CVE-2001-0906

Name of the Vulnerable Software and Affected Versions teTeX versions 1.0.6 through 1.0.7 teTeX filter version prior to 1.0.7

Description The issue concerns multiple vulnerabilities in the teTeX package, which can lead to a breach of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely. Local users can gain privileges via a symlink attack on temporary files produced when printing .dvi files using lpr.

Recommendations For teTeX versions 1.0.6 through 1.0.7, update to version 1.0.7 or later to resolve the issue. For teTeX filter version prior to 1.0.7, update to version 1.0.7 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable teTeX package until a patch is available.