Lucene search

K
centosCentOS ProjectCESA-2007:0735-01
HistoryAug 01, 2007 - 3:37 a.m.

xpdf security update

2007-08-0103:37:44
CentOS Project
lists.centos.org
46

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.074 Low

EPSS

Percentile

94.1%

CentOS Errata and Security Advisory CESA-2007:0735-01

Xpdf is an X Window System-based viewer for Portable Document Format (PDF)
files.

Maurycy Prodeus discovered an integer overflow flaw in the processing
of PDF files. An attacker could create a malicious PDF file that would
cause Xpdf to crash or potentially execute arbitrary code when opened.
(CVE-2007-3387)

All users of Xpdf should upgrade to these updated packages, which
contain a backported patch to resolve this issue.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2007-August/076278.html

Affected packages:
xpdf

OSVersionArchitecturePackageVersionFilename
CentOS2i386xpdf< 0.92-18.RHEL2xpdf-0.92-18.RHEL2.i386.rpm

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.074 Low

EPSS

Percentile

94.1%