CentOS ProjectCESA-2005:840xpdf security update
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.184 Low
EPSS
Percentile
96.2%
CentOS Errata and Security Advisory CESA-2005:840
The xpdf package is an X Window System-based viewer for Portable Document
Format (PDF) files.
Several flaws were discovered in Xpdf. An attacker could construct a
carefully crafted PDF file that could cause Xpdf to crash or possibly
execute arbitrary code when opened. The Common Vulnerabilities and
Exposures project assigned the names CVE-2005-3191, CVE-2005-3192, and
CVE-2005-3193 to these issues.
Users of Xpdf should upgrade to this updated package, which contains a
backported patch to resolve these issues.
Red Hat would like to thank Derek B. Noonburg for reporting this issue and
providing a patch.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2005-December/074611.html
https://lists.centos.org/pipermail/centos-announce/2005-December/074612.html
https://lists.centos.org/pipermail/centos-announce/2005-December/074615.html
https://lists.centos.org/pipermail/centos-announce/2005-December/074616.html
https://lists.centos.org/pipermail/centos-announce/2005-December/074619.html
https://lists.centos.org/pipermail/centos-announce/2005-December/074621.html
https://lists.centos.org/pipermail/centos-announce/2005-December/074622.html
https://lists.centos.org/pipermail/centos-announce/2005-December/074625.html
https://lists.centos.org/pipermail/centos-announce/2005-December/074627.html
https://lists.centos.org/pipermail/centos-announce/2005-December/074652.html
https://lists.centos.org/pipermail/centos-announce/2005-December/074655.html
https://lists.centos.org/pipermail/centos-announce/2005-December/074662.html
https://lists.centos.org/pipermail/centos-announce/2005-December/074672.html
https://lists.centos.org/pipermail/centos-announce/2005-December/074675.html
https://lists.centos.org/pipermail/centos-announce/2005-December/074691.html
https://lists.centos.org/pipermail/centos-announce/2005-December/074692.html
https://lists.centos.org/pipermail/centos-announce/2005-December/087401.html
https://lists.centos.org/pipermail/centos-announce/2005-December/087402.html
Affected packages:
xpdf
Upstream details at:
https://access.redhat.com/errata/RHSA-2005:840
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| CentOS | 3 | i386 | xpdf | < 2.02-9.7 | xpdf-2.02-9.7.i386.rpm |
| CentOS | 3 | x86_64 | xpdf | < 2.02-9.7 | xpdf-2.02-9.7.x86_64.rpm |
| CentOS | 4 | ia64 | xpdf | < 3.00-11.9 | xpdf-3.00-11.9.ia64.rpm |
| CentOS | 4 | alpha | xpdf | < 3.00-11.9 | xpdf-3.00-11.9.alpha.rpm |
| CentOS | 3 | ia64 | xpdf | < 2.02-9.7 | xpdf-2.02-9.7.ia64.rpm |
| CentOS | 4 | i386 | xpdf | < 3.00-11.9 | xpdf-3.00-11.9.i386.rpm |
| CentOS | 4 | x86_64 | xpdf | < 3.00-11.9 | xpdf-3.00-11.9.x86_64.rpm |
| CentOS | 3 | s390 | xpdf | < 2.02-9.7 | xpdf-2.02-9.7.s390.rpm |
| CentOS | 3 | s390x | xpdf | < 2.02-9.7 | xpdf-2.02-9.7.s390x.rpm |
| CentOS | 4 | s390 | xpdf | < 3.00-11.9 | xpdf-3.00-11.9.s390.rpm |
Related
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.184 Low
EPSS
Percentile
96.2%