Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
centosCentOS ProjectCESA-2008:0238
HistoryApr 20, 2008 - 2:15 p.m.

kdegraphics security update

2008-04-2014:15:40
CentOS Project
lists.centos.org
41

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.131 Low

EPSS

Percentile

95.5%

JSON

CentOS Errata and Security Advisory CESA-2008:0238

The kdegraphics packages contain applications for the K Desktop
Environment, including kpdf, a PDF file viewer.

Kees Cook discovered a flaw in the way kpdf displayed malformed fonts
embedded in PDF files. An attacker could create a malicious PDF file that
would cause kpdf to crash, or, potentially, execute arbitrary code when
opened. (CVE-2008-1693)

All kdegraphics users are advised to upgrade to these updated packages,
which contain backported patches to resolve this issue.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2008-April/077006.html
https://lists.centos.org/pipermail/centos-announce/2008-April/077026.html
https://lists.centos.org/pipermail/centos-announce/2008-April/077034.html
https://lists.centos.org/pipermail/centos-announce/2008-April/089760.html

Affected packages:
kdegraphics
kdegraphics-devel

Upstream details at:
https://access.redhat.com/errata/RHSA-2008:0238

OSVersionArchitecturePackageVersionFilename
CentOS4x86_64kdegraphics<ย 3.3.1-9.el4_6kdegraphics-3.3.1-9.el4_6.x86_64.rpm
CentOS4x86_64kdegraphics-devel<ย 3.3.1-9.el4_6kdegraphics-devel-3.3.1-9.el4_6.x86_64.rpm
CentOS4i386kdegraphics<ย 3.3.1-9.el4_6kdegraphics-3.3.1-9.el4_6.i386.rpm
CentOS4i386kdegraphics-devel<ย 3.3.1-9.el4_6kdegraphics-devel-3.3.1-9.el4_6.i386.rpm
CentOS4ia64kdegraphics<ย 3.3.1-9.c4kdegraphics-3.3.1-9.c4.ia64.rpm
CentOS4ia64kdegraphics-devel<ย 3.3.1-9.c4kdegraphics-devel-3.3.1-9.c4.ia64.rpm
CentOS4s390kdegraphics<ย 3.3.1-9.c4kdegraphics-3.3.1-9.c4.s390.rpm
CentOS4s390kdegraphics-devel<ย 3.3.1-9.c4kdegraphics-devel-3.3.1-9.c4.s390.rpm
CentOS4s390xkdegraphics<ย 3.3.1-9.c4kdegraphics-3.3.1-9.c4.s390x.rpm
CentOS4s390xkdegraphics-devel<ย 3.3.1-9.c4kdegraphics-devel-3.3.1-9.c4.s390x.rpm

Related

osv 2
oraclelinux 4
nessus 29
openvas 37
redhat 4
debian 2
debiancve 1
ubuntu 2
seebug 1
veracode 1
cve 1
gentoo 1
centos 3
securityvulns 2
prion 1
ubuntucve 1
fedora 1
osv
osv
poppler - execution of arbitrary code
2008-07-09 00:00:00
xpdf
2008-04-17 00:00:00
oraclelinux
oraclelinux
kdegraphics security update
2008-04-17 00:00:00
xpdf security update
2008-04-17 00:00:00
poppler security update
2008-04-17 00:00:00
nessus
nessus
SuSE9 Security Update : cups (YOU Patch Number 12150)
2009-09-24 00:00:00
openSUSE 10 Security Update : poppler (poppler-5190)
2008-05-01 00:00:00
Oracle Linux 5 : poppler (ELSA-2008-0239)
2013-07-12 00:00:00
openvas
openvas
RedHat Update for xpdf RHSA-2008:0240-01
2009-03-06 00:00:00
Mandriva Update for koffice MDVSA-2008:197-1 (koffice)
2009-04-09 00:00:00
Mandriva Update for koffice MDVSA-2008:197-1 (koffice)
2009-04-09 00:00:00
redhat
redhat
(RHSA-2008:0239) Important: poppler security update
2008-04-17 00:00:00
(RHSA-2008:0238) Important: kdegraphics security update
2008-04-17 00:00:00
(RHSA-2008:0262) Important: gpdf security update
2008-05-08 00:00:00
debian
debian
[SECURITY] [DSA 1548-1] New xpdf packages fix arbitrary code exitution
2008-04-17 17:08:44
[SECURITY] [DSA 1548-1] New xpdf packages fix arbitrary code exitution
2008-04-17 17:08:44
debiancve
debiancve
CVE-2008-1693
2008-04-18 15:05:00
ubuntu
ubuntu
KOffice vulnerability
2008-04-17 00:00:00
poppler vulnerability
2008-04-17 00:00:00
seebug
seebug
XpdfๅตŒๅ…ฅๅญ—ไฝ“ๅค„็†ไปฃ็ ๆ‰ง่กŒๆผๆดž
2008-04-23 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:21:48
cve
cve
CVE-2008-1693
2008-04-18 15:05:00
gentoo
gentoo
Poppler: User-assisted execution of arbitrary code
2008-04-17 00:00:00
centos
centos
xpdf security update
2008-04-20 14:17:25
poppler security update
2008-04-21 15:50:27
gpdf security update
2008-05-08 17:30:54
securityvulns
securityvulns
[ GLSA 200804-18 ] Poppler: User-assisted execution of arbitrary code
2008-04-17 00:00:00
XPDF / Poppler uninitialized pointer dereference
2008-04-17 00:00:00
prion
prion
Design/Logic Flaw
2008-04-18 15:05:00
ubuntucve
ubuntucve
CVE-2008-1693
2008-04-18 00:00:00
fedora
fedora
[SECURITY] Fedora 7 Update: poppler-0.5.4-9.fc7
2008-04-29 20:50:56

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.131 Low

EPSS

Percentile

95.5%

JSON
Related for CESA-2008:0238
osv2oraclelinux4nessus29openvas37redhat4debian2debiancve1ubuntu2seebug1veracode1cve1gentoo1centos3securityvulns2prion1ubuntucve1fedora1