DSA-1390 (Google Search)
http://www.debian.org/security/2007/dsa-1390
https://www.exploit-db.com/exploits/4227
http://fedoranews.org/updates/FEDORA-2007-234.shtml
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html
http://security.gentoo.org/glsa/glsa-200710-12.xml
http://security.gentoo.org/glsa/glsa-200711-34.xml
http://security.gentoo.org/glsa/glsa-200805-13.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:189
http://www.mandriva.com/security/advisories?name=MDKSA-2007:230
http://www.bugtraq.ir/adv/t1lib.txt
https://bugzilla.redhat.com/show_bug.cgi?id=303021
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10557
http://www.redhat.com/support/errata/RHSA-2007-1027.html
http://www.redhat.com/support/errata/RHSA-2007-1030.html
http://www.redhat.com/support/errata/RHSA-2007-1031.html
http://www.securitytracker.com/id?1018905
http://secunia.com/advisories/26241
http://secunia.com/advisories/26901
http://secunia.com/advisories/26981
http://secunia.com/advisories/26992
http://secunia.com/advisories/27239
http://secunia.com/advisories/27297
http://secunia.com/advisories/27439
http://secunia.com/advisories/27599
http://secunia.com/advisories/27718
http://secunia.com/advisories/27743
http://secunia.com/advisories/28345
http://secunia.com/advisories/30168
SuSE Security Announcement: SUSE-SR:2007:023 (Google Search)
http://www.novell.com/linux/security/advisories/2007_23_sr.html
http://www.ubuntu.com/usn/usn-515-1
XForce ISS Database: php-imagepsloadfont-bo(35620)
https://exchange.xforce.ibmcloud.com/vulnerabilities/35620
Common Vulnerability Exposure (CVE) ID: CVE-2007-4352
BugTraq ID: 26367
http://www.securityfocus.com/bid/26367
Bugtraq: 20071107 Secunia Research: Xpdf "Stream.cc" Multiple Vulnerabilities (Google Search)
http://www.securityfocus.com/archive/1/483372
Debian Security Information: DSA-1480 (Google Search)
http://www.debian.org/security/2008/dsa-1480
Debian Security Information: DSA-1509 (Google Search)
http://www.debian.org/security/2008/dsa-1509
Debian Security Information: DSA-1537 (Google Search)
http://www.debian.org/security/2008/dsa-1537
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html
https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html
http://security.gentoo.org/glsa/glsa-200711-22.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:219
http://www.mandriva.com/security/advisories?name=MDKSA-2007:220
http://www.mandriva.com/security/advisories?name=MDKSA-2007:221
http://www.mandriva.com/security/advisories?name=MDKSA-2007:222
http://www.mandriva.com/security/advisories?name=MDKSA-2007:223
http://www.mandriva.com/security/advisories?name=MDKSA-2007:227
http://www.mandriva.com/security/advisories?name=MDKSA-2007:228
http://secunia.com/secunia_research/2007-88/advisory/
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9979
http://www.redhat.com/support/errata/RHSA-2007-1021.html
http://www.redhat.com/support/errata/RHSA-2007-1022.html
http://www.redhat.com/support/errata/RHSA-2007-1024.html
http://www.redhat.com/support/errata/RHSA-2007-1025.html
http://www.redhat.com/support/errata/RHSA-2007-1026.html
http://www.redhat.com/support/errata/RHSA-2007-1029.html
http://secunia.com/advisories/26503
http://secunia.com/advisories/27260
http://secunia.com/advisories/27553
http://secunia.com/advisories/27573
http://secunia.com/advisories/27574
http://secunia.com/advisories/27575
http://secunia.com/advisories/27577
http://secunia.com/advisories/27578
http://secunia.com/advisories/27615
http://secunia.com/advisories/27618
http://secunia.com/advisories/27619
http://secunia.com/advisories/27632
http://secunia.com/advisories/27634
http://secunia.com/advisories/27636
http://secunia.com/advisories/27637
http://secunia.com/advisories/27640
http://secunia.com/advisories/27641
http://secunia.com/advisories/27642
http://secunia.com/advisories/27645
http://secunia.com/advisories/27656
http://secunia.com/advisories/27658
http://secunia.com/advisories/27705
http://secunia.com/advisories/27721
http://secunia.com/advisories/27724
http://secunia.com/advisories/27856
http://secunia.com/advisories/28043
http://secunia.com/advisories/28812
http://secunia.com/advisories/29104
http://secunia.com/advisories/29604
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.761882
SuSE Security Announcement: SUSE-SA:2007:060 (Google Search)
http://www.novell.com/linux/security/advisories/2007_60_pdf.html
http://www.ubuntu.com/usn/usn-542-1
http://www.ubuntu.com/usn/usn-542-2
http://www.vupen.com/english/advisories/2007/3774
http://www.vupen.com/english/advisories/2007/3775
http://www.vupen.com/english/advisories/2007/3776
http://www.vupen.com/english/advisories/2007/3779
http://www.vupen.com/english/advisories/2007/3786
XForce ISS Database: xpdf-dctstreamread-memory-corruption(38306)
https://exchange.xforce.ibmcloud.com/vulnerabilities/38306
Common Vulnerability Exposure (CVE) ID: CVE-2007-5392
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10036
XForce ISS Database: xpdf-dctstreamreset-bo(38303)
https://exchange.xforce.ibmcloud.com/vulnerabilities/38303
Common Vulnerability Exposure (CVE) ID: CVE-2007-5393
Debian Security Information: DSA-1408 (Google Search)
http://www.debian.org/security/2007/dsa-1408
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9839
http://www.redhat.com/support/errata/RHSA-2007-1023.html
http://www.redhat.com/support/errata/RHSA-2007-1028.html
http://www.redhat.com/support/errata/RHSA-2007-1051.html
http://secunia.com/advisories/27579
http://secunia.com/advisories/27772
XForce ISS Database: xpdf-ccittfaxstreamlookchar-bo(38304)
https://exchange.xforce.ibmcloud.com/vulnerabilities/38304
CopyrightCopyright (c) 2007 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.