Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
centosCentOS ProjectCESA-2008:0239
HistoryApr 21, 2008 - 3:50 p.m.

poppler security update

2008-04-2115:50:27
CentOS Project
lists.centos.org
48

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.131 Low

EPSS

Percentile

95.5%

JSON

CentOS Errata and Security Advisory CESA-2008:0239

Poppler is a PDF rendering library, used by applications such as Evince.

Kees Cook discovered a flaw in the way poppler displayed malformed fonts
embedded in PDF files. An attacker could create a malicious PDF file that
would cause applications that use poppler โ€“ such as Evince โ€“ to crash,
or, potentially, execute arbitrary code when opened. (CVE-2008-1693)

Users are advised to upgrade to these updated packages, which contain
backported patches to resolve this issue.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2008-April/077018.html
https://lists.centos.org/pipermail/centos-announce/2008-April/077019.html

Affected packages:
poppler
poppler-devel
poppler-utils

Upstream details at:
https://access.redhat.com/errata/RHSA-2008:0239

Related

osv 2
oraclelinux 4
nessus 29
openvas 37
centos 3
redhat 4
debian 2
debiancve 1
ubuntu 2
seebug 1
veracode 1
cve 1
gentoo 1
securityvulns 2
prion 1
ubuntucve 1
fedora 1
osv
osv
poppler - execution of arbitrary code
2008-07-09 00:00:00
xpdf
2008-04-17 00:00:00
oraclelinux
oraclelinux
kdegraphics security update
2008-04-17 00:00:00
xpdf security update
2008-04-17 00:00:00
poppler security update
2008-04-17 00:00:00
nessus
nessus
SuSE9 Security Update : cups (YOU Patch Number 12150)
2009-09-24 00:00:00
openSUSE 10 Security Update : poppler (poppler-5190)
2008-05-01 00:00:00
Oracle Linux 5 : poppler (ELSA-2008-0239)
2013-07-12 00:00:00
openvas
openvas
RedHat Update for xpdf RHSA-2008:0240-01
2009-03-06 00:00:00
Mandriva Update for koffice MDVSA-2008:197-1 (koffice)
2009-04-09 00:00:00
Mandriva Update for koffice MDVSA-2008:197-1 (koffice)
2009-04-09 00:00:00
centos
centos
kdegraphics security update
2008-04-20 14:15:40
xpdf security update
2008-04-20 14:17:25
gpdf security update
2008-05-08 17:30:54
redhat
redhat
(RHSA-2008:0239) Important: poppler security update
2008-04-17 00:00:00
(RHSA-2008:0262) Important: gpdf security update
2008-05-08 00:00:00
(RHSA-2008:0238) Important: kdegraphics security update
2008-04-17 00:00:00
debian
debian
[SECURITY] [DSA 1548-1] New xpdf packages fix arbitrary code exitution
2008-04-17 17:08:44
[SECURITY] [DSA 1548-1] New xpdf packages fix arbitrary code exitution
2008-04-17 17:08:44
debiancve
debiancve
CVE-2008-1693
2008-04-18 15:05:00
ubuntu
ubuntu
KOffice vulnerability
2008-04-17 00:00:00
poppler vulnerability
2008-04-17 00:00:00
seebug
seebug
XpdfๅตŒๅ…ฅๅญ—ไฝ“ๅค„็†ไปฃ็ ๆ‰ง่กŒๆผๆดž
2008-04-23 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:21:48
cve
cve
CVE-2008-1693
2008-04-18 15:05:00
gentoo
gentoo
Poppler: User-assisted execution of arbitrary code
2008-04-17 00:00:00
securityvulns
securityvulns
[ GLSA 200804-18 ] Poppler: User-assisted execution of arbitrary code
2008-04-17 00:00:00
XPDF / Poppler uninitialized pointer dereference
2008-04-17 00:00:00
prion
prion
Design/Logic Flaw
2008-04-18 15:05:00
ubuntucve
ubuntucve
CVE-2008-1693
2008-04-18 00:00:00
fedora
fedora
[SECURITY] Fedora 7 Update: poppler-0.5.4-9.fc7
2008-04-29 20:50:56

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.131 Low

EPSS

Percentile

95.5%

JSON
Related for CESA-2008:0239
osv2oraclelinux4nessus29openvas37centos3redhat4debian2debiancve1ubuntu2seebug1veracode1cve1gentoo1securityvulns2prion1ubuntucve1fedora1