Fedora 7 : tetex-3.0-40.3.fc7 (2007-3390)

This script is Copyright (C) 2007-2015 Tenable Network Security, Inc.


Synopsis :

The remote Fedora host is missing a security update.

Description :

- fix t1lib flaw CVE-2007-4033 (#352271)

- fix CVE-2007-4352 CVE-2007-5392 CVE-2007-5393, various
xpdf flaws (#345121)

- xdvi won't segfault if DVI file contains character
which is not present in font (#243630)

- fix dvips -z buffer overflow with long href
CVE-2007-5935 (#368591)

- fix insecure usage of temporary file in dviljk
CVE-2007-5936 CVE-2007-5937 (#368611, #368641)

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :

https://bugzilla.redhat.com/show_bug.cgi?id=243630
https://bugzilla.redhat.com/show_bug.cgi?id=345121
https://bugzilla.redhat.com/show_bug.cgi?id=352271
https://bugzilla.redhat.com/show_bug.cgi?id=368591
https://bugzilla.redhat.com/show_bug.cgi?id=368611
https://bugzilla.redhat.com/show_bug.cgi?id=368641
https://bugzilla.redhat.com/show_bug.cgi?id=379831
http://www.nessus.org/u?c93e9305

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.1
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: Fedora Local Security Checks

Nessus Plugin ID: 28307 (fedora_2007-3390.nasl)

Bugtraq ID: 25079
26367
26469

CVE ID: CVE-2007-4033
CVE-2007-4352
CVE-2007-5392
CVE-2007-5393
CVE-2007-5935
CVE-2007-5936
CVE-2007-5937