Search...

Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 9.1 / current : xpdf (SSA:2009-302-01)

2009-10-29T00:00:00

ID SLACKWARE_SSA_2009-302-01.NASL
Type nessus
Reporter Tenable
Modified 2018-06-27T00:00:00

Description

New xpdf packages are available for Slackware 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix security issues.

                                        
                                            #
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Slackware Security Advisory 2009-302-01. The text 
# itself is copyright (C) Slackware Linux, Inc.
#

if (NASL_LEVEL &lt; 3000) exit(0);

include("compat.inc");

if (description)
{
  script_id(42293);
  script_version("1.14");
  script_cvs_date("Date: 2018/06/27 18:42:26");

  script_cve_id("CVE-2009-3603", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-3606", "CVE-2009-3608", "CVE-2009-3609");
  script_bugtraq_id(36703);
  script_xref(name:"SSA", value:"2009-302-01");

  script_name(english:"Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 9.1 / current : xpdf (SSA:2009-302-01)");
  script_summary(english:"Checks for updated package in /var/log/packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Slackware host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"New xpdf packages are available for Slackware 9.1, 10.0, 10.1, 10.2,
11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix security issues."
  );
  # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.585854
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?e3495990"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected xpdf package.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(189, 399);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:slackware:slackware_linux:xpdf");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:10.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:10.1");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:10.2");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:11.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:12.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:12.1");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:12.2");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:13.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:9.1");

  script_set_attribute(attribute:"patch_publication_date", value:"2009/10/29");
  script_set_attribute(attribute:"plugin_publication_date", value:"2009/10/29");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.");
  script_family(english:"Slackware Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Slackware/release", "Host/Slackware/packages");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("slackware.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Slackware/release")) audit(AUDIT_OS_NOT, "Slackware");
if (!get_kb_item("Host/Slackware/packages")) audit(AUDIT_PACKAGE_LIST_MISSING);


cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" &gt;!&lt; cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Slackware", cpu);


flag = 0;
if (slackware_check(osver:"9.1", pkgname:"xpdf", pkgver:"3.02pl4", pkgarch:"i486", pkgnum:"1_slack9.1")) flag++;

if (slackware_check(osver:"10.0", pkgname:"xpdf", pkgver:"3.02pl4", pkgarch:"i486", pkgnum:"1_slack10.0")) flag++;

if (slackware_check(osver:"10.1", pkgname:"xpdf", pkgver:"3.02pl4", pkgarch:"i486", pkgnum:"1_slack10.1")) flag++;

if (slackware_check(osver:"10.2", pkgname:"xpdf", pkgver:"3.02pl4", pkgarch:"i486", pkgnum:"1_slack10.2")) flag++;

if (slackware_check(osver:"11.0", pkgname:"xpdf", pkgver:"3.02pl4", pkgarch:"i486", pkgnum:"1_slack11.0")) flag++;

if (slackware_check(osver:"12.0", pkgname:"xpdf", pkgver:"3.02pl4", pkgarch:"i486", pkgnum:"1_slack12.0")) flag++;

if (slackware_check(osver:"12.1", pkgname:"xpdf", pkgver:"3.02pl4", pkgarch:"i486", pkgnum:"1_slack12.1")) flag++;

if (slackware_check(osver:"12.2", pkgname:"xpdf", pkgver:"3.02pl4", pkgarch:"i486", pkgnum:"1_slack12.2")) flag++;

if (slackware_check(osver:"13.0", pkgname:"xpdf", pkgver:"3.02pl4", pkgarch:"i486", pkgnum:"1_slack13.0")) flag++;
if (slackware_check(osver:"13.0", arch:"x86_64", pkgname:"xpdf", pkgver:"3.02pl4", pkgarch:"x86_64", pkgnum:"1_slack13.0")) flag++;

if (slackware_check(osver:"current", pkgname:"xpdf", pkgver:"3.02pl4", pkgarch:"i486", pkgnum:"1")) flag++;
if (slackware_check(osver:"current", arch:"x86_64", pkgname:"xpdf", pkgver:"3.02pl4", pkgarch:"x86_64", pkgnum:"1")) flag++;


if (flag)
{
  if (report_verbosity &gt; 0) security_hole(port:0, extra:slackware_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");

JSON Vulners Source

Initial Source

{"id": "SLACKWARE_SSA_2009-302-01.NASL", "bulletinFamily": "scanner", "title": "Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 9.1 / current : xpdf (SSA:2009-302-01)", "description": "New xpdf packages are available for Slackware 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix security issues.", "published": "2009-10-29T00:00:00", "modified": "2018-06-27T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=42293", "reporter": "Tenable", "references": ["http://www.nessus.org/u?e3495990"], "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-3609"], "type": "nessus", "lastseen": "2018-09-01T23:42:20", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:slackware:slackware_linux:12.0", "cpe:/o:slackware:slackware_linux:12.2", "cpe:/o:slackware:slackware_linux:9.1", "cpe:/o:slackware:slackware_linux:13.0", "cpe:/o:slackware:slackware_linux:10.1", "cpe:/o:slackware:slackware_linux:10.0", "p-cpe:/a:slackware:slackware_linux:xpdf", "cpe:/o:slackware:slackware_linux:11.0", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:10.2", "cpe:/o:slackware:slackware_linux:12.1"], "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-3609"], "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "New xpdf packages are available for Slackware 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix security issues.", "edition": 4, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "f51544fad1720b39c1290bde6d06e8839c8b83e7a1c3ac59d205dcf93b422a52", "hashmap": [{"hash": "3e11a47e08439232f42a209efa61912e", "key": "cvelist"}, {"hash": "3cc2d181271797b9e089ddb7263e0987", "key": "description"}, {"hash": "2076413bdcb42307d016f5286cbae795", "key": "cvss"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "6f1bbf42385776271e2f36360eaf155a", "key": "title"}, {"hash": "dbe8490a2306a688b8e7274f6c4be51c", "key": "references"}, {"hash": "d6f385a9dfc88031692c12fd466b9e10", "key": "href"}, {"hash": "9241135ad5589209cfecf47d77e8289f", "key": "published"}, {"hash": "858e422a528c0b91f6b7e8028a66f82a", "key": "sourceData"}, {"hash": "728473341116a99431f0ee4793831664", "key": "modified"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "72e81de94dfc0373b006ca75e9c851a1", "key": "pluginID"}, {"hash": "43a3ec56ec636b53af6d97a47899295c", "key": "naslFamily"}, {"hash": "50f77a5fc8b1360499ad211f22545dc8", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=42293", "id": "SLACKWARE_SSA_2009-302-01.NASL", "lastseen": "2018-06-29T05:41:41", "modified": "2018-06-27T00:00:00", "naslFamily": "Slackware Local Security Checks", "objectVersion": "1.3", "pluginID": "42293", "published": "2009-10-29T00:00:00", "references": ["http://www.nessus.org/u?e3495990"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2009-302-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(42293);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2018/06/27 18:42:26\");\n\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3605\", \"CVE-2009-3606\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_bugtraq_id(36703);\n script_xref(name:\"SSA\", value:\"2009-302-01\");\n\n script_name(english:\"Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 9.1 / current : xpdf (SSA:2009-302-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New xpdf packages are available for Slackware 9.1, 10.0, 10.1, 10.2,\n11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.585854\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e3495990\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected xpdf package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:xpdf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:11.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:9.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"9.1\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack9.1\")) flag++;\n\nif (slackware_check(osver:\"10.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack10.0\")) flag++;\n\nif (slackware_check(osver:\"10.1\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack10.1\")) flag++;\n\nif (slackware_check(osver:\"10.2\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack10.2\")) flag++;\n\nif (slackware_check(osver:\"11.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack11.0\")) flag++;\n\nif (slackware_check(osver:\"12.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack12.0\")) flag++;\n\nif (slackware_check(osver:\"12.1\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack12.1\")) flag++;\n\nif (slackware_check(osver:\"12.2\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack12.2\")) flag++;\n\nif (slackware_check(osver:\"13.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack13.0\")) flag++;\nif (slackware_check(osver:\"13.0\", arch:\"x86_64\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.0\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 9.1 / current : xpdf (SSA:2009-302-01)", "type": "nessus", "viewCount": 3}, "differentElements": ["cvss"], "edition": 4, "lastseen": "2018-06-29T05:41:41"}, {"bulletin": {"bulletinFamily": "exploit", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-3609"], "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "New xpdf packages are available for Slackware 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix security issues.", "edition": 1, "hash": "881feb458cf91ccb90b247d1e6ad2fc4e68149b3fbd526c0055884b523319a73", "hashmap": [{"hash": "3e11a47e08439232f42a209efa61912e", "key": "cvelist"}, {"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "3cc2d181271797b9e089ddb7263e0987", "key": "description"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "dab2c88dbe46e37b3606fac8b73c9715", "key": "sourceData"}, {"hash": "a33e65a768b0cca01f769a54f9f4ed8b", "key": "cvss"}, {"hash": "6f1bbf42385776271e2f36360eaf155a", "key": "title"}, {"hash": "dbe8490a2306a688b8e7274f6c4be51c", "key": "references"}, {"hash": "d6f385a9dfc88031692c12fd466b9e10", "key": "href"}, {"hash": "9241135ad5589209cfecf47d77e8289f", "key": "published"}, {"hash": "7ffda9669264dbb8d98fe2f4177b79f6", "key": "modified"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "72e81de94dfc0373b006ca75e9c851a1", "key": "pluginID"}, {"hash": "43a3ec56ec636b53af6d97a47899295c", "key": "naslFamily"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=42293", "id": "SLACKWARE_SSA_2009-302-01.NASL", "lastseen": "2016-09-26T17:24:13", "modified": "2013-10-25T00:00:00", "naslFamily": "Slackware Local Security Checks", "objectVersion": "1.2", "pluginID": "42293", "published": "2009-10-29T00:00:00", "references": ["http://www.nessus.org/u?e3495990"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2009-302-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(42293);\n script_version(\"$Revision: 1.12 $\");\n script_cvs_date(\"$Date: 2013/10/25 10:43:06 $\");\n\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3605\", \"CVE-2009-3606\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_bugtraq_id(36703);\n script_osvdb_id(59175, 59176, 59177, 59178, 59179, 59180, 59181, 59182, 59183, 59825);\n script_xref(name:\"SSA\", value:\"2009-302-01\");\n\n script_name(english:\"Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 9.1 / current : xpdf (SSA:2009-302-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New xpdf packages are available for Slackware 9.1, 10.0, 10.1, 10.2,\n11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.585854\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e3495990\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected xpdf package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:xpdf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:11.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:9.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2013 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"9.1\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack9.1\")) flag++;\n\nif (slackware_check(osver:\"10.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack10.0\")) flag++;\n\nif (slackware_check(osver:\"10.1\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack10.1\")) flag++;\n\nif (slackware_check(osver:\"10.2\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack10.2\")) flag++;\n\nif (slackware_check(osver:\"11.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack11.0\")) flag++;\n\nif (slackware_check(osver:\"12.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack12.0\")) flag++;\n\nif (slackware_check(osver:\"12.1\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack12.1\")) flag++;\n\nif (slackware_check(osver:\"12.2\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack12.2\")) flag++;\n\nif (slackware_check(osver:\"13.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack13.0\")) flag++;\nif (slackware_check(osver:\"13.0\", arch:\"x86_64\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.0\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 9.1 / current : xpdf (SSA:2009-302-01)", "type": "nessus", "viewCount": 1}, "differentElements": ["modified", "sourceData"], "edition": 1, "lastseen": "2016-09-26T17:24:13"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-3609"], "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "New xpdf packages are available for Slackware 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix security issues.", "edition": 2, "enchantments": {}, "hash": "5ca10e347aa1ebcd3c13653da1b6faf1e9a92da42eb7faff4767d2bf829382ab", "hashmap": [{"hash": "3e11a47e08439232f42a209efa61912e", "key": "cvelist"}, {"hash": "3cc2d181271797b9e089ddb7263e0987", "key": "description"}, {"hash": "2076413bdcb42307d016f5286cbae795", "key": "cvss"}, {"hash": "4a82993e5bae24a8de850ec42ad6df26", "key": "sourceData"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "6f1bbf42385776271e2f36360eaf155a", "key": "title"}, {"hash": "dbe8490a2306a688b8e7274f6c4be51c", "key": "references"}, {"hash": "3f29908c6bb6f5efaf3e67cda47b94f7", "key": "modified"}, {"hash": "d6f385a9dfc88031692c12fd466b9e10", "key": "href"}, {"hash": "9241135ad5589209cfecf47d77e8289f", "key": "published"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "72e81de94dfc0373b006ca75e9c851a1", "key": "pluginID"}, {"hash": "43a3ec56ec636b53af6d97a47899295c", "key": "naslFamily"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=42293", "id": "SLACKWARE_SSA_2009-302-01.NASL", "lastseen": "2016-12-10T05:35:04", "modified": "2016-12-09T00:00:00", "naslFamily": "Slackware Local Security Checks", "objectVersion": "1.2", "pluginID": "42293", "published": "2009-10-29T00:00:00", "references": ["http://www.nessus.org/u?e3495990"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2009-302-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(42293);\n script_version(\"$Revision: 1.13 $\");\n script_cvs_date(\"$Date: 2016/12/09 20:54:58 $\");\n\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3605\", \"CVE-2009-3606\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_bugtraq_id(36703);\n script_osvdb_id(59175, 59176, 59177, 59178, 59179, 59180, 59181, 59182, 59183, 59825);\n script_xref(name:\"SSA\", value:\"2009-302-01\");\n\n script_name(english:\"Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 9.1 / current : xpdf (SSA:2009-302-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New xpdf packages are available for Slackware 9.1, 10.0, 10.1, 10.2,\n11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.585854\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e3495990\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected xpdf package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:xpdf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:11.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:9.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"9.1\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack9.1\")) flag++;\n\nif (slackware_check(osver:\"10.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack10.0\")) flag++;\n\nif (slackware_check(osver:\"10.1\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack10.1\")) flag++;\n\nif (slackware_check(osver:\"10.2\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack10.2\")) flag++;\n\nif (slackware_check(osver:\"11.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack11.0\")) flag++;\n\nif (slackware_check(osver:\"12.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack12.0\")) flag++;\n\nif (slackware_check(osver:\"12.1\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack12.1\")) flag++;\n\nif (slackware_check(osver:\"12.2\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack12.2\")) flag++;\n\nif (slackware_check(osver:\"13.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack13.0\")) flag++;\nif (slackware_check(osver:\"13.0\", arch:\"x86_64\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.0\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 9.1 / current : xpdf (SSA:2009-302-01)", "type": "nessus", "viewCount": 3}, "differentElements": ["cpe"], "edition": 2, "lastseen": "2016-12-10T05:35:04"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:slackware:slackware_linux:12.0", "cpe:/o:slackware:slackware_linux:12.2", "cpe:/o:slackware:slackware_linux:9.1", "cpe:/o:slackware:slackware_linux:13.0", "cpe:/o:slackware:slackware_linux:10.1", "cpe:/o:slackware:slackware_linux:10.0", "p-cpe:/a:slackware:slackware_linux:xpdf", "cpe:/o:slackware:slackware_linux:11.0", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:10.2", "cpe:/o:slackware:slackware_linux:12.1"], "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-3609"], "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "New xpdf packages are available for Slackware 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix security issues.", "edition": 3, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "9d885e3476c7caa87da6c83dd4abd33769321bc3bd125816e14ac97c6ba5cdbb", "hashmap": [{"hash": "3e11a47e08439232f42a209efa61912e", "key": "cvelist"}, {"hash": "3cc2d181271797b9e089ddb7263e0987", "key": "description"}, {"hash": "2076413bdcb42307d016f5286cbae795", "key": "cvss"}, {"hash": "4a82993e5bae24a8de850ec42ad6df26", "key": "sourceData"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "6f1bbf42385776271e2f36360eaf155a", "key": "title"}, {"hash": "dbe8490a2306a688b8e7274f6c4be51c", "key": "references"}, {"hash": "3f29908c6bb6f5efaf3e67cda47b94f7", "key": "modified"}, {"hash": "d6f385a9dfc88031692c12fd466b9e10", "key": "href"}, {"hash": "9241135ad5589209cfecf47d77e8289f", "key": "published"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "72e81de94dfc0373b006ca75e9c851a1", "key": "pluginID"}, {"hash": "43a3ec56ec636b53af6d97a47899295c", "key": "naslFamily"}, {"hash": "50f77a5fc8b1360499ad211f22545dc8", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=42293", "id": "SLACKWARE_SSA_2009-302-01.NASL", "lastseen": "2017-10-29T13:36:50", "modified": "2016-12-09T00:00:00", "naslFamily": "Slackware Local Security Checks", "objectVersion": "1.3", "pluginID": "42293", "published": "2009-10-29T00:00:00", "references": ["http://www.nessus.org/u?e3495990"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2009-302-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(42293);\n script_version(\"$Revision: 1.13 $\");\n script_cvs_date(\"$Date: 2016/12/09 20:54:58 $\");\n\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3605\", \"CVE-2009-3606\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_bugtraq_id(36703);\n script_osvdb_id(59175, 59176, 59177, 59178, 59179, 59180, 59181, 59182, 59183, 59825);\n script_xref(name:\"SSA\", value:\"2009-302-01\");\n\n script_name(english:\"Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 9.1 / current : xpdf (SSA:2009-302-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New xpdf packages are available for Slackware 9.1, 10.0, 10.1, 10.2,\n11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.585854\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e3495990\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected xpdf package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:xpdf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:11.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:9.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"9.1\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack9.1\")) flag++;\n\nif (slackware_check(osver:\"10.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack10.0\")) flag++;\n\nif (slackware_check(osver:\"10.1\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack10.1\")) flag++;\n\nif (slackware_check(osver:\"10.2\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack10.2\")) flag++;\n\nif (slackware_check(osver:\"11.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack11.0\")) flag++;\n\nif (slackware_check(osver:\"12.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack12.0\")) flag++;\n\nif (slackware_check(osver:\"12.1\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack12.1\")) flag++;\n\nif (slackware_check(osver:\"12.2\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack12.2\")) flag++;\n\nif (slackware_check(osver:\"13.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack13.0\")) flag++;\nif (slackware_check(osver:\"13.0\", arch:\"x86_64\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.0\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 9.1 / current : xpdf (SSA:2009-302-01)", "type": "nessus", "viewCount": 3}, "differentElements": ["modified", "sourceData"], "edition": 3, "lastseen": "2017-10-29T13:36:50"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:slackware:slackware_linux:12.0", "cpe:/o:slackware:slackware_linux:12.2", "cpe:/o:slackware:slackware_linux:9.1", "cpe:/o:slackware:slackware_linux:13.0", "cpe:/o:slackware:slackware_linux:10.1", "cpe:/o:slackware:slackware_linux:10.0", "p-cpe:/a:slackware:slackware_linux:xpdf", "cpe:/o:slackware:slackware_linux:11.0", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:10.2", "cpe:/o:slackware:slackware_linux:12.1"], "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-3609"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "New xpdf packages are available for Slackware 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix security issues.", "edition": 5, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "923689ff7776c6a5495ce8b3eda10de8f6af15c8e57e7e292c356c4e52e1895a", "hashmap": [{"hash": "3e11a47e08439232f42a209efa61912e", "key": "cvelist"}, {"hash": "3cc2d181271797b9e089ddb7263e0987", "key": "description"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "6f1bbf42385776271e2f36360eaf155a", "key": "title"}, {"hash": "dbe8490a2306a688b8e7274f6c4be51c", "key": "references"}, {"hash": "d6f385a9dfc88031692c12fd466b9e10", "key": "href"}, {"hash": "9241135ad5589209cfecf47d77e8289f", "key": "published"}, {"hash": "858e422a528c0b91f6b7e8028a66f82a", "key": "sourceData"}, {"hash": "728473341116a99431f0ee4793831664", "key": "modified"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "72e81de94dfc0373b006ca75e9c851a1", "key": "pluginID"}, {"hash": "43a3ec56ec636b53af6d97a47899295c", "key": "naslFamily"}, {"hash": "50f77a5fc8b1360499ad211f22545dc8", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=42293", "id": "SLACKWARE_SSA_2009-302-01.NASL", "lastseen": "2018-08-30T19:36:50", "modified": "2018-06-27T00:00:00", "naslFamily": "Slackware Local Security Checks", "objectVersion": "1.3", "pluginID": "42293", "published": "2009-10-29T00:00:00", "references": ["http://www.nessus.org/u?e3495990"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2009-302-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(42293);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2018/06/27 18:42:26\");\n\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3605\", \"CVE-2009-3606\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_bugtraq_id(36703);\n script_xref(name:\"SSA\", value:\"2009-302-01\");\n\n script_name(english:\"Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 9.1 / current : xpdf (SSA:2009-302-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New xpdf packages are available for Slackware 9.1, 10.0, 10.1, 10.2,\n11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.585854\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e3495990\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected xpdf package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:xpdf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:11.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:9.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"9.1\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack9.1\")) flag++;\n\nif (slackware_check(osver:\"10.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack10.0\")) flag++;\n\nif (slackware_check(osver:\"10.1\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack10.1\")) flag++;\n\nif (slackware_check(osver:\"10.2\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack10.2\")) flag++;\n\nif (slackware_check(osver:\"11.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack11.0\")) flag++;\n\nif (slackware_check(osver:\"12.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack12.0\")) flag++;\n\nif (slackware_check(osver:\"12.1\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack12.1\")) flag++;\n\nif (slackware_check(osver:\"12.2\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack12.2\")) flag++;\n\nif (slackware_check(osver:\"13.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack13.0\")) flag++;\nif (slackware_check(osver:\"13.0\", arch:\"x86_64\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.0\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 9.1 / current : xpdf (SSA:2009-302-01)", "type": "nessus", "viewCount": 3}, "differentElements": ["cvss"], "edition": 5, "lastseen": "2018-08-30T19:36:50"}], "edition": 6, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "50f77a5fc8b1360499ad211f22545dc8"}, {"key": "cvelist", "hash": "3e11a47e08439232f42a209efa61912e"}, {"key": "cvss", "hash": "2076413bdcb42307d016f5286cbae795"}, {"key": "description", "hash": "3cc2d181271797b9e089ddb7263e0987"}, {"key": "href", "hash": "d6f385a9dfc88031692c12fd466b9e10"}, {"key": "modified", "hash": "728473341116a99431f0ee4793831664"}, {"key": "naslFamily", "hash": "43a3ec56ec636b53af6d97a47899295c"}, {"key": "pluginID", "hash": "72e81de94dfc0373b006ca75e9c851a1"}, {"key": "published", "hash": "9241135ad5589209cfecf47d77e8289f"}, {"key": "references", "hash": "dbe8490a2306a688b8e7274f6c4be51c"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "858e422a528c0b91f6b7e8028a66f82a"}, {"key": "title", "hash": "6f1bbf42385776271e2f36360eaf155a"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "f51544fad1720b39c1290bde6d06e8839c8b83e7a1c3ac59d205dcf93b422a52", "viewCount": 3, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}, "vulnersScore": 5.0}, "objectVersion": "1.3", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2009-302-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(42293);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2018/06/27 18:42:26\");\n\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3605\", \"CVE-2009-3606\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_bugtraq_id(36703);\n script_xref(name:\"SSA\", value:\"2009-302-01\");\n\n script_name(english:\"Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 9.1 / current : xpdf (SSA:2009-302-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New xpdf packages are available for Slackware 9.1, 10.0, 10.1, 10.2,\n11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.585854\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e3495990\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected xpdf package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:xpdf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:11.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:9.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"9.1\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack9.1\")) flag++;\n\nif (slackware_check(osver:\"10.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack10.0\")) flag++;\n\nif (slackware_check(osver:\"10.1\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack10.1\")) flag++;\n\nif (slackware_check(osver:\"10.2\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack10.2\")) flag++;\n\nif (slackware_check(osver:\"11.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack11.0\")) flag++;\n\nif (slackware_check(osver:\"12.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack12.0\")) flag++;\n\nif (slackware_check(osver:\"12.1\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack12.1\")) flag++;\n\nif (slackware_check(osver:\"12.2\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack12.2\")) flag++;\n\nif (slackware_check(osver:\"13.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack13.0\")) flag++;\nif (slackware_check(osver:\"13.0\", arch:\"x86_64\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.0\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "Slackware Local Security Checks", "pluginID": "42293", "cpe": ["cpe:/o:slackware:slackware_linux:12.0", "cpe:/o:slackware:slackware_linux:12.2", "cpe:/o:slackware:slackware_linux:9.1", "cpe:/o:slackware:slackware_linux:13.0", "cpe:/o:slackware:slackware_linux:10.1", "cpe:/o:slackware:slackware_linux:10.0", "p-cpe:/a:slackware:slackware_linux:xpdf", "cpe:/o:slackware:slackware_linux:11.0", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:10.2", "cpe:/o:slackware:slackware_linux:12.1"]}

{"nessus": [{"lastseen": "2018-09-01T23:53:09", "references": ["https://bugzilla.novell.com/show_bug.cgi?id=539875", "https://bugzilla.novell.com/show_bug.cgi?id=543410", "https://bugzilla.novell.com/show_bug.cgi?id=534764"], "pluginID": "42419", "description": "Specially crafted PDF files could cause buffer overflows in xpdf when viewing such a document (CVE-2009-3603, CVE-2009-3604, CVE-2009-3605, CVE-2009-3606, CVE-2009-3608, CVE-2009-3609).", "edition": 5, "reporter": "Tenable", "published": "2009-11-09T00:00:00", "title": "openSUSE Security Update : xpdf (xpdf-1397)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-3609"], "modified": "2016-12-21T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:xpdf-tools", "cpe:/o:novell:opensuse:11.1", "p-cpe:/a:novell:opensuse:xpdf"], "id": "SUSE_11_1_XPDF-091024.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=42419", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update xpdf-1397.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(42419);\n script_version(\"$Revision: 1.9 $\");\n script_cvs_date(\"$Date: 2016/12/21 20:21:19 $\");\n\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3605\", \"CVE-2009-3606\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n\n script_name(english:\"openSUSE Security Update : xpdf (xpdf-1397)\");\n script_summary(english:\"Check for the xpdf-1397 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Specially crafted PDF files could cause buffer overflows in xpdf when\nviewing such a document (CVE-2009-3603, CVE-2009-3604, CVE-2009-3605,\nCVE-2009-3606, CVE-2009-3608, CVE-2009-3609).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=534764\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=539875\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=543410\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected xpdf packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xpdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xpdf-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/11/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"xpdf-3.02-97.81.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"xpdf-tools-3.02-97.81.3\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xpdf / xpdf-tools\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:57:53", "references": ["http://support.novell.com/security/cve/CVE-2009-3603.html", "http://support.novell.com/security/cve/CVE-2009-3604.html", "http://support.novell.com/security/cve/CVE-2009-3606.html", "http://support.novell.com/security/cve/CVE-2009-3605.html", "http://support.novell.com/security/cve/CVE-2009-3608.html", "http://support.novell.com/security/cve/CVE-2009-3609.html"], "pluginID": "42406", "description": "Specially crafted PDF files could cause buffer overflows in xpdf when viewing such a document. (CVE-2009-3603 / CVE-2009-3604 / CVE-2009-3605 / CVE-2009-3606 / CVE-2009-3608 / CVE-2009-3609)", "edition": 5, "reporter": "Tenable", "published": "2009-11-06T00:00:00", "title": "SuSE 10 Security Update : xpdf (ZYPP Patch Number 6556)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-3609"], "modified": "2016-12-22T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_XPDF-6556.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=42406", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(42406);\n script_version (\"$Revision: 1.10 $\");\n script_cvs_date(\"$Date: 2016/12/22 20:42:29 $\");\n\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3605\", \"CVE-2009-3606\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n\n script_name(english:\"SuSE 10 Security Update : xpdf (ZYPP Patch Number 6556)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Specially crafted PDF files could cause buffer overflows in xpdf when\nviewing such a document. (CVE-2009-3603 / CVE-2009-3604 /\nCVE-2009-3605 / CVE-2009-3606 / CVE-2009-3608 / CVE-2009-3609)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3603.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3604.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3605.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3606.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3608.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3609.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 6556.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/11/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"xpdf-tools-3.01-21.22.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"xpdf-tools-3.01-21.22.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-02T00:03:36", "references": ["https://bugzilla.novell.com/show_bug.cgi?id=539875", "https://bugzilla.novell.com/show_bug.cgi?id=543410", "https://bugzilla.novell.com/show_bug.cgi?id=534764"], "pluginID": "42417", "description": "Specially crafted PDF files could cause buffer overflows in xpdf when viewing such a document (CVE-2009-3603, CVE-2009-3604, CVE-2009-3605, CVE-2009-3606, CVE-2009-3608, CVE-2009-3609).", "edition": 5, "reporter": "Tenable", "published": "2009-11-09T00:00:00", "title": "openSUSE Security Update : xpdf (xpdf-1397)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-3609"], "modified": "2016-12-21T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:xpdf-tools", "cpe:/o:novell:opensuse:11.0", "p-cpe:/a:novell:opensuse:xpdf"], "id": "SUSE_11_0_XPDF-091023.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=42417", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update xpdf-1397.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(42417);\n script_version(\"$Revision: 1.9 $\");\n script_cvs_date(\"$Date: 2016/12/21 20:09:51 $\");\n\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3605\", \"CVE-2009-3606\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n\n script_name(english:\"openSUSE Security Update : xpdf (xpdf-1397)\");\n script_summary(english:\"Check for the xpdf-1397 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Specially crafted PDF files could cause buffer overflows in xpdf when\nviewing such a document (CVE-2009-3603, CVE-2009-3604, CVE-2009-3605,\nCVE-2009-3606, CVE-2009-3608, CVE-2009-3609).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=534764\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=539875\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=543410\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected xpdf packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xpdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xpdf-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/11/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"xpdf-3.02-95.9\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"xpdf-tools-3.02-95.9\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xpdf / xpdf-tools\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-02T00:04:39", "references": ["http://support.novell.com/security/cve/CVE-2009-3603.html", "http://support.novell.com/security/cve/CVE-2009-3604.html", "http://support.novell.com/security/cve/CVE-2009-3606.html", "http://support.novell.com/security/cve/CVE-2009-3605.html", "http://support.novell.com/security/cve/CVE-2009-3608.html", "http://support.novell.com/security/cve/CVE-2009-3609.html"], "pluginID": "49935", "description": "Specially crafted PDF files could cause buffer overflows in xpdf when viewing such a document. (CVE-2009-3603 / CVE-2009-3604 / CVE-2009-3605 / CVE-2009-3606 / CVE-2009-3608 / CVE-2009-3609)", "edition": 5, "reporter": "Tenable", "published": "2010-10-11T00:00:00", "title": "SuSE 10 Security Update : xpdf (ZYPP Patch Number 6560)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-3609"], "modified": "2016-12-22T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_XPDF-6560.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=49935", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(49935);\n script_version (\"$Revision: 1.6 $\");\n script_cvs_date(\"$Date: 2016/12/22 20:42:29 $\");\n\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3605\", \"CVE-2009-3606\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n\n script_name(english:\"SuSE 10 Security Update : xpdf (ZYPP Patch Number 6560)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Specially crafted PDF files could cause buffer overflows in xpdf when\nviewing such a document. (CVE-2009-3603 / CVE-2009-3604 /\nCVE-2009-3605 / CVE-2009-3606 / CVE-2009-3608 / CVE-2009-3609)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3603.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3604.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3605.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3606.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3608.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3609.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 6560.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/10/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2016 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:3, reference:\"xpdf-tools-3.01-21.23.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"xpdf-tools-3.01-21.23.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:41:22", "references": [], "pluginID": "42215", "description": "Multiple vulnerabilities has been found and corrected in xpdf :\n\nInteger overflow in the SplashBitmap::SplashBitmap function in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1 might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third-party information. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2009-1188 (CVE-2009-3603).\n\nThe Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before 3.02pl4, and Poppler 0.x, as used in GPdf and kdegraphics KPDF, does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document that triggers a NULL pointer dereference or a heap-based buffer overflow (CVE-2009-3604).\n\nInteger overflow in the PSOutputDev::doImageL1Sep function in Xpdf before 3.02pl4, and Poppler 0.x, as used in kdegraphics KPDF, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow (CVE-2009-3606).\n\nInteger overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow (CVE-2009-3608).\n\nInteger overflow in the ImageStream::ImageStream function in Stream.cc in Xpdf before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, and CUPS pdftops, allows remote attackers to cause a denial of service (application crash) via a crafted PDF document that triggers a NULL pointer dereference or buffer over-read (CVE-2009-3609).\n\nThis update fixes these vulnerabilities.\n\nUpdate :\n\nPackages for 2008.0 are provided for Corporate Desktop 2008.0 customers", "edition": 6, "reporter": "Tenable", "published": "2009-10-23T00:00:00", "title": "Mandriva Linux Security Advisory : xpdf (MDVSA-2009:287-1)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "naslFamily": "Mandriva Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3609"], "modified": "2018-07-19T00:00:00", "cpe": ["cpe:/o:mandriva:linux:2008.0", "p-cpe:/a:mandriva:linux:xpdf-tools", "p-cpe:/a:mandriva:linux:xpdf", "p-cpe:/a:mandriva:linux:xpdf-common"], "id": "MANDRIVA_MDVSA-2009-287.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=42215", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2009:287. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(42215);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2018/07/19 20:59:16\");\n\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3606\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_bugtraq_id(36703);\n script_xref(name:\"MDVSA\", value:\"2009:287-1\");\n\n script_name(english:\"Mandriva Linux Security Advisory : xpdf (MDVSA-2009:287-1)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities has been found and corrected in xpdf :\n\nInteger overflow in the SplashBitmap::SplashBitmap function in Xpdf\n3.x before 3.02pl4 and Poppler before 0.12.1 might allow remote\nattackers to execute arbitrary code via a crafted PDF document that\ntriggers a heap-based buffer overflow. NOTE: some of these details are\nobtained from third-party information. NOTE: this issue reportedly\nexists because of an incomplete fix for CVE-2009-1188 (CVE-2009-3603).\n\nThe Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before\n3.02pl4, and Poppler 0.x, as used in GPdf and kdegraphics KPDF, does\nnot properly allocate memory, which allows remote attackers to cause a\ndenial of service (application crash) or possibly execute arbitrary\ncode via a crafted PDF document that triggers a NULL pointer\ndereference or a heap-based buffer overflow (CVE-2009-3604).\n\nInteger overflow in the PSOutputDev::doImageL1Sep function in Xpdf\nbefore 3.02pl4, and Poppler 0.x, as used in kdegraphics KPDF, might\nallow remote attackers to execute arbitrary code via a crafted PDF\ndocument that triggers a heap-based buffer overflow (CVE-2009-3606).\n\nInteger overflow in the ObjectStream::ObjectStream function in XRef.cc\nin Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf,\nkdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote\nattackers to execute arbitrary code via a crafted PDF document that\ntriggers a heap-based buffer overflow (CVE-2009-3608).\n\nInteger overflow in the ImageStream::ImageStream function in Stream.cc\nin Xpdf before 3.02pl4 and Poppler before 0.12.1, as used in GPdf,\nkdegraphics KPDF, and CUPS pdftops, allows remote attackers to cause a\ndenial of service (application crash) via a crafted PDF document that\ntriggers a NULL pointer dereference or buffer over-read\n(CVE-2009-3609).\n\nThis update fixes these vulnerabilities.\n\nUpdate :\n\nPackages for 2008.0 are provided for Corporate Desktop 2008.0\ncustomers\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected xpdf, xpdf-common and / or xpdf-tools packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:xpdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:xpdf-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:xpdf-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/12/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2008.0\", reference:\"xpdf-3.02-8.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"xpdf-common-3.02-8.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"xpdf-tools-3.02-8.3mdv2008.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:56:37", "references": ["http://www.nessus.org/u?dba4f1ad"], "pluginID": "42294", "description": "New poppler packages are available for Slackware 12.0, 12.1, 12.2, 13.0, and -current to fix security issues.", "edition": 5, "reporter": "Tenable", "published": "2009-10-29T00:00:00", "title": "Slackware 12.0 / 12.1 / 12.2 / 13.0 / current : poppler (SSA:2009-302-02)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Slackware Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-3609"], "modified": "2016-12-09T00:00:00", "cpe": ["cpe:/o:slackware:slackware_linux:12.0", "p-cpe:/a:slackware:slackware_linux:poppler", "cpe:/o:slackware:slackware_linux:12.2", "cpe:/o:slackware:slackware_linux:13.0", "cpe:/o:slackware:slackware_linux", "p-cpe:/a:slackware:slackware_linux:poppler-data", "cpe:/o:slackware:slackware_linux:12.1"], "id": "SLACKWARE_SSA_2009-302-02.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=42294", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2009-302-02. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(42294);\n script_version(\"$Revision: 1.12 $\");\n script_cvs_date(\"$Date: 2016/12/09 20:54:58 $\");\n\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3605\", \"CVE-2009-3606\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_bugtraq_id(36703);\n script_xref(name:\"SSA\", value:\"2009-302-02\");\n\n script_name(english:\"Slackware 12.0 / 12.1 / 12.2 / 13.0 / current : poppler (SSA:2009-302-02)\");\n script_summary(english:\"Checks for updated packages in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New poppler packages are available for Slackware 12.0, 12.1, 12.2,\n13.0, and -current to fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.518348\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?dba4f1ad\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected poppler and / or poppler-data packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:poppler\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:poppler-data\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"12.0\", pkgname:\"poppler\", pkgver:\"0.6.2\", pkgarch:\"i486\", pkgnum:\"2_slack12.0\")) flag++;\n\nif (slackware_check(osver:\"12.1\", pkgname:\"poppler\", pkgver:\"0.6.4\", pkgarch:\"i486\", pkgnum:\"2_slack12.1\")) flag++;\n\nif (slackware_check(osver:\"12.2\", pkgname:\"poppler\", pkgver:\"0.8.5\", pkgarch:\"i486\", pkgnum:\"3_slack12.2\")) flag++;\n\nif (slackware_check(osver:\"13.0\", pkgname:\"poppler\", pkgver:\"0.10.7\", pkgarch:\"i486\", pkgnum:\"2_slack13.0\")) flag++;\nif (slackware_check(osver:\"13.0\", arch:\"x86_64\", pkgname:\"poppler\", pkgver:\"0.10.7\", pkgarch:\"x86_64\", pkgnum:\"2_slack13.0\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"poppler\", pkgver:\"0.12.1\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", pkgname:\"poppler-data\", pkgver:\"0.3.0\", pkgarch:\"noarch\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"poppler\", pkgver:\"0.12.1\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"poppler-data\", pkgver:\"0.3.0\", pkgarch:\"noarch\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:42:43", "references": [], "pluginID": "42422", "description": "Specially crafted PDF files could cause buffer overflows in xpdf when viewing such a document (CVE-2009-3603, CVE-2009-3604, CVE-2009-3605, CVE-2009-3606, CVE-2009-3608, CVE-2009-3609).", "edition": 5, "reporter": "Tenable", "published": "2009-11-09T00:00:00", "title": "openSUSE 10 Security Update : xpdf (xpdf-6558)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-3609"], "modified": "2016-12-22T00:00:00", "cpe": ["cpe:/o:novell:opensuse:10.3", "p-cpe:/a:novell:opensuse:xpdf-tools", "p-cpe:/a:novell:opensuse:xpdf"], "id": "SUSE_XPDF-6558.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=42422", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update xpdf-6558.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(42422);\n script_version (\"$Revision: 1.7 $\");\n script_cvs_date(\"$Date: 2016/12/22 20:42:29 $\");\n\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3605\", \"CVE-2009-3606\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n\n script_name(english:\"openSUSE 10 Security Update : xpdf (xpdf-6558)\");\n script_summary(english:\"Check for the xpdf-6558 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Specially crafted PDF files could cause buffer overflows in xpdf when\nviewing such a document (CVE-2009-3603, CVE-2009-3604, CVE-2009-3605,\nCVE-2009-3606, CVE-2009-3608, CVE-2009-3609).\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected xpdf packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xpdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xpdf-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/11/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.3\", reference:\"xpdf-3.02-19.13\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"xpdf-tools-3.02-19.13\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xpdf / xpdf-tools\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-02T00:08:45", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=526924", "https://bugzilla.redhat.com/show_bug.cgi?id=526637", "https://bugzilla.redhat.com/show_bug.cgi?id=526915", "http://www.nessus.org/u?40b9b183", "https://bugzilla.redhat.com/show_bug.cgi?id=526911", "https://bugzilla.redhat.com/show_bug.cgi?id=526893", "https://bugzilla.redhat.com/show_bug.cgi?id=526877"], "pluginID": "42280", "description": "This build addresses several recent security issues.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 5, "reporter": "Tenable", "published": "2009-10-28T00:00:00", "title": "Fedora 11 : poppler-0.10.7-3.fc11 (2009-10845)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3607", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3609"], "modified": "2016-12-08T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:poppler", "cpe:/o:fedoraproject:fedora:11"], "id": "FEDORA_2009-10845.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=42280", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-10845.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(42280);\n script_version(\"$Revision: 1.12 $\");\n script_cvs_date(\"$Date: 2016/12/08 20:21:54 $\");\n\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3606\", \"CVE-2009-3607\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_bugtraq_id(36703, 36718);\n script_xref(name:\"FEDORA\", value:\"2009-10845\");\n\n script_name(english:\"Fedora 11 : poppler-0.10.7-3.fc11 (2009-10845)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This build addresses several recent security issues.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=526637\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=526877\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=526893\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=526911\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=526915\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=526924\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-October/030415.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?40b9b183\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected poppler package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:poppler\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^11([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 11.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC11\", reference:\"poppler-0.10.7-3.fc11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"poppler\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-02T00:05:20", "references": ["http://www.nessus.org/u?fc076e6b", "https://bugzilla.redhat.com/show_bug.cgi?id=495907", "https://bugzilla.redhat.com/show_bug.cgi?id=526637", "https://bugzilla.redhat.com/show_bug.cgi?id=526911", "https://bugzilla.redhat.com/show_bug.cgi?id=526893", "https://bugzilla.redhat.com/show_bug.cgi?id=526877"], "pluginID": "47251", "description": "Add patch from upstream to fix several security issues in xpdf code:\nCVE-2009-1188/CVE-2009-3603, CVE-2009-3604, CVE-2009-3606, CVE-2009-3608, CVE-2009-3609\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 7, "reporter": "Tenable", "published": "2010-07-01T00:00:00", "title": "Fedora 12 : pdfedit-0.4.3-4.fc12 (2010-1377)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-1188", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3609"], "modified": "2018-07-12T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:pdfedit", "cpe:/o:fedoraproject:fedora:12"], "id": "FEDORA_2010-1377.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=47251", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-1377.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(47251);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2018/07/12 15:01:51\");\n\n script_cve_id(\"CVE-2009-1188\", \"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3606\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_bugtraq_id(34568, 36703);\n script_xref(name:\"FEDORA\", value:\"2010-1377\");\n\n script_name(english:\"Fedora 12 : pdfedit-0.4.3-4.fc12 (2010-1377)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Add patch from upstream to fix several security issues in xpdf code:\nCVE-2009-1188/CVE-2009-3603, CVE-2009-3604, CVE-2009-3606,\nCVE-2009-3608, CVE-2009-3609\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=495907\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=526637\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=526877\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=526893\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=526911\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fc076e6b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected pdfedit package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:pdfedit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:12\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/02/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/07/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^12([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 12.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC12\", reference:\"pdfedit-0.4.3-4.fc12\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pdfedit\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:43:06", "references": ["https://security-tracker.debian.org/tracker/CVE-2009-3608", "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551287", "https://security-tracker.debian.org/tracker/CVE-2009-3606", "https://security-tracker.debian.org/tracker/CVE-2009-3604", "https://security-tracker.debian.org/tracker/CVE-2009-3603", "https://security-tracker.debian.org/tracker/CVE-2009-1188", "https://security-tracker.debian.org/tracker/CVE-2009-3609", "http://www.debian.org/security/2010/dsa-2028"], "pluginID": "45427", "description": "Several vulnerabilities have been identified in xpdf, a suite of tools for viewing and converting Portable Document Format (PDF) files.\n\nThe Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2009-1188 and CVE-2009-3603 Integer overflow in SplashBitmap::SplashBitmap which might allow remote attackers to execute arbitrary code or an application crash via a crafted PDF document.\n\n - CVE-2009-3604 NULL pointer dereference or heap-based buffer overflow in Splash::drawImage which might allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document.\n\n - CVE-2009-3606 Integer overflow in the PSOutputDev::doImageL1Sep which might allow remote attackers to execute arbitrary code via a crafted PDF document.\n\n - CVE-2009-3608 Integer overflow in the ObjectStream::ObjectStream which might allow remote attackers to execute arbitrary code via a crafted PDF document.\n\n - CVE-2009-3609 Integer overflow in the ImageStream::ImageStream which might allow remote attackers to cause a denial of service via a crafted PDF document.", "edition": 6, "reporter": "Tenable", "published": "2010-04-06T00:00:00", "title": "Debian DSA-2028-1 : xpdf - multiple vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-1188", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3609"], "modified": "2018-07-09T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:5.0", "p-cpe:/a:debian:debian_linux:xpdf"], "id": "DEBIAN_DSA-2028.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=45427", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2028. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(45427);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2018/07/09 14:30:24\");\n\n script_cve_id(\"CVE-2009-1188\", \"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3606\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_bugtraq_id(34568, 36703);\n script_xref(name:\"DSA\", value:\"2028\");\n\n script_name(english:\"Debian DSA-2028-1 : xpdf - multiple vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been identified in xpdf, a suite of tools\nfor viewing and converting Portable Document Format (PDF) files.\n\nThe Common Vulnerabilities and Exposures project identifies the\nfollowing problems :\n\n - CVE-2009-1188 and CVE-2009-3603\n Integer overflow in SplashBitmap::SplashBitmap which\n might allow remote attackers to execute arbitrary code\n or an application crash via a crafted PDF document.\n\n - CVE-2009-3604\n NULL pointer dereference or heap-based buffer overflow\n in Splash::drawImage which might allow remote attackers\n to cause a denial of service (application crash) or\n possibly execute arbitrary code via a crafted PDF\n document.\n\n - CVE-2009-3606\n Integer overflow in the PSOutputDev::doImageL1Sep which\n might allow remote attackers to execute arbitrary code\n via a crafted PDF document.\n\n - CVE-2009-3608\n Integer overflow in the ObjectStream::ObjectStream which\n might allow remote attackers to execute arbitrary code\n via a crafted PDF document.\n\n - CVE-2009-3609\n Integer overflow in the ImageStream::ImageStream which\n might allow remote attackers to cause a denial of\n service via a crafted PDF document.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551287\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1188\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-3603\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-3604\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-3606\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-3608\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-3609\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2010/dsa-2028\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"For the stable distribution (lenny), this problem has been fixed in\nversion 3.02-1.4+lenny2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xpdf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/04/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/04/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"xpdf\", reference:\"3.02-1.4+lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"xpdf-common\", reference:\"3.02-1.4+lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"xpdf-reader\", reference:\"3.02-1.4+lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"xpdf-utils\", reference:\"3.02-1.4+lenny2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2017-07-24T12:50:35", "references": [], "pluginID": "66151", "description": "The remote host is missing an update as announced\nvia advisory SSA:2009-302-01.", "edition": 2, "reporter": "Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com", "published": "2012-09-11T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "Slackware Advisory SSA:2009-302-01 xpdf ", "type": "openvas", "naslFamily": "Slackware Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-3609"], "modified": "2017-07-07T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=66151", "id": "OPENVAS:66151", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2009_302_01.nasl 6598 2017-07-07 09:36:44Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"New xpdf packages are available for Slackware 9.1, 10.0, 10.1, 10.2, 11.0,\n12.0, 12.1, 12.2, 13.0, and -current to fix security issues.\";\ntag_summary = \"The remote host is missing an update as announced\nvia advisory SSA:2009-302-01.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2009-302-01\";\n \nif(description)\n{\n script_id(66151);\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:36:44 +0200 (Fri, 07 Jul 2017) $\");\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3605\", \"CVE-2009-3606\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_version(\"$Revision: 6598 $\");\n script_name(\"Slackware Advisory SSA:2009-302-01 xpdf \");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-slack.inc\");\nvuln = 0;\nif(isslkpkgvuln(pkg:\"xpdf\", ver:\"3.02pl4-i486-1_slack9.1\", rls:\"SLK9.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"xpdf\", ver:\"3.02pl4-i486-1_slack10.0\", rls:\"SLK10.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"xpdf\", ver:\"3.02pl4-i486-1_slack10.1\", rls:\"SLK10.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"xpdf\", ver:\"3.02pl4-i486-1_slack10.2\", rls:\"SLK10.2\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"xpdf\", ver:\"3.02pl4-i486-1_slack11.0\", rls:\"SLK11.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"xpdf\", ver:\"3.02pl4-i486-1_slack12.0\", rls:\"SLK12.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"xpdf\", ver:\"3.02pl4-i486-1_slack12.1\", rls:\"SLK12.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"xpdf\", ver:\"3.02pl4-i486-1_slack12.2\", rls:\"SLK12.2\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"xpdf\", ver:\"3.02pl4-i486-1_slack13.0\", rls:\"SLK13.0\")) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:48", "references": [], "pluginID": "66150", "description": "The remote host is missing an update as announced\nvia advisory SSA:2009-302-02.", "edition": 2, "reporter": "Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com", "published": "2012-09-11T00:00:00", "title": "Slackware Advisory SSA:2009-302-02 poppler ", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Slackware Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-3609"], "modified": "2017-07-07T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=66150", "id": "OPENVAS:66150", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2009_302_02.nasl 6598 2017-07-07 09:36:44Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"New poppler packages are available for Slackware 12.0, 12.1, 12.2, 13.0,\nand -current to fix security issues.\";\ntag_summary = \"The remote host is missing an update as announced\nvia advisory SSA:2009-302-02.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2009-302-02\";\n \nif(description)\n{\n script_id(66150);\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:36:44 +0200 (Fri, 07 Jul 2017) $\");\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3605\", \"CVE-2009-3606\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_version(\"$Revision: 6598 $\");\n script_name(\"Slackware Advisory SSA:2009-302-02 poppler \");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-slack.inc\");\nvuln = 0;\nif(isslkpkgvuln(pkg:\"poppler\", ver:\"0.6.2-i486-2_slack12.0\", rls:\"SLK12.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"poppler\", ver:\"0.6.4-i486-2_slack12.1\", rls:\"SLK12.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"poppler\", ver:\"0.8.5-i486-3_slack12.2\", rls:\"SLK12.2\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"poppler\", ver:\"0.10.7-i486-2_slack13.0\", rls:\"SLK13.0\")) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-02T00:00:20", "references": [], "pluginID": "136141256231066151", "description": "The remote host is missing an update as announced\nvia advisory SSA:2009-302-01.", "edition": 3, "reporter": "Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com", "published": "2012-09-11T00:00:00", "title": "Slackware Advisory SSA:2009-302-01 xpdf ", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Slackware Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-3609"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066151", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066151", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2009_302_01.nasl 9352 2018-04-06 07:13:02Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"New xpdf packages are available for Slackware 9.1, 10.0, 10.1, 10.2, 11.0,\n12.0, 12.1, 12.2, 13.0, and -current to fix security issues.\";\ntag_summary = \"The remote host is missing an update as announced\nvia advisory SSA:2009-302-01.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2009-302-01\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66151\");\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:13:02 +0200 (Fri, 06 Apr 2018) $\");\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3605\", \"CVE-2009-3606\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_version(\"$Revision: 9352 $\");\n script_name(\"Slackware Advisory SSA:2009-302-01 xpdf \");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-slack.inc\");\nvuln = 0;\nif(isslkpkgvuln(pkg:\"xpdf\", ver:\"3.02pl4-i486-1_slack9.1\", rls:\"SLK9.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"xpdf\", ver:\"3.02pl4-i486-1_slack10.0\", rls:\"SLK10.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"xpdf\", ver:\"3.02pl4-i486-1_slack10.1\", rls:\"SLK10.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"xpdf\", ver:\"3.02pl4-i486-1_slack10.2\", rls:\"SLK10.2\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"xpdf\", ver:\"3.02pl4-i486-1_slack11.0\", rls:\"SLK11.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"xpdf\", ver:\"3.02pl4-i486-1_slack12.0\", rls:\"SLK12.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"xpdf\", ver:\"3.02pl4-i486-1_slack12.1\", rls:\"SLK12.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"xpdf\", ver:\"3.02pl4-i486-1_slack12.2\", rls:\"SLK12.2\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"xpdf\", ver:\"3.02pl4-i486-1_slack13.0\", rls:\"SLK13.0\")) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:39:43", "references": [], "pluginID": "136141256231066234", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n xpdf-tools\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "edition": 1, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-11-11T00:00:00", "title": "SLES10: Security update for xpdf", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-3609"], "modified": "2018-04-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066234", "id": "OPENVAS:136141256231066234", "sourceData": "#\n#VID slesp2-xpdf-6556\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for xpdf\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n xpdf-tools\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66234\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-11 15:56:44 +0100 (Wed, 11 Nov 2009)\");\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3605\", \"CVE-2009-3606\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES10: Security update for xpdf\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"xpdf-tools\", rpm:\"xpdf-tools~3.01~21.22.2\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:56:01", "references": [], "pluginID": "66234", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n xpdf-tools\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "edition": 2, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-11-11T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "SLES10: Security update for xpdf", "type": "openvas", "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-3609"], "modified": "2017-07-11T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=66234", "id": "OPENVAS:66234", "sourceData": "#\n#VID slesp2-xpdf-6556\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for xpdf\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n xpdf-tools\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_id(66234);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-11 15:56:44 +0100 (Wed, 11 Nov 2009)\");\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3605\", \"CVE-2009-3606\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES10: Security update for xpdf\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"xpdf-tools\", rpm:\"xpdf-tools~3.01~21.22.2\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-02T00:02:23", "references": [], "pluginID": "136141256231066150", "description": "The remote host is missing an update as announced\nvia advisory SSA:2009-302-02.", "edition": 3, "reporter": "Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com", "published": "2012-09-11T00:00:00", "title": "Slackware Advisory SSA:2009-302-02 poppler ", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Slackware Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-3609"], "modified": "2018-02-03T00:00:00", "id": "OPENVAS:136141256231066150", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066150", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2009_302_02.nasl 8649 2018-02-03 12:16:43Z teissa $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"New poppler packages are available for Slackware 12.0, 12.1, 12.2, 13.0,\nand -current to fix security issues.\";\ntag_summary = \"The remote host is missing an update as announced\nvia advisory SSA:2009-302-02.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2009-302-02\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66150\");\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-02-03 13:16:43 +0100 (Sat, 03 Feb 2018) $\");\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3605\", \"CVE-2009-3606\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_version(\"$Revision: 8649 $\");\n script_name(\"Slackware Advisory SSA:2009-302-02 poppler \");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-slack.inc\");\nvuln = 0;\nif(isslkpkgvuln(pkg:\"poppler\", ver:\"0.6.2-i486-2_slack12.0\", rls:\"SLK12.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"poppler\", ver:\"0.6.4-i486-2_slack12.1\", rls:\"SLK12.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"poppler\", ver:\"0.8.5-i486-3_slack12.2\", rls:\"SLK12.2\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"poppler\", ver:\"0.10.7-i486-2_slack13.0\", rls:\"SLK13.0\")) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-14T11:48:59", "references": ["http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html", "2010-1842"], "pluginID": "861624", "description": "Check for the Version of pdfedit", "edition": 3, "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "published": "2010-03-02T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "Fedora Update for pdfedit FEDORA-2010-1842", "type": "openvas", "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-1188", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3609"], "modified": "2017-12-14T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=861624", "id": "OPENVAS:861624", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for pdfedit FEDORA-2010-1842\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"pdfedit on Fedora 11\";\ntag_insight = \"Free pdf editing using PdfEdit. Complete editing of pdf documents is made\n possible with PDFedit. You can change either raw pdf objects (for advanced\n users) or use predefined gui functions. Functions can be easily added as\n everything is based on a script.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html\");\n script_id(861624);\n script_version(\"$Revision: 8109 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-14 07:31:15 +0100 (Thu, 14 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-03-02 08:38:02 +0100 (Tue, 02 Mar 2010)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-1842\");\n script_cve_id(\"CVE-2009-1188\", \"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3606\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_name(\"Fedora Update for pdfedit FEDORA-2010-1842\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of pdfedit\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC11\")\n{\n\n if ((res = isrpmvuln(pkg:\"pdfedit\", rpm:\"pdfedit~0.4.3~4.fc11\", rls:\"FC11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:56:48", "references": [], "pluginID": "66381", "description": "The remote host is missing an update to xpdf\nannounced via advisory MDVSA-2009:287-1.", "edition": 2, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-12-10T00:00:00", "title": "Mandriva Security Advisory MDVSA-2009:287-1 (xpdf)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "naslFamily": "Mandrake Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-1188", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3609"], "modified": "2017-07-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=66381", "id": "OPENVAS:66381", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_287_1.nasl 6573 2017-07-06 13:10:50Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:287-1 (xpdf)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities has been found and corrected in xpdf:\n\nInteger overflow in the SplashBitmap::SplashBitmap function in Xpdf 3.x\nbefore 3.02pl4 and Poppler before 0.12.1 might allow remote attackers\nto execute arbitrary code via a crafted PDF document that triggers a\nheap-based buffer overflow. NOTE: some of these details are obtained\nfrom third party information. NOTE: this issue reportedly exists\nbecause of an incomplete fix for CVE-2009-1188 (CVE-2009-3603).\n\nThe Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x\nbefore 3.02pl4, and Poppler 0.x, as used in GPdf and kdegraphics KPDF,\ndoes not properly allocate memory, which allows remote attackers to\ncause a denial of service (application crash) or possibly execute\narbitrary code via a crafted PDF document that triggers a NULL pointer\ndereference or a heap-based buffer overflow (CVE-2009-3604).\n\nInteger overflow in the PSOutputDev::doImageL1Sep function in Xpdf\nbefore 3.02pl4, and Poppler 0.x, as used in kdegraphics KPDF, might\nallow remote attackers to execute arbitrary code via a crafted PDF\ndocument that triggers a heap-based buffer overflow (CVE-2009-3606).\n\nInteger overflow in the ObjectStream::ObjectStream function in XRef.cc\nin Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in\nGPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote\nattackers to execute arbitrary code via a crafted PDF document that\ntriggers a heap-based buffer overflow (CVE-2009-3608).\n\nInteger overflow in the ImageStream::ImageStream function in Stream.cc\nin Xpdf before 3.02pl4 and Poppler before 0.12.1, as used in GPdf,\nkdegraphics KPDF, and CUPS pdftops, allows remote attackers to\ncause a denial of service (application crash) via a crafted PDF\ndocument that triggers a NULL pointer dereference or buffer over-read\n(CVE-2009-3609).\n\nThis update fixes these vulnerabilities.\n\nUpdate:\n\nPackages for 2008.0 are being provided due to extended support for\nCorporate products.\n\nAffected: 2008.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:287-1\";\ntag_summary = \"The remote host is missing an update to xpdf\nannounced via advisory MDVSA-2009:287-1.\";\n\n \n\nif(description)\n{\n script_id(66381);\n script_version(\"$Revision: 6573 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:10:50 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-10 00:23:54 +0100 (Thu, 10 Dec 2009)\");\n script_cve_id(\"CVE-2009-1188\", \"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3606\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Mandriva Security Advisory MDVSA-2009:287-1 (xpdf)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"xpdf\", rpm:\"xpdf~3.02~8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xpdf-common\", rpm:\"xpdf-common~3.02~8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xpdf-tools\", rpm:\"xpdf-tools~3.02~8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-08T12:53:44", "references": [], "pluginID": "136141256231067264", "description": "The remote host is missing an update to xpdf\nannounced via advisory DSA 2028-1.", "edition": 1, "reporter": "Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com", "published": "2010-04-21T00:00:00", "title": "Debian Security Advisory DSA 2028-1 (xpdf)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-1188", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3609"], "modified": "2018-01-08T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231067264", "id": "OPENVAS:136141256231067264", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2028_1.nasl 8314 2018-01-08 08:01:01Z teissa $\n# Description: Auto-generated from advisory DSA 2028-1 (xpdf)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several vulnerabilities have been identified in xpdf, a suite of tools for\nviewing and converting Portable Document Format (PDF) files.\n\nThe Common Vulnerabilities and Exposures project identifies the following\nproblems:\n\nCVE-2009-1188 and CVE-2009-3603\n\nInteger overflow in SplashBitmap::SplashBitmap which might allow remote\nattackers to execute arbitrary code or an application crash via a crafted\nPDF document.\n\nCVE-2009-3604\n\nNULL pointer dereference or heap-based buffer overflow in\nSplash::drawImage which might allow remote attackers to cause a denial\nof service (application crash) or possibly execute arbitrary code via\na crafted PDF document.\n\nCVE-2009-3606\n\nInteger overflow in the PSOutputDev::doImageL1Sep which might allow\nremote attackers to execute arbitrary code via a crafted PDF document.\n\nCVE-2009-3608\n\nInteger overflow in the ObjectStream::ObjectStream which might allow\nremote attackers to execute arbitrary code via a crafted PDF document.\n\nCVE-2009-3609\n\nInteger overflow in the ImageStream::ImageStream which might allow\nremote attackers to cause a denial of service via a crafted PDF\ndocument.\n\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 3.02-1.4+lenny2.\n\nFor the testing distribution (squeeze), this problem will be fixed soon.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 3.02-2.\";\ntag_summary = \"The remote host is missing an update to xpdf\nannounced via advisory DSA 2028-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202028-1\";\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.67264\");\n script_version(\"$Revision: 8314 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-08 09:01:01 +0100 (Mon, 08 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-04-21 03:31:17 +0200 (Wed, 21 Apr 2010)\");\n script_cve_id(\"CVE-2009-1188\", \"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3606\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 2028-1 (xpdf)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"xpdf\", ver:\"3.02-1.4+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xpdf-common\", ver:\"3.02-1.4+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xpdf-reader\", ver:\"3.02-1.4+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xpdf-utils\", ver:\"3.02-1.4+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-22T13:05:35", "references": ["2010-1377", "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html"], "pluginID": "1361412562310861687", "description": "Check for the Version of pdfedit", "edition": 1, "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "published": "2010-03-02T00:00:00", "title": "Fedora Update for pdfedit FEDORA-2010-1377", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-1188", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3609"], "modified": "2018-01-22T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310861687", "id": "OPENVAS:1361412562310861687", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for pdfedit FEDORA-2010-1377\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"pdfedit on Fedora 12\";\ntag_insight = \"Free pdf editing using PdfEdit. Complete editing of pdf documents is made\n possible with PDFedit. You can change either raw pdf objects (for advanced\n users) or use predefined gui functions. Functions can be easily added as\n everything is based on a script.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.861687\");\n script_version(\"$Revision: 8485 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-22 08:57:57 +0100 (Mon, 22 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-03-02 08:38:02 +0100 (Tue, 02 Mar 2010)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-1377\");\n script_cve_id(\"CVE-2009-1188\", \"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3606\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_name(\"Fedora Update for pdfedit FEDORA-2010-1377\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of pdfedit\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"pdfedit\", rpm:\"pdfedit~0.4.3~4.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "slackware": [{"lastseen": "2018-08-31T02:36:42", "references": [], "affectedPackage": [{"OS": "Slackware", "OSVersion": "10.1", "packageVersion": "3.02pl4", "arch": "i486", "packageFilename": "xpdf-3.02pl4-i486-1_slack10.1.tgz", "packageName": "xpdf", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "12.0", "packageVersion": "3.02pl4", "arch": "i486", "packageFilename": "xpdf-3.02pl4-i486-1_slack12.0.tgz", "packageName": "xpdf", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "10.0", "packageVersion": "3.02pl4", "arch": "i486", "packageFilename": "xpdf-3.02pl4-i486-1_slack10.0.tgz", "packageName": "xpdf", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "12.2", "packageVersion": "3.02pl4", "arch": "i486", "packageFilename": "xpdf-3.02pl4-i486-1_slack12.2.tgz", "packageName": "xpdf", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "12.1", "packageVersion": "3.02pl4", "arch": "i486", "packageFilename": "xpdf-3.02pl4-i486-1_slack12.1.tgz", "packageName": "xpdf", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "13.0", "packageVersion": "3.02pl4", "arch": "x86_64", "packageFilename": "xpdf-3.02pl4-x86_64-1_slack13.0.txz", "packageName": "xpdf", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "13.0", "packageVersion": "3.02pl4", "arch": "i486", "packageFilename": "xpdf-3.02pl4-i486-1_slack13.0.txz", "packageName": "xpdf", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "11.0", "packageVersion": "3.02pl4", "arch": "i486", "packageFilename": "xpdf-3.02pl4-i486-1_slack11.0.tgz", "packageName": "xpdf", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "9.1", "packageVersion": "3.02pl4", "arch": "i486", "packageFilename": "xpdf-3.02pl4-i486-1_slack9.1.tgz", "packageName": "xpdf", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "10.2", "packageVersion": "3.02pl4", "arch": "i486", "packageFilename": "xpdf-3.02pl4-i486-1_slack10.2.tgz", "packageName": "xpdf", "operator": "lt"}], "description": "New xpdf packages are available for Slackware 9.1, 10.0, 10.1, 10.2, 11.0,\n12.0, 12.1, 12.2, 13.0, and -current to fix security issues.\n\nMore details about the issues may be found in the Common\nVulnerabilities and Exposures (CVE) database:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3605\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609\n\n\nHere are the details from the Slackware 13.0 ChangeLog:\n\npatches/packages/xpdf-3.02pl4-i486-1_slack13.0.tgz: Upgraded.\n This update fixes several security issues that could lead to an\n application crash, or execution of arbitrary code.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3605\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609\n (* Security fix *)\n\nWhere to find the new packages:\n\nHINT: Getting slow download speeds from ftp.slackware.com?\nGive slackware.osuosl.org a try. This is another primary FTP site\nfor Slackware that can be considerably faster than downloading\ndirectly from ftp.slackware.com.\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating additional FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the "Get Slack" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 9.1:\nftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/xpdf-3.02pl4-i486-1_slack9.1.tgz\n\nUpdated package for Slackware 10.0:\nftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/xpdf-3.02pl4-i486-1_slack10.0.tgz\n\nUpdated package for Slackware 10.1:\nftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/xpdf-3.02pl4-i486-1_slack10.1.tgz\n\nUpdated package for Slackware 10.2:\nftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/xpdf-3.02pl4-i486-1_slack10.2.tgz\n\nUpdated package for Slackware 11.0:\nftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/xpdf-3.02pl4-i486-1_slack11.0.tgz\n\nUpdated package for Slackware 12.0:\nftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/xpdf-3.02pl4-i486-1_slack12.0.tgz\n\nUpdated package for Slackware 12.1:\nftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/xpdf-3.02pl4-i486-1_slack12.1.tgz\n\nUpdated package for Slackware 12.2:\nftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/xpdf-3.02pl4-i486-1_slack12.2.tgz\n\nUpdated package for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/xpdf-3.02pl4-i486-1_slack13.0.txz\n\nUpdated package for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/xpdf-3.02pl4-x86_64-1_slack13.0.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/xpdf-3.02pl4-i486-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/xap/xpdf-3.02pl4-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 9.1 package:\nfd58cae84772ed2c03ca720b0a71ef49 xpdf-3.02pl4-i486-1_slack9.1.tgz\n\nSlackware 10.0 package:\n37cf2a9f5c02b6585d622374cd9a8756 xpdf-3.02pl4-i486-1_slack10.0.tgz\n\nSlackware 10.1 package:\na3e2b22532f7a0190782590ee5310b4b xpdf-3.02pl4-i486-1_slack10.1.tgz\n\nSlackware 10.2 package:\n78d27cc6c8a33f21d7e5f21d90aa0c43 xpdf-3.02pl4-i486-1_slack10.2.tgz\n\nSlackware 11.0 package:\nda0134b674360e0509689ad68877a21c xpdf-3.02pl4-i486-1_slack11.0.tgz\n\nSlackware 12.0 package:\ne3a10ebf3f499882a8a364963d6287f9 xpdf-3.02pl4-i486-1_slack12.0.tgz\n\nSlackware 12.1 package:\n83b8a9b89877987c65f9c1bf3a01b321 xpdf-3.02pl4-i486-1_slack12.1.tgz\n\nSlackware 12.2 package:\nddfd41747e7f76e20a8a39911d0080ac xpdf-3.02pl4-i486-1_slack12.2.tgz\n\nSlackware 13.0 package:\n4e42d51c18a7e354e961857096e09140 xpdf-3.02pl4-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 package:\n977dfd83fdb4c1af3d68ffa12c882424 xpdf-3.02pl4-x86_64-1_slack13.0.txz\n\nSlackware -current package:\n3c756246f0db86bea9f9f127f1461e8f xpdf-3.02pl4-i486-1.txz\n\nSlackware x86_64 -current package:\nf8f257349bad0cdf7d0bada5654b0190 xpdf-3.02pl4-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg xpdf-3.02pl4-i486-1_slack13.0.txz", "edition": 3, "reporter": "Slackware Linux Project", "published": "2009-10-28T23:28:02", "title": "xpdf", "type": "slackware", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-3609"], "modified": "2009-10-28T23:28:02", "id": "SSA-2009-302-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.585854", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:37:03", "references": [], "affectedPackage": [{"OS": "Slackware", "OSVersion": "13.0", "packageVersion": "0.10.7", "arch": "x86_64", "packageFilename": "poppler-0.10.7-x86_64-2_slack13.0.txz", "packageName": "poppler", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "13.0", "packageVersion": "0.10.7", "arch": "i486", "packageFilename": "poppler-0.10.7-i486-2_slack13.0.txz", "packageName": "poppler", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "12.1", "packageVersion": "0.6.4", "arch": "i486", "packageFilename": "poppler-0.6.4-i486-2_slack12.1.tgz", "packageName": "poppler", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "12.0", "packageVersion": "0.6.2", "arch": "i486", "packageFilename": "poppler-0.6.2-i486-2_slack12.0.tgz", "packageName": "poppler", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "12.2", "packageVersion": "0.8.5", "arch": "i486", "packageFilename": "poppler-0.8.5-i486-3_slack12.2.tgz", "packageName": "poppler", "operator": "lt"}], "description": "New poppler packages are available for Slackware 12.0, 12.1, 12.2, 13.0,\nand -current to fix security issues.\n\nMore details about this issue may be found in the Common\nVulnerabilities and Exposures (CVE) database:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3605\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609\n\n\nHere are the details from the Slackware 13.0 ChangeLog:\n\npatches/packages/poppler-0.10.7-i486-2_slack13.0.txz: Rebuilt.\n This updated package includes patches based on xpdf 3.02pl4.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3605\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609\n (* Security fix *)\n\nWhere to find the new packages:\n\nHINT: Getting slow download speeds from ftp.slackware.com?\nGive slackware.osuosl.org a try. This is another primary FTP site\nfor Slackware that can be considerably faster than downloading\ndirectly from ftp.slackware.com.\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating additional FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the "Get Slack" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 12.0:\nftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/poppler-0.6.2-i486-2_slack12.0.tgz\n\nUpdated package for Slackware 12.1:\nftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/poppler-0.6.4-i486-2_slack12.1.tgz\n\nUpdated package for Slackware 12.2:\nftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/poppler-0.8.5-i486-3_slack12.2.tgz\n\nUpdated package for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/poppler-0.10.7-i486-2_slack13.0.txz\n\nUpdated package for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/poppler-0.10.7-x86_64-2_slack13.0.txz\n\nUpdated packages for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/poppler-0.12.1-i486-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/poppler-data-0.3.0-noarch-1.txz\n\nUpdated packages for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/poppler-0.12.1-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/poppler-data-0.3.0-noarch-1.txz\n\n\nMD5 signatures:\n\nSlackware 12.0 package:\nb084a88ec1c9e5f1402fccb897040576 poppler-0.6.2-i486-2_slack12.0.tgz\n\nSlackware 12.1 package:\n090431253d54585f5aa4276521c4ba7e poppler-0.6.4-i486-2_slack12.1.tgz\n\nSlackware 12.2 package:\nf68a76fa4c24a6d2c201734a30d66008 poppler-0.8.5-i486-3_slack12.2.tgz\n\nSlackware 13.0 package:\nb107cf8a1b87cf068567a7523b2ed095 poppler-0.10.7-i486-2_slack13.0.txz\n\nSlackware x86_64 13.0 package:\n00db7f2b403b75c41e9845af9fb5acf9 poppler-0.10.7-x86_64-2_slack13.0.txz\n\nSlackware -current packages:\n44884e2ac09419ef8d3da49b2e754ee8 poppler-0.12.1-i486-1.txz\n6eb0574ab09269d8789c4b64a56d6692 poppler-data-0.3.0-noarch-1.txz\n\nSlackware x86_64 -current packages:\nc90a9e6dfa090c0098ca45e5e14f0892 poppler-0.12.1-x86_64-1.txz\n28ac087f83577b39cbed515e501ee447 poppler-data-0.3.0-noarch-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg poppler-0.10.7-i486-2_slack13.0.txz", "edition": 3, "reporter": "Slackware Linux Project", "published": "2009-10-28T23:28:23", "title": "poppler", "type": "slackware", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-3609"], "modified": "2009-10-28T23:28:23", "id": "SSA-2009-302-02", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.518348", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:34", "references": ["https://vulners.com/securityvulns/securityvulns:doc:22693", "https://vulners.com/securityvulns/securityvulns:doc:22668", "https://vulners.com/securityvulns/securityvulns:doc:22669", "https://vulners.com/securityvulns/securityvulns:doc:22659"], "description": "Integer overflows, race condiotions.", "edition": 1, "reporter": "BUGTRAQ", "published": "2009-10-28T00:00:00", "title": "CUPS / poppler / xpdf / Adobe Reader multipls security vulnerabilities", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:09:34", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "poppler", "version": "0.10", "operator": "eq"}, {"name": "cups", "version": "1.3", "operator": "eq"}, {"name": "xpdf", "version": "3.02", "operator": "eq"}, {"name": "cups", "version": "1.1", "operator": "eq"}], "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3609"], "modified": "2009-10-28T00:00:00", "id": "SECURITYVULNS:VULN:10333", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:10333", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:32", "references": [], "description": "===========================================================\r\nUbuntu Security Notice USN-850-1 October 21, 2009\r\npoppler vulnerabilities\r\nCVE-2009-0755, CVE-2009-3603, CVE-2009-3604, CVE-2009-3605,\r\nCVE-2009-3607, CVE-2009-3608, CVE-2009-3609\r\n===========================================================\r\n\r\nA security issue affects the following Ubuntu releases:\r\n\r\nUbuntu 6.06 LTS\r\nUbuntu 8.04 LTS\r\nUbuntu 8.10\r\nUbuntu 9.04\r\n\r\nThis advisory also applies to the corresponding versions of\r\nKubuntu, Edubuntu, and Xubuntu.\r\n\r\nThe problem can be corrected by upgrading your system to the\r\nfollowing package versions:\r\n\r\nUbuntu 6.06 LTS:\r\n libpoppler1 0.5.1-0ubuntu7.6\r\n libpoppler1-glib 0.5.1-0ubuntu7.6\r\n\r\nUbuntu 8.04 LTS:\r\n libpoppler-glib2 0.6.4-1ubuntu3.3\r\n libpoppler2 0.6.4-1ubuntu3.3\r\n\r\nUbuntu 8.10:\r\n libpoppler-glib3 0.8.7-1ubuntu0.4\r\n libpoppler3 0.8.7-1ubuntu0.4\r\n\r\nUbuntu 9.04:\r\n libpoppler-glib4 0.10.5-1ubuntu2.4\r\n libpoppler4 0.10.5-1ubuntu2.4\r\n\r\nIn general, a standard system upgrade is sufficient to effect the\r\nnecessary changes.\r\n\r\nDetails follow:\r\n\r\nIt was discovered that poppler contained multiple security issues when\r\nparsing malformed PDF documents. If a user or automated system were tricked\r\ninto opening a crafted PDF file, an attacker could cause a denial of\r\nservice or execute arbitrary code with privileges of the user invoking the\r\nprogram.\r\n\r\n\r\nUpdated packages for Ubuntu 6.06 LTS:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.5.1-0ubuntu7.6.diff.gz\r\n Size/MD5: 26014 c8e36cb77908ace0ef50d06c13519c1c\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.5.1-0ubuntu7.6.dsc\r\n Size/MD5: 1734 089921510c5d3b3b50309f0506bc2164\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.5.1.orig.tar.gz\r\n Size/MD5: 954930 a136cd731892f4570933034ba97c8704\r\n\r\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.5.1-0ubuntu7.6_amd64.deb\r\n Size/MD5: 729460 4892a2a3d13f20dbc042b70ac9c056b3\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.5.1-0ubuntu7.6_amd64.deb\r\n Size/MD5: 58022 6396e4a641c90bcecbcdb24dc9054a1d\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.5.1-0ubuntu7.6_amd64.deb\r\n Size/MD5: 47188 d203ddd76344d1b9215d4652a20fdbf1\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-glib_0.5.1-0ubuntu7.6_amd64.deb\r\n Size/MD5: 52802 2f78b429ae2d1b08331d778142441823\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-qt_0.5.1-0ubuntu7.6_amd64.deb\r\n Size/MD5: 43410 5948b4734df17e874e71b42594ace38a\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1_0.5.1-0ubuntu7.6_amd64.deb\r\n Size/MD5: 546278 baae4d2a454e735385745512d4da800b\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.5.1-0ubuntu7.6_amd64.deb\r\n Size/MD5: 101156 e68a490ee1c4499e57ef5e1d886aeadb\r\n\r\n i386 architecture (x86 compatible Intel/AMD):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.5.1-0ubuntu7.6_i386.deb\r\n Size/MD5: 661088 a5ee7236a4790292ecdce280ee59b022\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.5.1-0ubuntu7.6_i386.deb\r\n Size/MD5: 54714 c772b7e5d1f880e8c51f53a39b6d5fa9\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.5.1-0ubuntu7.6_i386.deb\r\n Size/MD5: 45188 218acbdc8de3d8c0a72a8ee5a1def1f2\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-glib_0.5.1-0ubuntu7.6_i386.deb\r\n Size/MD5: 50702 9cb9a3acee4fd4a383c51295a27c7c4d\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-qt_0.5.1-0ubuntu7.6_i386.deb\r\n Size/MD5: 42370 55501e517d970baa87082a94ceb0b00c\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1_0.5.1-0ubuntu7.6_i386.deb\r\n Size/MD5: 505460 98a402cce24f2890e49fdf6377c8cb1c\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.5.1-0ubuntu7.6_i386.deb\r\n Size/MD5: 94110 963f5b32e38196994ae4eee354f9462d\r\n\r\n powerpc architecture (Apple Macintosh G3/G4/G5):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.5.1-0ubuntu7.6_powerpc.deb\r\n Size/MD5: 769172 cb169b95a698a40bc709cd4a97744e37\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.5.1-0ubuntu7.6_powerpc.deb\r\n Size/MD5: 60048 7288585bf7d7e55d0ceee35874db8e07\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.5.1-0ubuntu7.6_powerpc.deb\r\n Size/MD5: 47336 2119d5183a137e6efa0b0059c6e1ee51\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-glib_0.5.1-0ubuntu7.6_powerpc.deb\r\n Size/MD5: 54072 da99e20ce87a87f9f63f8914cccb1348\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-qt_0.5.1-0ubuntu7.6_powerpc.deb\r\n Size/MD5: 44678 056a96edecc39006f20c8f1009e78e14\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1_0.5.1-0ubuntu7.6_powerpc.deb\r\n Size/MD5: 552382 0c8b945a6116fbca65f4e6c67b2f985c\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.5.1-0ubuntu7.6_powerpc.deb\r\n Size/MD5: 105720 5b073564481728b979ebe299b3b79f7a\r\n\r\n sparc architecture (Sun SPARC/UltraSPARC):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.5.1-0ubuntu7.6_sparc.deb\r\n Size/MD5: 690370 a9c51e1d62f11aae947e04ea76c39c20\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.5.1-0ubuntu7.6_sparc.deb\r\n Size/MD5: 56382 314eb4ad1560f52de5739670edd29fb2\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.5.1-0ubuntu7.6_sparc.deb\r\n Size/MD5: 45876 cc3b771f9275b4fcecf75ad046408eed\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-glib_0.5.1-0ubuntu7.6_sparc.deb\r\n Size/MD5: 51142 20981b6f09b85bf39ad6e7ddbb4f7110\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-qt_0.5.1-0ubuntu7.6_sparc.deb\r\n Size/MD5: 42142 2ad865090541e8663ee9d5f08a00e318\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1_0.5.1-0ubuntu7.6_sparc.deb\r\n Size/MD5: 518150 4c01a054f8020f2eb91e8d4d3d49959b\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.5.1-0ubuntu7.6_sparc.deb\r\n Size/MD5: 93650 0d1808cab566d8442e33173cd8ff48c9\r\n\r\nUpdated packages for Ubuntu 8.04 LTS:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.6.4-1ubuntu3.3.diff.gz\r\n Size/MD5: 22046 dc4e94beeae281169523c1e7d2e10c73\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.6.4-1ubuntu3.3.dsc\r\n Size/MD5: 1191 ec6fcf282f0db7c3d787e238d31673aa\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.6.4.orig.tar.gz\r\n Size/MD5: 1294481 13d12ca4e349574cfbbcf4a9b2b3ae52\r\n\r\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.6.4-1ubuntu3.3_amd64.deb\r\n Size/MD5: 895298 219546ad254659ccfdc5143e093d2a63\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.6.4-1ubuntu3.3_amd64.deb\r\n Size/MD5: 109130 71ff567e4c64480e905f19d27f1836fd\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib2_0.6.4-1ubuntu3.3_amd64.deb\r\n Size/MD5: 54818 d7af0e3b2919a1f25638db21a76bc8c4\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.6.4-1ubuntu3.3_amd64.deb\r\n Size/MD5: 46006 83bed87814bfd9f14d03cc65b5289551\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt2_0.6.4-1ubuntu3.3_amd64.deb\r\n Size/MD5: 25524 513bba303af69a26a4bea1dacc1f47f3\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-2_0.6.4-1ubuntu3.3_amd64.deb\r\n Size/MD5: 146754 c7629ade1c8e47877f78d284fecba340\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-dev_0.6.4-1ubuntu3.3_amd64.deb\r\n Size/MD5: 201174 5f4b5800f48e8c2caecb3a5ee2c52729\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler2_0.6.4-1ubuntu3.3_amd64.deb\r\n Size/MD5: 648400 aaaf426a317911328534f6129b02e149\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.6.4-1ubuntu3.3_amd64.deb\r\n Size/MD5: 79038 a124c1e84f6701aaf271332fcb9c0759\r\n\r\n i386 architecture (x86 compatible Intel/AMD):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.6.4-1ubuntu3.3_i386.deb\r\n Size/MD5: 839448 14f855567511009760acf692c5f89684\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.6.4-1ubuntu3.3_i386.deb\r\n Size/MD5: 102846 362d45cf1e5f592b12ea856cd30cd32c\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib2_0.6.4-1ubuntu3.3_i386.deb\r\n Size/MD5: 52348 6d121599ab1e673ef77bbbdbe9f757a0\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.6.4-1ubuntu3.3_i386.deb\r\n Size/MD5: 42408 f0c93f9e47e1f0fcf29f4b08c534c33e\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt2_0.6.4-1ubuntu3.3_i386.deb\r\n Size/MD5: 25052 de8b30c3222e60f1d03269eab81699e4\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-2_0.6.4-1ubuntu3.3_i386.deb\r\n Size/MD5: 143624 51ee5444da2b1c3b5f127710aa336efa\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-dev_0.6.4-1ubuntu3.3_i386.deb\r\n Size/MD5: 189926 019b17e18eb324b59dcee9d21e423135\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler2_0.6.4-1ubuntu3.3_i386.deb\r\n Size/MD5: 622942 119416a864ad74672ca6ae4ac58d43ce\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.6.4-1ubuntu3.3_i386.deb\r\n Size/MD5: 73696 6973e5e2d963207ebcd71f39314c6a13\r\n\r\n lpia architecture (Low Power Intel Architecture):\r\n\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.6.4-1ubuntu3.3_lpia.deb\r\n Size/MD5: 859552 2d93fe0ca136f2f5817ace0e73065b14\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.6.4-1ubuntu3.3_lpia.deb\r\n Size/MD5: 103828 302309d7417af275876bd3a6556aef35\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib2_0.6.4-1ubuntu3.3_lpia.deb\r\n Size/MD5: 52620 a4cb4db985a35d20322051a84814ea17\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.6.4-1ubuntu3.3_lpia.deb\r\n Size/MD5: 42838 c0f2ddd9b079a4ff4be4ef8ff90698dc\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.6.4-1ubuntu3.3_lpia.deb\r\n Size/MD5: 24802 b94c9f2599d512c3dd2be98318040018\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-2_0.6.4-1ubuntu3.3_lpia.deb\r\n Size/MD5: 145068 ed1883c96fb14e03fff4bd3274f04343\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.6.4-1ubuntu3.3_lpia.deb\r\n Size/MD5: 191082 4772280b06b12e07165851d768edcc2b\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler2_0.6.4-1ubuntu3.3_lpia.deb\r\n Size/MD5: 636962 451af3e71acda77f54e048501c7fddb9\r\n http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.6.4-1ubuntu3.3_lpia.deb\r\n Size/MD5: 74712 b321b22d5c40fe8f656493c04f4be89d\r\n\r\n powerpc architecture (Apple Macintosh G3/G4/G5):\r\n\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.6.4-1ubuntu3.3_powerpc.deb\r\n Size/MD5: 956782 a06ae04dd6f93262a6d80bae3217e2db\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.6.4-1ubuntu3.3_powerpc.deb\r\n Size/MD5: 115788 c9c10a70870477dc0867fda19eedd64f\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib2_0.6.4-1ubuntu3.3_powerpc.deb\r\n Size/MD5: 58458 db075999849b99cd0ef8bb38e2eda8aa\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.6.4-1ubuntu3.3_powerpc.deb\r\n Size/MD5: 45922 3bd77539dd13bb5363daf126554662d8\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.6.4-1ubuntu3.3_powerpc.deb\r\n Size/MD5: 28866 32dff1a016af9b02b51bec51a3092716\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-2_0.6.4-1ubuntu3.3_powerpc.deb\r\n Size/MD5: 152742 b511df58777e3247891adeffca1cbd89\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.6.4-1ubuntu3.3_powerpc.deb\r\n Size/MD5: 209314 15cf5b72a3448a54c0cbed1b18ebd5e2\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler2_0.6.4-1ubuntu3.3_powerpc.deb\r\n Size/MD5: 683136 aaf150cd2bbf9cad134cb5233088c28a\r\n http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.6.4-1ubuntu3.3_powerpc.deb\r\n Size/MD5: 94452 5d5faf7fc87829300bb97d8c41a6eb51\r\n\r\n sparc architecture (Sun SPARC/UltraSPARC):\r\n\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.6.4-1ubuntu3.3_sparc.deb\r\n Size/MD5: 859928 0c68602a90c714eb0914d049b73954ef\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.6.4-1ubuntu3.3_sparc.deb\r\n Size/MD5: 104154 624cad01fcb5261ac9777b2410dc3eb4\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib2_0.6.4-1ubuntu3.3_sparc.deb\r\n Size/MD5: 51408 becf3564b792c91e136725e9667df063\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.6.4-1ubuntu3.3_sparc.deb\r\n Size/MD5: 41796 f0b04adbbb9d62b7072b6161167f2dc1\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.6.4-1ubuntu3.3_sparc.deb\r\n Size/MD5: 23902 7c693d6a4184172c42e3d5d7eef32458\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-2_0.6.4-1ubuntu3.3_sparc.deb\r\n Size/MD5: 145338 aaae4f4e8fae85c14135180d73cb9b32\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.6.4-1ubuntu3.3_sparc.deb\r\n Size/MD5: 193072 e009739521f4136808a739643344c64e\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler2_0.6.4-1ubuntu3.3_sparc.deb\r\n Size/MD5: 631336 fecabd8a767e7fedbd7cd2c8a9c50382\r\n http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.6.4-1ubuntu3.3_sparc.deb\r\n Size/MD5: 72984 e81125ee0c55e2b21ed5c9f4f7e095f4\r\n\r\nUpdated packages for Ubuntu 8.10:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.8.7-1ubuntu0.4.diff.gz\r\n Size/MD5: 24158 1da9804b9914b0af10e74e62c9df03c7\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.8.7-1ubuntu0.4.dsc\r\n Size/MD5: 1600 61fc879aeed7bee88fc003d4adb2da06\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.8.7.orig.tar.gz\r\n Size/MD5: 1469587 9af81429d6f8639c357a5eed25583365\r\n\r\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.8.7-1ubuntu0.4_amd64.deb\r\n Size/MD5: 966770 8acc6bc0c741a5e817bbee53dbf86d8a\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.8.7-1ubuntu0.4_amd64.deb\r\n Size/MD5: 123086 1cae2bbd3c71be377d9f876f32b3d065\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib3_0.8.7-1ubuntu0.4_amd64.deb\r\n Size/MD5: 64042 3cd74a188283c4149927e7c59adde7de\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.8.7-1ubuntu0.4_amd64.deb\r\n Size/MD5: 47810 06c3131b490cfdfa6231e95aec4cfd80\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt2_0.8.7-1ubuntu0.4_amd64.deb\r\n Size/MD5: 25640 f7bb740f8a414a57b53ec2697852a918\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-3_0.8.7-1ubuntu0.4_amd64.deb\r\n Size/MD5: 159080 acec6880e769524a5f8ae34ec0e59cd0\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-dev_0.8.7-1ubuntu0.4_amd64.deb\r\n Size/MD5: 221642 32c78853005f4f8d4d2ebe482092d310\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler3_0.8.7-1ubuntu0.4_amd64.deb\r\n Size/MD5: 695346 4ed3b91dfa76d01b1e950f94dc1133e6\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-dbg_0.8.7-1ubuntu0.4_amd64.deb\r\n Size/MD5: 3011574 4d6a39ecdd55e8976d9ec799074c8a73\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.8.7-1ubuntu0.4_amd64.deb\r\n Size/MD5: 79508 d32759ad9e23ff7b9eb8ac198487f780\r\n\r\n i386 architecture (x86 compatible Intel/AMD):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.8.7-1ubuntu0.4_i386.deb\r\n Size/MD5: 900318 1f62ce8877e641804fc88ce342dab2b6\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.8.7-1ubuntu0.4_i386.deb\r\n Size/MD5: 115974 d30df656bdcb44932f49f2989e29e6d3\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib3_0.8.7-1ubuntu0.4_i386.deb\r\n Size/MD5: 60938 1fecffda599ec890464195f8fd9925dd\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.8.7-1ubuntu0.4_i386.deb\r\n Size/MD5: 44696 48c34ef2b45c4903dc888c8a7a702158\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt2_0.8.7-1ubuntu0.4_i386.deb\r\n Size/MD5: 24982 a2e04c884e6d1fd32ad5efdbc3acc4db\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-3_0.8.7-1ubuntu0.4_i386.deb\r\n Size/MD5: 157454 528df7b609f648728877bbef3d5cbe95\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-dev_0.8.7-1ubuntu0.4_i386.deb\r\n Size/MD5: 207464 0dd3dc8669a297c7b201b41c58609e73\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler3_0.8.7-1ubuntu0.4_i386.deb\r\n Size/MD5: 668308 7d2072b84fd23300dbfec7d38a94d391\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-dbg_0.8.7-1ubuntu0.4_i386.deb\r\n Size/MD5: 2923984 b3265aca3331dd090d9402801542bd8b\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.8.7-1ubuntu0.4_i386.deb\r\n Size/MD5: 74888 6877168e0af223857c9ba1baa74106a4\r\n\r\n lpia architecture (Low Power Intel Architecture):\r\n\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.8.7-1ubuntu0.4_lpia.deb\r\n Size/MD5: 919440 c13af3207d680e18c8181cf4a9060973\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.8.7-1ubuntu0.4_lpia.deb\r\n Size/MD5: 116604 a360513ac87d3f6da4e0b98bf11e9330\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib3_0.8.7-1ubuntu0.4_lpia.deb\r\n Size/MD5: 60906 828e377e2a249ae4fe271f92dfc09470\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.8.7-1ubuntu0.4_lpia.deb\r\n Size/MD5: 44902 cfbffe98181c17b2b9e368c1c025756d\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.8.7-1ubuntu0.4_lpia.deb\r\n Size/MD5: 24646 8afedd14cb1b36bae346e265bddeb0de\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-3_0.8.7-1ubuntu0.4_lpia.deb\r\n Size/MD5: 157966 eecbb3a0010b0d7a15217583ce7a954c\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.8.7-1ubuntu0.4_lpia.deb\r\n Size/MD5: 207228 1560664feb5e11639b4f5c3108f947da\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler3_0.8.7-1ubuntu0.4_lpia.deb\r\n Size/MD5: 678412 d774435bddc786b8d34b556177a295df\r\n http://ports.ubuntu.com/pool/main/p/poppler/poppler-dbg_0.8.7-1ubuntu0.4_lpia.deb\r\n Size/MD5: 2957052 7b080c08ff6df105e00deef71b8ea7d8\r\n http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.8.7-1ubuntu0.4_lpia.deb\r\n Size/MD5: 75866 773bdcc21c439041f3c25e590ee9f64a\r\n\r\n powerpc architecture (Apple Macintosh G3/G4/G5):\r\n\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.8.7-1ubuntu0.4_powerpc.deb\r\n Size/MD5: 1029056 faf4d3b315a8cd3e3de6a7e8524623df\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.8.7-1ubuntu0.4_powerpc.deb\r\n Size/MD5: 130822 73fe7e497cef3c67ee2144d573ba1ed5\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib3_0.8.7-1ubuntu0.4_powerpc.deb\r\n Size/MD5: 68536 e1a37bab13354c58c18d39d74c4f1bde\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.8.7-1ubuntu0.4_powerpc.deb\r\n Size/MD5: 48086 82cae6caf3e7cb8626edc838790e41aa\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.8.7-1ubuntu0.4_powerpc.deb\r\n Size/MD5: 28476 3d2a87d6f2f8a686c2d710f95eed6aa8\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-3_0.8.7-1ubuntu0.4_powerpc.deb\r\n Size/MD5: 163284 32988e0c6d47c7c158b7b63d8e400deb\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.8.7-1ubuntu0.4_powerpc.deb\r\n Size/MD5: 224680 64cd73e5b3d4f2ef48de722e3193bbf9\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler3_0.8.7-1ubuntu0.4_powerpc.deb\r\n Size/MD5: 729068 ec5fdd7d15d827648ceadf695cbdf26e\r\n http://ports.ubuntu.com/pool/main/p/poppler/poppler-dbg_0.8.7-1ubuntu0.4_powerpc.deb\r\n Size/MD5: 3104526 a1e99dfbe8749b43e57ba985beeceb5f\r\n http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.8.7-1ubuntu0.4_powerpc.deb\r\n Size/MD5: 92510 b5a856882342bf3a03751de8a8471a27\r\n\r\n sparc architecture (Sun SPARC/UltraSPARC):\r\n\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.8.7-1ubuntu0.4_sparc.deb\r\n Size/MD5: 923002 7afd390ed9c12a46ea668947d4e2d501\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.8.7-1ubuntu0.4_sparc.deb\r\n Size/MD5: 119470 1bfbe4868933e7c240125261e8a75300\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib3_0.8.7-1ubuntu0.4_sparc.deb\r\n Size/MD5: 60718 09b689a4003fc8ca539ff11508129257\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.8.7-1ubuntu0.4_sparc.deb\r\n Size/MD5: 44464 69b6d581f396dbd0ce9addf6a07e7782\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.8.7-1ubuntu0.4_sparc.deb\r\n Size/MD5: 23886 17b66ef9fc7bbdc66a1f8fe38dafcdf2\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-3_0.8.7-1ubuntu0.4_sparc.deb\r\n Size/MD5: 156126 d9c7e655879ecea5d992b05f4be4ea80\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.8.7-1ubuntu0.4_sparc.deb\r\n Size/MD5: 212292 e7d7c3ad5ad7dbf989444de26567a0bf\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler3_0.8.7-1ubuntu0.4_sparc.deb\r\n Size/MD5: 675402 4334c410965ebfff7c7b4a5f39c6c3e1\r\n http://ports.ubuntu.com/pool/main/p/poppler/poppler-dbg_0.8.7-1ubuntu0.4_sparc.deb\r\n Size/MD5: 2871974 cc36e815266a93d873cf63f63f888ed9\r\n http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.8.7-1ubuntu0.4_sparc.deb\r\n Size/MD5: 75294 8e3a17219f044d9fe3558842baecb84c\r\n\r\nUpdated packages for Ubuntu 9.04:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.10.5-1ubuntu2.4.diff.gz\r\n Size/MD5: 21967 7c17d321cd599e6da3dd33bd59f01565\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.10.5-1ubuntu2.4.dsc\r\n Size/MD5: 1678 d683c76a2156ca77317d7435b255fbe1\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.10.5.orig.tar.gz\r\n Size/MD5: 1516687 125f671a19707861132fb03e73b61184\r\n\r\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.10.5-1ubuntu2.4_amd64.deb\r\n Size/MD5: 1000768 a0e2e828bcdbc4715198863dc49d43d1\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.10.5-1ubuntu2.4_amd64.deb\r\n Size/MD5: 124328 711c52c9a16e3ac32f169cd058cf947d\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib4_0.10.5-1ubuntu2.4_amd64.deb\r\n Size/MD5: 64506 c31d5399f247855d5acb82550e9d9741\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.10.5-1ubuntu2.4_amd64.deb\r\n Size/MD5: 50888 93f5ea904e38ba9e9b4780bdd6e0a915\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt2_0.10.5-1ubuntu2.4_amd64.deb\r\n Size/MD5: 26082 26f9a4a41026f7634c14c8ee0809d623\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-3_0.10.5-1ubuntu2.4_amd64.deb\r\n Size/MD5: 166090 0bc5695ed5d9e9a10199629857ff20df\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-dev_0.10.5-1ubuntu2.4_amd64.deb\r\n Size/MD5: 234724 128e2b210a979fc4ad940dba62ee720c\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler4_0.10.5-1ubuntu2.4_amd64.deb\r\n Size/MD5: 715500 1b4b86ccfc3018544d1694fc106cf76f\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-dbg_0.10.5-1ubuntu2.4_amd64.deb\r\n Size/MD5: 3191322 7288b29103a19c927e31ba3aabb54e0a\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.10.5-1ubuntu2.4_amd64.deb\r\n Size/MD5: 80300 f5648765dfa3d73be8e36c09bdaa0136\r\n\r\n i386 architecture (x86 compatible Intel/AMD):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.10.5-1ubuntu2.4_i386.deb\r\n Size/MD5: 935458 361e8221fa3dcf59fb85b4a06ad67f8d\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.10.5-1ubuntu2.4_i386.deb\r\n Size/MD5: 117376 d4d2e71929b0407dc09e434f053785c2\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib4_0.10.5-1ubuntu2.4_i386.deb\r\n Size/MD5: 61436 3e2bbeaa77c5d65abdb73dd7e532d190\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.10.5-1ubuntu2.4_i386.deb\r\n Size/MD5: 47614 faafa312c78c4e839f1e1f145c28118f\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt2_0.10.5-1ubuntu2.4_i386.deb\r\n Size/MD5: 25404 51083efe90553e15eaaf3cf4b3e8a405\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-3_0.10.5-1ubuntu2.4_i386.deb\r\n Size/MD5: 164404 bda33e8dc6a9d924c31dc1074c728ab7\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-dev_0.10.5-1ubuntu2.4_i386.deb\r\n Size/MD5: 218296 c83b140bcc67db51c3952e45f494b367\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler4_0.10.5-1ubuntu2.4_i386.deb\r\n Size/MD5: 686830 0add04ee693b60e36d908a6378b0ab07\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-dbg_0.10.5-1ubuntu2.4_i386.deb\r\n Size/MD5: 3106562 5db385b598df691055483b77444e73f9\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.10.5-1ubuntu2.4_i386.deb\r\n Size/MD5: 75078 1b60efe5df2b7c62421a7480307b85f4\r\n\r\n lpia architecture (Low Power Intel Architecture):\r\n\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.10.5-1ubuntu2.4_lpia.deb\r\n Size/MD5: 951662 8840f9e9d94af5417940bee13c46cf82\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.10.5-1ubuntu2.4_lpia.deb\r\n Size/MD5: 118048 4b631fb4dcc82eb9769e94e1630417f1\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib4_0.10.5-1ubuntu2.4_lpia.deb\r\n Size/MD5: 61514 a176373b7db781d0689553b5b593c73c\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.10.5-1ubuntu2.4_lpia.deb\r\n Size/MD5: 47972 2b56a02f66cf4239d8a2cd0b9a7c8e70\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.10.5-1ubuntu2.4_lpia.deb\r\n Size/MD5: 25098 657633589a42da164bfbf466deefd911\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-3_0.10.5-1ubuntu2.4_lpia.deb\r\n Size/MD5: 164644 136f53d85418b02585bcb5060f3fdd77\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.10.5-1ubuntu2.4_lpia.deb\r\n Size/MD5: 219694 3d728fe5329c0f8cbb2bf56128842e46\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler4_0.10.5-1ubuntu2.4_lpia.deb\r\n Size/MD5: 697596 17aa5399a8fac79e9dcb8fa561d338ca\r\n http://ports.ubuntu.com/pool/main/p/poppler/poppler-dbg_0.10.5-1ubuntu2.4_lpia.deb\r\n Size/MD5: 3140998 30f9a4c18ba87fea04767e893a5a83af\r\n http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.10.5-1ubuntu2.4_lpia.deb\r\n Size/MD5: 75850 fd1b0d089a4350df387f4a4f777059f0\r\n\r\n powerpc architecture (Apple Macintosh G3/G4/G5):\r\n\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.10.5-1ubuntu2.4_powerpc.deb\r\n Size/MD5: 1067780 ead2895feebaabd9ff072a7e18489a09\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.10.5-1ubuntu2.4_powerpc.deb\r\n Size/MD5: 132060 cd79f38776f8e68d023fb1757856207d\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib4_0.10.5-1ubuntu2.4_powerpc.deb\r\n Size/MD5: 69136 37f7ca9ff8f61f5606e560c79c6ee962\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.10.5-1ubuntu2.4_powerpc.deb\r\n Size/MD5: 50978 b0631536bcd6127b5564b784364721cf\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.10.5-1ubuntu2.4_powerpc.deb\r\n Size/MD5: 28786 a2d9a659dffd9e59a232f5170eba3bf6\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-3_0.10.5-1ubuntu2.4_powerpc.deb\r\n Size/MD5: 170362 a76c300480f571da923ae11b812fb4c2\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.10.5-1ubuntu2.4_powerpc.deb\r\n Size/MD5: 238952 a82157d9e253291d5061fa8ec65a7d18\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler4_0.10.5-1ubuntu2.4_powerpc.deb\r\n Size/MD5: 750614 193e253c64217205b2cb58e92fce69c6\r\n http://ports.ubuntu.com/pool/main/p/poppler/poppler-dbg_0.10.5-1ubuntu2.4_powerpc.deb\r\n Size/MD5: 3289136 92f7040b67b3857870dd8045cba9abc3\r\n http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.10.5-1ubuntu2.4_powerpc.deb\r\n Size/MD5: 92852 27f4a2039d15983031a2b970135e8a55\r\n\r\n sparc architecture (Sun SPARC/UltraSPARC):\r\n\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.10.5-1ubuntu2.4_sparc.deb\r\n Size/MD5: 958792 e71b4e06fc8aa96bd99f1788ceacc007\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.10.5-1ubuntu2.4_sparc.deb\r\n Size/MD5: 120810 8a672bab1c6a1edf657067f7d6d06a0b\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib4_0.10.5-1ubuntu2.4_sparc.deb\r\n Size/MD5: 61174 a6d73a14ef08f14ca355758fb6cccbbd\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.10.5-1ubuntu2.4_sparc.deb\r\n Size/MD5: 47318 0c621578bf9de1be5ee81569d0fed54a\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.10.5-1ubuntu2.4_sparc.deb\r\n Size/MD5: 24306 264350a4ddfbc7cac8e518c7a39a6c51\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-3_0.10.5-1ubuntu2.4_sparc.deb\r\n Size/MD5: 165792 fcf772cd1496b6bb31732b2d42102116\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.10.5-1ubuntu2.4_sparc.deb\r\n Size/MD5: 226704 438e25e7224151ae3d384a07494d256b\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler4_0.10.5-1ubuntu2.4_sparc.deb\r\n Size/MD5: 699252 01803573fd4c0f4d693f3c4ea9cfa9f1\r\n http://ports.ubuntu.com/pool/main/p/poppler/poppler-dbg_0.10.5-1ubuntu2.4_sparc.deb\r\n Size/MD5: 3054100 2d809268a9f476aeb4e975a82e50c290\r\n http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.10.5-1ubuntu2.4_sparc.deb\r\n Size/MD5: 75468 c07c71a0a672e1a57dfad58d4ef29a8d\r\n\r\n\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2009-10-22T00:00:00", "title": "[USN-850-1] poppler vulnerabilities", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:32", "vector": "NONE", "value": 6.8}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3607", "CVE-2009-0755", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-3609"], "modified": "2009-10-22T00:00:00", "id": "SECURITYVULNS:DOC:22668", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:22668", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:32", "references": [], "description": "#2009-016 Poppler, Xpdf integer overflows during heap allocation\r\n\r\nDescription:\r\n\r\nPoppler and Xpdf are two popular open source projects for processing PDF\r\nfiles. Both projects are vulnerable to an integer overflow during heap\r\nmemory allocation when processing a PDF file. In general, this results\r\nin unexpected process termination. If an application using this code is\r\nmulti-threaded (or uses a crash signal handler), it may be possible to\r\nexecute arbitrary code.\r\n\r\nThe vulnerability resides in the object stream handler. In particular,\r\na multiplicative overflow occurs when a large number of embedded objects\r\nare specified. An overflow check was in place in the code, but it only\r\nprotected related calls to gmalloc(). The C++ object array allocation\r\ncode (new[]) is not guarded by the upper bound check and the call to\r\nnew[] does not result in an exception with gcc. This results in bytes\r\nbeing written after the valid heap allocation during object\r\nconstruction.\r\n\r\nBoth software packages have released fixed versions which limit the allowed\r\nobject count to a domain specific value.\r\n\r\nA detailed analysis by the reporter can be found in the References.\r\n\r\n\r\nAffected version:\r\n\r\nPoppler < 0.12.1\r\n\r\nXpdf < 3.02pl4\r\n\r\n\r\nFixed version:\r\n\r\nPoppler >= 0.12.1\r\n\r\nXpdf >= 3.02pl4\r\n\r\n\r\nCredit: vulnerability report and PoC received from\r\n Chris Rohlf <chris.rohlf@gmail.com>.\r\n\r\n\r\nCVE: CVE-2009-3608\r\n\r\n\r\nTimeline:\r\n\r\n2009-09-04: vulnerability report received\r\n2009-09-17: proof of concept received from reporter\r\n2009-09-21: impact reviewed\r\n2009-09-29: contacted poppler maintainer\r\n2009-09-29: vendor-sec notified\r\n2009-09-30: vendor-sec discussion expanded to include xpdf maintainer\r\n2009-10-02: final fix agreed upon by both maintainers\r\n2009-10-12: CVE assigned by Tomas Hoger of RedHat\r\n2009-10-14: fixed Xpdf released\r\n2009-10-18: fixed Poppler released\r\n2009-10-21: advisory published\r\n\r\n\r\nReferences:\r\nhttp://poppler.freedesktop.org/\r\nhttp://www.foolabs.com/xpdf/CHANGES\r\nhttp://chargen.matasano.com/chargen/2009/10/9/a-c-challenge.html\r\nhttp://chargen.matasano.com/chargen/2009/10/15/a-c-challenge-the-conclusion.html\r\nhttp://sites.google.com/site/em386cr/Home/CVE-2009-3608-explained.txt\r\nhttp://gcc.gnu.org/bugzilla/show_bug.cgi?id=19351\r\n\r\n\r\nPermalink:\r\nhttp://www.ocert.org/advisories/ocert-2009-016.html\r\n\r\n--\r\nWill Drewry <redpig@ocert.org>\r\nhttp://ocert.org", "edition": 1, "reporter": "Securityvulns", "published": "2009-10-22T00:00:00", "title": "[oCERT-2009-016] Poppler, xpdf integer overflow during heap allocation", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:32", "vector": "NONE", "value": 7.5}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2009-3608"], "modified": "2009-10-22T00:00:00", "id": "SECURITYVULNS:DOC:22669", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:22669", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "cve": [{"lastseen": "2017-09-19T13:36:40", "references": ["http://www.ubuntu.com/usn/USN-850-3", "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287", "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1", "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch", "http://www.vupen.com/english/advisories/2009/2925", "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175", "http://www.vupen.com/english/advisories/2010/0802", "http://www.vupen.com/english/advisories/2010/1040", "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html", "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1", "http://securitytracker.com/id?1023029", "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html", "http://www.debian.org/security/2010/dsa-2050", "http://www.securityfocus.com/bid/36703", "https://bugzilla.redhat.com/show_bug.cgi?id=526915", "http://www.vupen.com/english/advisories/2010/1220", "http://www.ubuntu.com/usn/USN-850-1", "http://poppler.freedesktop.org/", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087", "https://rhn.redhat.com/errata/RHSA-2009-1504.html", "http://www.debian.org/security/2010/dsa-2028", "https://exchange.xforce.ibmcloud.com/vulnerabilities/53793", "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html", "http://www.vupen.com/english/advisories/2009/2924", "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"], "description": "Integer overflow in the SplashBitmap::SplashBitmap function in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1 might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2009-1188.", "edition": 3, "reporter": "NVD", "published": "2009-10-21T13:30:00", "title": "CVE-2009-3603", "type": "cve", "enchantments": {"score": {"modified": "2017-09-19T13:36:40", "vector": "NONE", "value": 9.3}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:9671", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9671"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2009-3603"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:9671", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:9671"}], "modified": "2017-09-18T21:29:41", "cpe": ["cpe:/a:poppler:poppler:0.9.3", "cpe:/a:poppler:poppler:0.5.1", "cpe:/a:poppler:poppler:0.12.0", "cpe:/a:poppler:poppler:0.4.3", "cpe:/a:poppler:poppler:0.9.1", "cpe:/a:poppler:poppler:0.5.0", "cpe:/a:poppler:poppler:0.7.3", "cpe:/a:poppler:poppler:0.10.5", "cpe:/a:poppler:poppler:0.3.1", "cpe:/a:foolabs:xpdf:3.02", "cpe:/a:poppler:poppler:0.5.3", "cpe:/a:poppler:poppler:0.8.0", "cpe:/a:poppler:poppler:0.5.9", "cpe:/a:poppler:poppler:0.1.2", "cpe:/a:poppler:poppler:0.10.2", "cpe:/a:foolabs:xpdf:3.00", "cpe:/a:poppler:poppler:0.3.3", "cpe:/a:poppler:poppler:0.11.3", "cpe:/a:poppler:poppler:0.4.4", "cpe:/a:foolabs:xpdf:3.01", "cpe:/a:poppler:poppler:0.10.6", "cpe:/a:poppler:poppler:0.7.1", "cpe:/a:foolabs:xpdf:3.02pl3", "cpe:/a:foolabs:xpdf:3.02pl1", "cpe:/a:poppler:poppler:0.5.2", "cpe:/a:poppler:poppler:0.10.1", "cpe:/a:poppler:poppler:0.4.0", "cpe:/a:poppler:poppler:0.8.6", "cpe:/a:poppler:poppler:0.6.2", "cpe:/a:poppler:poppler:0.11.2", "cpe:/a:poppler:poppler:0.8.4", "cpe:/a:poppler:poppler:0.4.2", "cpe:/a:poppler:poppler:0.5.4", "cpe:/a:poppler:poppler:0.8.1", "cpe:/a:poppler:poppler:0.6.0", "cpe:/a:poppler:poppler:0.7.2", "cpe:/a:poppler:poppler:0.1", "cpe:/a:poppler:poppler:0.3.2", "cpe:/a:poppler:poppler:0.11.0", "cpe:/a:poppler:poppler:0.3.0", "cpe:/a:poppler:poppler:0.10.0", "cpe:/a:poppler:poppler:0.10.3", "cpe:/a:poppler:poppler:0.8.3", "cpe:/a:poppler:poppler:0.9.0", "cpe:/a:poppler:poppler:0.4.1", "cpe:/a:poppler:poppler:0.2.0", "cpe:/a:poppler:poppler:0.11.1", "cpe:/a:poppler:poppler:0.10.4", "cpe:/a:poppler:poppler:0.10.7", "cpe:/a:poppler:poppler:0.8.7", "cpe:/a:poppler:poppler:0.6.1", "cpe:/a:foolabs:xpdf:3.02pl2", "cpe:/a:poppler:poppler:0.6.4", "cpe:/a:poppler:poppler:0.1.1", "cpe:/a:poppler:poppler:0.9.2", "cpe:/a:poppler:poppler:0.6.3", "cpe:/a:poppler:poppler:0.7.0", "cpe:/a:poppler:poppler:0.8.2"], "id": "CVE-2009-3603", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3603", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-09-19T13:36:40", "references": ["https://rhn.redhat.com/errata/RHSA-2009-1513.html", "http://www.redhat.com/support/errata/RHSA-2010-0755.html", "http://www.ubuntu.com/usn/USN-850-3", "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287", "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1", "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch", "http://www.vupen.com/english/advisories/2009/2925", "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175", "https://rhn.redhat.com/errata/RHSA-2009-1502.html", "https://rhn.redhat.com/errata/RHSA-2009-1512.html", "http://www.vupen.com/english/advisories/2010/0802", "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html", "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1", "http://securitytracker.com/id?1023029", "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html", "http://www.debian.org/security/2010/dsa-2050", "http://www.securityfocus.com/bid/36703", "https://rhn.redhat.com/errata/RHSA-2009-1501.html", "http://www.vupen.com/english/advisories/2009/2928", "http://www.vupen.com/english/advisories/2010/1220", "https://rhn.redhat.com/errata/RHSA-2009-1500.html", "http://www.ubuntu.com/usn/USN-850-1", "http://www.mandriva.com/security/advisories?name=MDVSA-2009:334", "https://bugzilla.redhat.com/show_bug.cgi?id=526893", "http://poppler.freedesktop.org/", "http://www.vupen.com/english/advisories/2009/2926", "https://rhn.redhat.com/errata/RHSA-2009-1503.html", "https://rhn.redhat.com/errata/RHSA-2009-1504.html", "http://www.debian.org/security/2010/dsa-2028", "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html", "http://www.vupen.com/english/advisories/2009/2924", "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html", "https://exchange.xforce.ibmcloud.com/vulnerabilities/53800"], "description": "Integer overflow in the ImageStream::ImageStream function in Stream.cc in Xpdf before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, and CUPS pdftops, allows remote attackers to cause a denial of service (application crash) via a crafted PDF document that triggers a NULL pointer dereference or buffer over-read.", "edition": 3, "reporter": "NVD", "published": "2009-10-21T13:30:00", "title": "CVE-2009-3609", "type": "cve", "enchantments": {"score": {"modified": "2017-09-19T13:36:40", "vector": "NONE", "value": 4.3}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:11043", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11043"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2009-3609"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:11043", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:11043"}], "modified": "2017-09-18T21:29:41", "cpe": ["cpe:/a:poppler:poppler:0.9.3", "cpe:/a:poppler:poppler:0.5.1", "cpe:/a:poppler:poppler:0.12.0", "cpe:/a:poppler:poppler:0.4.3", "cpe:/a:poppler:poppler:0.9.1", "cpe:/a:poppler:poppler:0.5.0", "cpe:/a:poppler:poppler:0.7.3", "cpe:/a:poppler:poppler:0.10.5", "cpe:/a:poppler:poppler:0.3.1", "cpe:/a:foolabs:xpdf:3.02", "cpe:/a:poppler:poppler:0.5.3", "cpe:/a:poppler:poppler:0.8.0", "cpe:/a:poppler:poppler:0.5.9", "cpe:/a:poppler:poppler:0.1.2", "cpe:/a:poppler:poppler:0.10.2", "cpe:/a:foolabs:xpdf:3.00", "cpe:/a:poppler:poppler:0.3.3", "cpe:/a:poppler:poppler:0.11.3", "cpe:/a:poppler:poppler:0.4.4", "cpe:/a:foolabs:xpdf:3.01", "cpe:/a:poppler:poppler:0.10.6", "cpe:/a:poppler:poppler:0.7.1", "cpe:/a:foolabs:xpdf:3.02pl3", "cpe:/a:foolabs:xpdf:3.02pl1", "cpe:/a:poppler:poppler:0.5.2", "cpe:/a:poppler:poppler:0.10.1", "cpe:/a:poppler:poppler:0.4.0", "cpe:/a:poppler:poppler:0.8.6", "cpe:/a:poppler:poppler:0.6.2", "cpe:/a:poppler:poppler:0.11.2", "cpe:/a:poppler:poppler:0.8.4", "cpe:/a:poppler:poppler:0.4.2", "cpe:/a:poppler:poppler:0.5.4", "cpe:/a:poppler:poppler:0.8.1", "cpe:/a:poppler:poppler:0.6.0", "cpe:/a:poppler:poppler:0.7.2", "cpe:/a:poppler:poppler:0.1", "cpe:/a:poppler:poppler:0.3.2", "cpe:/a:poppler:poppler:0.11.0", "cpe:/a:poppler:poppler:0.3.0", "cpe:/a:poppler:poppler:0.10.0", "cpe:/a:poppler:poppler:0.10.3", "cpe:/a:poppler:poppler:0.8.3", "cpe:/a:poppler:poppler:0.9.0", "cpe:/a:poppler:poppler:0.4.1", "cpe:/a:poppler:poppler:0.2.0", "cpe:/a:poppler:poppler:0.11.1", "cpe:/a:poppler:poppler:0.10.4", "cpe:/a:poppler:poppler:0.10.7", "cpe:/a:poppler:poppler:0.8.7", "cpe:/a:poppler:poppler:0.6.1", "cpe:/a:foolabs:xpdf:3.02pl2", "cpe:/a:poppler:poppler:0.6.4", "cpe:/a:poppler:poppler:0.1.1", "cpe:/a:poppler:poppler:0.9.2", "cpe:/a:poppler:poppler:0.6.3", "cpe:/a:poppler:poppler:0.7.0", "cpe:/a:poppler:poppler:0.8.2"], "id": "CVE-2009-3609", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3609", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-09-19T13:36:40", "references": ["http://www.openwall.com/lists/oss-security/2009/12/01/5", "https://rhn.redhat.com/errata/RHSA-2009-1513.html", "http://www.ubuntu.com/usn/USN-850-3", "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287", "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1", "http://www.openwall.com/lists/oss-security/2009/12/01/1", "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch", "http://www.vupen.com/english/advisories/2009/2925", "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175", "https://rhn.redhat.com/errata/RHSA-2009-1502.html", "https://rhn.redhat.com/errata/RHSA-2009-1512.html", "http://www.vupen.com/english/advisories/2010/0802", "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html", "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1", "http://securitytracker.com/id?1023029", "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html", "http://www.debian.org/security/2010/dsa-2050", "https://bugzilla.redhat.com/show_bug.cgi?id=526637", "http://www.securityfocus.com/bid/36703", "https://rhn.redhat.com/errata/RHSA-2009-1501.html", "http://www.vupen.com/english/advisories/2009/2928", "http://www.ocert.org/advisories/ocert-2009-016.html", "http://www.vupen.com/english/advisories/2010/1220", "http://www.ubuntu.com/usn/USN-850-1", "http://www.mandriva.com/security/advisories?name=MDVSA-2009:334", "http://poppler.freedesktop.org/", "http://www.vupen.com/english/advisories/2009/2926", "https://rhn.redhat.com/errata/RHSA-2009-1503.html", "https://rhn.redhat.com/errata/RHSA-2009-1504.html", "http://www.debian.org/security/2010/dsa-2028", "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html", "http://www.vupen.com/english/advisories/2009/2924", "http://www.openwall.com/lists/oss-security/2009/12/01/6", "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html", "http://www.debian.org/security/2009/dsa-1941", "https://exchange.xforce.ibmcloud.com/vulnerabilities/53794"], "description": "Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow.", "edition": 3, "reporter": "NVD", "published": "2009-10-21T13:30:00", "title": "CVE-2009-3608", "type": "cve", "enchantments": {"score": {"modified": "2017-09-19T13:36:40", "vector": "NONE", "value": 9.3}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:9536", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9536"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2009-3608"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:9536", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:9536"}], "modified": "2017-09-18T21:29:41", "cpe": ["cpe:/a:poppler:poppler:0.9.3", "cpe:/a:poppler:poppler:0.5.1", "cpe:/a:poppler:poppler:0.12.0", "cpe:/a:poppler:poppler:0.4.3", "cpe:/a:poppler:poppler:0.9.1", "cpe:/a:poppler:poppler:0.5.0", "cpe:/a:poppler:poppler:0.7.3", "cpe:/a:poppler:poppler:0.10.5", "cpe:/a:poppler:poppler:0.3.1", "cpe:/a:foolabs:xpdf:3.02", "cpe:/a:poppler:poppler:0.5.3", "cpe:/a:poppler:poppler:0.8.0", "cpe:/a:poppler:poppler:0.5.9", "cpe:/a:poppler:poppler:0.1.2", "cpe:/a:poppler:poppler:0.10.2", "cpe:/a:foolabs:xpdf:3.00", "cpe:/a:poppler:poppler:0.3.3", "cpe:/a:poppler:poppler:0.11.3", "cpe:/a:poppler:poppler:0.4.4", "cpe:/a:foolabs:xpdf:3.01", "cpe:/a:poppler:poppler:0.10.6", "cpe:/a:poppler:poppler:0.7.1", "cpe:/a:foolabs:xpdf:3.02pl3", "cpe:/a:foolabs:xpdf:3.02pl1", "cpe:/a:poppler:poppler:0.5.2", "cpe:/a:poppler:poppler:0.10.1", "cpe:/a:poppler:poppler:0.4.0", "cpe:/a:poppler:poppler:0.8.6", "cpe:/a:poppler:poppler:0.6.2", "cpe:/a:poppler:poppler:0.11.2", "cpe:/a:poppler:poppler:0.8.4", "cpe:/a:poppler:poppler:0.4.2", "cpe:/a:poppler:poppler:0.5.4", "cpe:/a:poppler:poppler:0.8.1", "cpe:/a:poppler:poppler:0.6.0", "cpe:/a:poppler:poppler:0.7.2", "cpe:/a:poppler:poppler:0.1", "cpe:/a:poppler:poppler:0.3.2", "cpe:/a:poppler:poppler:0.11.0", "cpe:/a:poppler:poppler:0.3.0", "cpe:/a:poppler:poppler:0.10.0", "cpe:/a:poppler:poppler:0.10.3", "cpe:/a:poppler:poppler:0.8.3", "cpe:/a:poppler:poppler:0.9.0", "cpe:/a:poppler:poppler:0.4.1", "cpe:/a:poppler:poppler:0.2.0", "cpe:/a:poppler:poppler:0.11.1", "cpe:/a:poppler:poppler:0.10.4", "cpe:/a:poppler:poppler:0.10.7", "cpe:/a:poppler:poppler:0.8.7", "cpe:/a:poppler:poppler:0.6.1", "cpe:/a:foolabs:xpdf:3.02pl2", "cpe:/a:poppler:poppler:0.6.4", "cpe:/a:poppler:poppler:0.1.1", "cpe:/a:poppler:poppler:0.9.2", "cpe:/a:poppler:poppler:0.6.3", "cpe:/a:poppler:poppler:0.7.0", "cpe:/a:poppler:poppler:0.8.2"], "id": "CVE-2009-3608", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3608", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-09-19T13:36:40", "references": ["http://www.openwall.com/lists/oss-security/2009/12/01/5", "http://cgit.freedesktop.org/poppler/poppler/diff/poppler/PSOutputDev.cc?id=7b2d314a61", "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287", "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1", "http://www.openwall.com/lists/oss-security/2009/12/01/1", "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch", "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175", "https://rhn.redhat.com/errata/RHSA-2009-1502.html", "http://www.vupen.com/english/advisories/2010/0802", "http://www.vupen.com/english/advisories/2010/1040", "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html", "https://exchange.xforce.ibmcloud.com/vulnerabilities/53798", "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1", "http://securitytracker.com/id?1023029", "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html", "http://www.debian.org/security/2010/dsa-2050", "http://www.securityfocus.com/bid/36703", "https://rhn.redhat.com/errata/RHSA-2009-1501.html", "http://www.vupen.com/english/advisories/2009/2928", "http://www.vupen.com/english/advisories/2010/1220", "https://rhn.redhat.com/errata/RHSA-2009-1500.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087", "http://www.debian.org/security/2010/dsa-2028", "https://bugzilla.redhat.com/show_bug.cgi?id=526877", "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html", "http://www.vupen.com/english/advisories/2009/2924", "http://www.openwall.com/lists/oss-security/2009/12/01/6", "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html", "http://www.debian.org/security/2009/dsa-1941"], "description": "Integer overflow in the PSOutputDev::doImageL1Sep function in Xpdf before 3.02pl4, and Poppler 0.x, as used in kdegraphics KPDF, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow.", "edition": 3, "reporter": "NVD", "published": "2009-10-21T13:30:00", "title": "CVE-2009-3606", "type": "cve", "enchantments": {"score": {"modified": "2017-09-19T13:36:40", "vector": "NONE", "value": 9.3}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:11289", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11289"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2009-3606"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:11289", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:11289"}], "modified": "2017-09-18T21:29:41", "cpe": ["cpe:/a:poppler:poppler:0.9.3", "cpe:/a:poppler:poppler:0.5.1", "cpe:/a:poppler:poppler:0.12.0", "cpe:/a:poppler:poppler:0.4.3", "cpe:/a:poppler:poppler:0.9.1", "cpe:/a:poppler:poppler:0.5.0", "cpe:/a:poppler:poppler:0.7.3", "cpe:/a:poppler:poppler:0.10.5", "cpe:/a:poppler:poppler:0.3.1", "cpe:/a:foolabs:xpdf:3.02", "cpe:/a:poppler:poppler:0.5.3", "cpe:/a:poppler:poppler:0.8.0", "cpe:/a:poppler:poppler:0.5.9", "cpe:/a:poppler:poppler:0.1.2", "cpe:/a:poppler:poppler:0.10.2", "cpe:/a:foolabs:xpdf:3.00", "cpe:/a:poppler:poppler:0.3.3", "cpe:/a:poppler:poppler:0.11.3", "cpe:/a:poppler:poppler:0.4.4", "cpe:/a:foolabs:xpdf:3.01", "cpe:/a:poppler:poppler:0.10.6", "cpe:/a:poppler:poppler:0.7.1", "cpe:/a:foolabs:xpdf:3.02pl3", "cpe:/a:foolabs:xpdf:3.02pl1", "cpe:/a:poppler:poppler:0.5.2", "cpe:/a:poppler:poppler:0.10.1", "cpe:/a:poppler:poppler:0.4.0", "cpe:/a:poppler:poppler:0.8.6", "cpe:/a:poppler:poppler:0.6.2", "cpe:/a:poppler:poppler:0.11.2", "cpe:/a:poppler:poppler:0.8.4", "cpe:/a:poppler:poppler:0.4.2", "cpe:/a:poppler:poppler:0.5.4", "cpe:/a:poppler:poppler:0.8.1", "cpe:/a:poppler:poppler:0.6.0", "cpe:/a:poppler:poppler:0.7.2", "cpe:/a:poppler:poppler:0.1", "cpe:/a:poppler:poppler:0.3.2", "cpe:/a:poppler:poppler:0.11.0", "cpe:/a:poppler:poppler:0.3.0", "cpe:/a:poppler:poppler:0.10.0", "cpe:/a:poppler:poppler:0.10.3", "cpe:/a:poppler:poppler:0.8.3", "cpe:/a:poppler:poppler:0.9.0", "cpe:/a:poppler:poppler:0.4.1", "cpe:/a:poppler:poppler:0.2.0", "cpe:/a:poppler:poppler:0.11.1", "cpe:/a:poppler:poppler:0.10.4", "cpe:/a:poppler:poppler:0.10.7", "cpe:/a:poppler:poppler:0.8.7", "cpe:/a:poppler:poppler:0.6.1", "cpe:/a:foolabs:xpdf:3.02pl2", "cpe:/a:poppler:poppler:0.6.4", "cpe:/a:poppler:poppler:0.1.1", "cpe:/a:poppler:poppler:0.9.2", "cpe:/a:poppler:poppler:0.6.3", "cpe:/a:poppler:poppler:0.7.0", "cpe:/a:poppler:poppler:0.8.2"], "id": "CVE-2009-3606", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3606", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-09-19T13:36:40", "references": ["http://cgit.freedesktop.org/poppler/poppler/commit/?id=9cf2325fb22f812b31858e519411f57747d39bd8", "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1", "https://bugzilla.redhat.com/show_bug.cgi?id=491840", "https://launchpad.net/ubuntu/+archive/primary/+files/poppler_0.10.5-1ubuntu2.4.diff.gz", "http://cgit.freedesktop.org/poppler/poppler/commit/?id=284a92899602daa4a7f429e61849e794569310b5", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175", "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1", "http://www.ubuntu.com/usn/USN-850-1", "http://www.mandriva.com/security/advisories?name=MDVSA-2009:334", "https://launchpad.net/ubuntu/+archive/primary/+files/poppler_0.8.7-1ubuntu0.4.diff.gz", "https://bugs.launchpad.net/bugs/cve/2009-3605", "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html", "http://cgit.freedesktop.org/poppler/poppler/commit/?id=7b2d314a61fd0e12f47c62996cb49ec0d1ba747a"], "description": "Multiple integer overflows in Poppler 0.10.5 and earlier allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file, related to (1) glib/poppler-page.cc; (2) ArthurOutputDev.cc, (3) CairoOutputDev.cc, (4) GfxState.cc, (5) JBIG2Stream.cc, (6) PSOutputDev.cc, and (7) SplashOutputDev.cc in poppler/; and (8) SplashBitmap.cc, (9) Splash.cc, and (10) SplashFTFont.cc in splash/. NOTE: this may overlap CVE-2009-0791.", "edition": 2, "reporter": "NVD", "published": "2009-11-02T10:30:00", "title": "CVE-2009-3605", "type": "cve", "enchantments": {"score": {"modified": "2017-09-19T13:36:40", "vector": "NONE", "value": 6.8}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:7731", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7731"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2009-3605"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:7731", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:7731"}], "modified": "2017-09-18T21:29:41", "cpe": ["cpe:/a:poppler:poppler:0.9.3", "cpe:/a:poppler:poppler:0.5.1", "cpe:/a:poppler:poppler:0.4.3", "cpe:/a:poppler:poppler:0.9.1", "cpe:/a:poppler:poppler:0.5.0", "cpe:/a:poppler:poppler:0.7.3", "cpe:/a:poppler:poppler:0.10.5", "cpe:/a:poppler:poppler:0.3.1", "cpe:/a:poppler:poppler:0.5.3", "cpe:/a:poppler:poppler:0.8.0", "cpe:/a:poppler:poppler:0.5.9", "cpe:/a:poppler:poppler:0.1.2", "cpe:/a:poppler:poppler:0.10.2", "cpe:/a:poppler:poppler:0.3.3", "cpe:/a:poppler:poppler:0.4.4", "cpe:/a:poppler:poppler:0.7.1", "cpe:/a:poppler:poppler:0.5.2", "cpe:/a:poppler:poppler:0.10.1", "cpe:/a:poppler:poppler:0.4.0", "cpe:/a:poppler:poppler:0.8.6", "cpe:/a:poppler:poppler:0.6.2", "cpe:/a:poppler:poppler:0.8.5", "cpe:/a:poppler:poppler:0.8.4", "cpe:/a:poppler:poppler:0.4.2", "cpe:/a:poppler:poppler:0.5.4", "cpe:/a:poppler:poppler:0.8.1", "cpe:/a:poppler:poppler:0.5.90", "cpe:/a:poppler:poppler:0.6.0", "cpe:/a:poppler:poppler:0.7.2", "cpe:/a:poppler:poppler:0.1", "cpe:/a:poppler:poppler:0.3.2", "cpe:/a:poppler:poppler:0.3.0", "cpe:/a:poppler:poppler:0.10.0", "cpe:/a:poppler:poppler:0.10.3", "cpe:/a:poppler:poppler:0.8.3", "cpe:/a:poppler:poppler:0.9.0", "cpe:/a:poppler:poppler:0.4.1", "cpe:/a:poppler:poppler:0.2.0", "cpe:/a:poppler:poppler:0.10.4", "cpe:/a:poppler:poppler:0.8.7", "cpe:/a:poppler:poppler:0.6.1", "cpe:/a:poppler:poppler:0.5.91", "cpe:/a:poppler:poppler:0.6.4", "cpe:/a:poppler:poppler:0.1.1", "cpe:/a:poppler:poppler:0.9.2", "cpe:/a:poppler:poppler:0.6.3", "cpe:/a:poppler:poppler:0.7.0", "cpe:/a:poppler:poppler:0.8.2"], "id": "CVE-2009-3605", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3605", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-09-19T13:36:40", "references": ["http://www.ubuntu.com/usn/USN-850-3", "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287", "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1", "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch", "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175", "https://rhn.redhat.com/errata/RHSA-2009-1502.html", "https://rhn.redhat.com/errata/RHSA-2009-1512.html", "http://www.vupen.com/english/advisories/2010/0802", "http://site.pi3.com.pl/adv/xpdf.txt", "http://www.vupen.com/english/advisories/2010/1040", "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html", "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1", "http://securitytracker.com/id?1023029", "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html", "http://www.debian.org/security/2010/dsa-2050", "http://www.securityfocus.com/bid/36703", "https://rhn.redhat.com/errata/RHSA-2009-1501.html", "http://www.vupen.com/english/advisories/2009/2928", "http://www.vupen.com/english/advisories/2010/1220", "https://rhn.redhat.com/errata/RHSA-2009-1500.html", "https://exchange.xforce.ibmcloud.com/vulnerabilities/53795", "http://www.ubuntu.com/usn/USN-850-1", "https://bugzilla.redhat.com/show_bug.cgi?id=526911", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087", "http://cgit.freedesktop.org/poppler/poppler/commit/?id=9cf2325fb2", "https://rhn.redhat.com/errata/RHSA-2009-1503.html", "http://www.debian.org/security/2010/dsa-2028", "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html", "http://www.vupen.com/english/advisories/2009/2924", "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html", "http://cgit.freedesktop.org/poppler/poppler/diff/?id=284a928996&id2=75c3466ba2"], "description": "The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before 3.02pl4, and Poppler 0.x, as used in GPdf and kdegraphics KPDF, does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document that triggers a NULL pointer dereference or a heap-based buffer overflow.", "edition": 3, "reporter": "NVD", "published": "2009-10-21T13:30:00", "title": "CVE-2009-3604", "type": "cve", "enchantments": {"score": {"modified": "2017-09-19T13:36:40", "vector": "NONE", "value": 6.8}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:10969", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10969"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2009-3604"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:10969", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:10969"}], "modified": "2017-09-18T21:29:41", "cpe": ["cpe:/a:poppler:poppler:0.9.3", "cpe:/a:poppler:poppler:0.5.1", "cpe:/a:poppler:poppler:0.12.0", "cpe:/a:foolabs:xpdf:2.00", "cpe:/a:poppler:poppler:0.4.3", "cpe:/a:poppler:poppler:0.9.1", "cpe:/a:poppler:poppler:0.5.0", "cpe:/a:poppler:poppler:0.7.3", "cpe:/a:poppler:poppler:0.10.5", "cpe:/a:foolabs:xpdf:2.01", "cpe:/a:poppler:poppler:0.3.1", "cpe:/a:foolabs:xpdf:3.02", "cpe:/a:poppler:poppler:0.5.3", "cpe:/a:poppler:poppler:0.8.0", "cpe:/a:poppler:poppler:0.5.9", "cpe:/a:poppler:poppler:0.1.2", "cpe:/a:poppler:poppler:0.10.2", "cpe:/a:foolabs:xpdf:3.00", "cpe:/a:poppler:poppler:0.3.3", "cpe:/a:poppler:poppler:0.11.3", "cpe:/a:poppler:poppler:0.4.4", "cpe:/a:foolabs:xpdf:3.01", "cpe:/a:poppler:poppler:0.10.6", "cpe:/a:poppler:poppler:0.7.1", "cpe:/a:foolabs:xpdf:3.02pl3", "cpe:/a:foolabs:xpdf:3.02pl1", "cpe:/a:poppler:poppler:0.5.2", "cpe:/a:poppler:poppler:0.10.1", "cpe:/a:poppler:poppler:0.4.0", "cpe:/a:poppler:poppler:0.8.6", "cpe:/a:poppler:poppler:0.6.2", "cpe:/a:poppler:poppler:0.8.5", "cpe:/a:poppler:poppler:0.11.2", "cpe:/a:poppler:poppler:0.8.4", "cpe:/a:poppler:poppler:0.4.2", "cpe:/a:poppler:poppler:0.5.4", "cpe:/a:poppler:poppler:0.8.1", "cpe:/a:poppler:poppler:0.5.90", "cpe:/a:poppler:poppler:0.6.0", "cpe:/a:poppler:poppler:0.7.2", "cpe:/a:poppler:poppler:0.1", "cpe:/a:poppler:poppler:0.3.2", "cpe:/a:poppler:poppler:0.11.0", "cpe:/a:poppler:poppler:0.3.0", "cpe:/a:poppler:poppler:0.10.0", "cpe:/a:poppler:poppler:0.10.3", "cpe:/a:poppler:poppler:0.8.3", "cpe:/a:poppler:poppler:0.9.0", "cpe:/a:poppler:poppler:0.4.1", "cpe:/a:poppler:poppler:0.2.0", "cpe:/a:poppler:poppler:0.11.1", "cpe:/a:poppler:poppler:0.10.4", "cpe:/a:foolabs:xpdf:2.03", "cpe:/a:poppler:poppler:0.10.7", "cpe:/a:poppler:poppler:0.8.7", "cpe:/a:poppler:poppler:0.6.1", "cpe:/a:foolabs:xpdf:2.02", "cpe:/a:poppler:poppler:0.5.91", "cpe:/a:foolabs:xpdf:3.02pl2", "cpe:/a:poppler:poppler:0.6.4", "cpe:/a:poppler:poppler:0.1.1", "cpe:/a:poppler:poppler:0.9.2", "cpe:/a:poppler:poppler:0.6.3", "cpe:/a:poppler:poppler:0.7.0", "cpe:/a:poppler:poppler:0.8.2"], "id": "CVE-2009-3604", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3604", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "debian": [{"lastseen": "2016-09-02T18:25:25", "references": [], "affectedPackage": [{"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "alpha", "packageFilename": "kcoloredit_3.5.9-3+lenny3_alpha.deb", "packageName": "kcoloredit", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "armel", "packageFilename": "kolourpaint_3.5.9-3+lenny3_armel.deb", "packageName": "kolourpaint", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "hppa", "packageFilename": "kuickshow_3.5.9-3+lenny3_hppa.deb", "packageName": "kuickshow", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "all", "packageFilename": "kdegraphics_3.5.9-3+lenny3_all.deb", "packageName": "kdegraphics", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "alpha", "packageFilename": "ksvg_3.5.9-3+lenny3_alpha.deb", "packageName": "ksvg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "s390x", "packageFilename": "kpovmodeler_3.5.9-3+lenny3_s390.deb", "packageName": "kpovmodeler", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "s390x", "packageFilename": "kamera_3.5.9-3+lenny3_s390.deb", "packageName": "kamera", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "i686", "packageFilename": "kview_3.5.9-3+lenny3_i386.deb", "packageName": "kview", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "hppa", "packageFilename": "kdegraphics-kfile-plugins_3.5.9-3+lenny3_hppa.deb", "packageName": "kdegraphics-kfile-plugins", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "s390x", "packageFilename": "kfax_3.5.9-3+lenny3_s390.deb", "packageName": "kfax", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "i686", "packageFilename": "libkscan1_3.5.9-3+lenny3_i386.deb", "packageName": "libkscan1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "mipsel", "packageFilename": "kruler_3.5.9-3+lenny3_mipsel.deb", "packageName": "kruler", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "arm", "packageFilename": "kview_3.5.9-3+lenny3_arm.deb", "packageName": "kview", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "ppc", "packageFilename": "kuickshow_3.5.9-3+lenny3_powerpc.deb", "packageName": "kuickshow", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "armel", "packageFilename": "kiconedit_3.5.9-3+lenny3_armel.deb", "packageName": "kiconedit", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "sparc", "packageFilename": "ksnapshot_3.5.9-3+lenny3_sparc.deb", "packageName": "ksnapshot", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "x86-64", "packageFilename": "kooka_3.5.9-3+lenny3_amd64.deb", "packageName": "kooka", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "alpha", "packageFilename": "kruler_3.5.9-3+lenny3_alpha.deb", "packageName": "kruler", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "mips", "packageFilename": "kghostview_3.5.9-3+lenny3_mips.deb", "packageName": "kghostview", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "alpha", "packageFilename": "kviewshell_3.5.9-3+lenny3_alpha.deb", "packageName": "kviewshell", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "arm", "packageFilename": "kfax_3.5.9-3+lenny3_arm.deb", "packageName": "kfax", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "alpha", "packageFilename": "kfaxview_3.5.9-3+lenny3_alpha.deb", "packageName": "kfaxview", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "armel", "packageFilename": "kdegraphics-kfile-plugins_3.5.9-3+lenny3_armel.deb", "packageName": "kdegraphics-kfile-plugins", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "arm", "packageFilename": "kmrml_3.5.9-3+lenny3_arm.deb", "packageName": "kmrml", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "arm", "packageFilename": "kdvi_3.5.9-3+lenny3_arm.deb", "packageName": "kdvi", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "armel", "packageFilename": "kview_3.5.9-3+lenny3_armel.deb", "packageName": "kview", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "armel", "packageFilename": "kamera_3.5.9-3+lenny3_armel.deb", "packageName": "kamera", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "s390x", "packageFilename": "libkscan1_3.5.9-3+lenny3_s390.deb", "packageName": "libkscan1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "x86-64", "packageFilename": "kamera_3.5.9-3+lenny3_amd64.deb", "packageName": "kamera", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "mips", "packageFilename": "libkscan1_3.5.9-3+lenny3_mips.deb", "packageName": "libkscan1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "ia64", "packageFilename": "kpdf_3.5.9-3+lenny3_ia64.deb", "packageName": "kpdf", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "ppc", "packageFilename": "libkscan-dev_3.5.9-3+lenny3_powerpc.deb", "packageName": "libkscan-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "x86-64", "packageFilename": "kpdf_3.5.9-3+lenny3_amd64.deb", "packageName": "kpdf", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "s390x", "packageFilename": "kpdf_3.5.9-3+lenny3_s390.deb", "packageName": "kpdf", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "mips", "packageFilename": "kfax_3.5.9-3+lenny3_mips.deb", "packageName": "kfax", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "alpha", "packageFilename": "kiconedit_3.5.9-3+lenny3_alpha.deb", "packageName": "kiconedit", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "x86-64", "packageFilename": "kview_3.5.9-3+lenny3_amd64.deb", "packageName": "kview", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "x86-64", "packageFilename": "kdegraphics-kfile-plugins_3.5.9-3+lenny3_amd64.deb", "packageName": "kdegraphics-kfile-plugins", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "i686", "packageFilename": "ksvg_3.5.9-3+lenny3_i386.deb", "packageName": "ksvg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "arm", "packageFilename": "kdegraphics-dbg_3.5.9-3+lenny3_arm.deb", "packageName": "kdegraphics-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "mips", "packageFilename": "kpovmodeler_3.5.9-3+lenny3_mips.deb", "packageName": "kpovmodeler", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "hppa", "packageFilename": "kghostview_3.5.9-3+lenny3_hppa.deb", "packageName": "kghostview", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "sparc", "packageFilename": "kcoloredit_3.5.9-3+lenny3_sparc.deb", "packageName": "kcoloredit", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "ppc", "packageFilename": "kdegraphics-dev_3.5.9-3+lenny3_powerpc.deb", "packageName": "kdegraphics-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "i686", "packageFilename": "kdegraphics-dbg_3.5.9-3+lenny3_i386.deb", "packageName": "kdegraphics-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "arm", "packageFilename": "kcoloredit_3.5.9-3+lenny3_arm.deb", "packageName": "kcoloredit", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "ppc", "packageFilename": "kruler_3.5.9-3+lenny3_powerpc.deb", "packageName": "kruler", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "ppc", "packageFilename": "kview_3.5.9-3+lenny3_powerpc.deb", "packageName": "kview", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "mipsel", "packageFilename": "kooka_3.5.9-3+lenny3_mipsel.deb", "packageName": "kooka", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "armel", "packageFilename": "kooka_3.5.9-3+lenny3_armel.deb", "packageName": "kooka", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "i686", "packageFilename": "kghostview_3.5.9-3+lenny3_i386.deb", "packageName": "kghostview", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "s390x", "packageFilename": "kviewshell_3.5.9-3+lenny3_s390.deb", "packageName": "kviewshell", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "ia64", "packageFilename": "ksnapshot_3.5.9-3+lenny3_ia64.deb", "packageName": "ksnapshot", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "armel", "packageFilename": "kcoloredit_3.5.9-3+lenny3_armel.deb", "packageName": "kcoloredit", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "armel", "packageFilename": "kruler_3.5.9-3+lenny3_armel.deb", "packageName": "kruler", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "arm", "packageFilename": "kpovmodeler_3.5.9-3+lenny3_arm.deb", "packageName": "kpovmodeler", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "ia64", "packageFilename": "kfaxview_3.5.9-3+lenny3_ia64.deb", "packageName": "kfaxview", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "mips", "packageFilename": "kuickshow_3.5.9-3+lenny3_mips.deb", "packageName": "kuickshow", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "mipsel", "packageFilename": "ksvg_3.5.9-3+lenny3_mipsel.deb", "packageName": "ksvg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "s390x", "packageFilename": "kview_3.5.9-3+lenny3_s390.deb", "packageName": "kview", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "ia64", "packageFilename": "kdegraphics-dbg_3.5.9-3+lenny3_ia64.deb", "packageName": "kdegraphics-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "sparc", "packageFilename": "kviewshell_3.5.9-3+lenny3_sparc.deb", "packageName": "kviewshell", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "all", "packageFilename": "kdegraphics-doc-html_3.5.9-3+lenny3_all.deb", "packageName": "kdegraphics-doc-html", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "alpha", "packageFilename": "kuickshow_3.5.9-3+lenny3_alpha.deb", "packageName": "kuickshow", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "mips", "packageFilename": "kamera_3.5.9-3+lenny3_mips.deb", "packageName": "kamera", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "x86-64", "packageFilename": "libkscan-dev_3.5.9-3+lenny3_amd64.deb", "packageName": "libkscan-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "x86-64", "packageFilename": "kdegraphics-dev_3.5.9-3+lenny3_amd64.deb", "packageName": "kdegraphics-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "mipsel", "packageFilename": "kiconedit_3.5.9-3+lenny3_mipsel.deb", "packageName": "kiconedit", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "i686", "packageFilename": "kruler_3.5.9-3+lenny3_i386.deb", "packageName": "kruler", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "ia64", "packageFilename": "kview_3.5.9-3+lenny3_ia64.deb", "packageName": "kview", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "ppc", "packageFilename": "kiconedit_3.5.9-3+lenny3_powerpc.deb", "packageName": "kiconedit", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "i686", "packageFilename": "kdegraphics-dev_3.5.9-3+lenny3_i386.deb", "packageName": "kdegraphics-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "armel", "packageFilename": "kfaxview_3.5.9-3+lenny3_armel.deb", "packageName": "kfaxview", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "sparc", "packageFilename": "libkscan1_3.5.9-3+lenny3_sparc.deb", "packageName": "libkscan1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "sparc", "packageFilename": "kghostview_3.5.9-3+lenny3_sparc.deb", "packageName": "kghostview", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "ia64", "packageFilename": "kiconedit_3.5.9-3+lenny3_ia64.deb", "packageName": "kiconedit", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "hppa", "packageFilename": "ksvg_3.5.9-3+lenny3_hppa.deb", "packageName": "ksvg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "alpha", "packageFilename": "kgamma_3.5.9-3+lenny3_alpha.deb", "packageName": "kgamma", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "mipsel", "packageFilename": "kdegraphics-kfile-plugins_3.5.9-3+lenny3_mipsel.deb", "packageName": "kdegraphics-kfile-plugins", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "sparc", "packageFilename": "kdvi_3.5.9-3+lenny3_sparc.deb", "packageName": "kdvi", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "sparc", "packageFilename": "kamera_3.5.9-3+lenny3_sparc.deb", "packageName": "kamera", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "armel", "packageFilename": "libkscan-dev_3.5.9-3+lenny3_armel.deb", "packageName": "libkscan-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "arm", "packageFilename": "libkscan1_3.5.9-3+lenny3_arm.deb", "packageName": "libkscan1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "ia64", "packageFilename": "kruler_3.5.9-3+lenny3_ia64.deb", "packageName": "kruler", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "sparc", "packageFilename": "kolourpaint_3.5.9-3+lenny3_sparc.deb", "packageName": "kolourpaint", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "armel", "packageFilename": "kpovmodeler_3.5.9-3+lenny3_armel.deb", "packageName": "kpovmodeler", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "x86-64", "packageFilename": "kfax_3.5.9-3+lenny3_amd64.deb", "packageName": "kfax", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "s390x", "packageFilename": "ksvg_3.5.9-3+lenny3_s390.deb", "packageName": "ksvg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "ia64", "packageFilename": "kdvi_3.5.9-3+lenny3_ia64.deb", "packageName": "kdvi", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "ia64", "packageFilename": "kamera_3.5.9-3+lenny3_ia64.deb", "packageName": "kamera", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "i686", "packageFilename": "kooka_3.5.9-3+lenny3_i386.deb", "packageName": "kooka", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "alpha", "packageFilename": "ksnapshot_3.5.9-3+lenny3_alpha.deb", "packageName": "ksnapshot", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "i686", "packageFilename": "kfax_3.5.9-3+lenny3_i386.deb", "packageName": "kfax", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "i686", "packageFilename": "kiconedit_3.5.9-3+lenny3_i386.deb", "packageName": "kiconedit", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "sparc", "packageFilename": "kdegraphics-kfile-plugins_3.5.9-3+lenny3_sparc.deb", "packageName": "kdegraphics-kfile-plugins", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "alpha", "packageFilename": "kfax_3.5.9-3+lenny3_alpha.deb", "packageName": "kfax", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "s390x", "packageFilename": "kdvi_3.5.9-3+lenny3_s390.deb", "packageName": "kdvi", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "arm", "packageFilename": "kooka_3.5.9-3+lenny3_arm.deb", "packageName": "kooka", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "hppa", "packageFilename": "libkscan-dev_3.5.9-3+lenny3_hppa.deb", "packageName": "libkscan-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "i686", "packageFilename": "kcoloredit_3.5.9-3+lenny3_i386.deb", "packageName": "kcoloredit", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "mips", "packageFilename": "kooka_3.5.9-3+lenny3_mips.deb", "packageName": "kooka", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "sparc", "packageFilename": "kpovmodeler_3.5.9-3+lenny3_sparc.deb", "packageName": "kpovmodeler", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "mips", "packageFilename": "kview_3.5.9-3+lenny3_mips.deb", "packageName": "kview", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "mipsel", "packageFilename": "kuickshow_3.5.9-3+lenny3_mipsel.deb", "packageName": "kuickshow", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "ppc", "packageFilename": "kdegraphics-kfile-plugins_3.5.9-3+lenny3_powerpc.deb", "packageName": "kdegraphics-kfile-plugins", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "hppa", "packageFilename": "kolourpaint_3.5.9-3+lenny3_hppa.deb", "packageName": "kolourpaint", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "sparc", "packageFilename": "kdegraphics-dbg_3.5.9-3+lenny3_sparc.deb", "packageName": "kdegraphics-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "hppa", "packageFilename": "kooka_3.5.9-3+lenny3_hppa.deb", "packageName": "kooka", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "alpha", "packageFilename": "libkscan1_3.5.9-3+lenny3_alpha.deb", "packageName": "libkscan1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "mipsel", "packageFilename": "kdegraphics-dbg_3.5.9-3+lenny3_mipsel.deb", "packageName": "kdegraphics-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "sparc", "packageFilename": "kmrml_3.5.9-3+lenny3_sparc.deb", "packageName": "kmrml", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "s390x", "packageFilename": "kfaxview_3.5.9-3+lenny3_s390.deb", "packageName": "kfaxview", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "ppc", "packageFilename": "kooka_3.5.9-3+lenny3_powerpc.deb", "packageName": "kooka", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "mips", "packageFilename": "kdegraphics-dev_3.5.9-3+lenny3_mips.deb", "packageName": "kdegraphics-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "mipsel", "packageFilename": "kghostview_3.5.9-3+lenny3_mipsel.deb", "packageName": "kghostview", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "hppa", "packageFilename": "kdvi_3.5.9-3+lenny3_hppa.deb", "packageName": "kdvi", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "ia64", "packageFilename": "kooka_3.5.9-3+lenny3_ia64.deb", "packageName": "kooka", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "mips", "packageFilename": "libkscan-dev_3.5.9-3+lenny3_mips.deb", "packageName": "libkscan-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "x86-64", "packageFilename": "kmrml_3.5.9-3+lenny3_amd64.deb", "packageName": "kmrml", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "sparc", "packageFilename": "kpdf_3.5.9-3+lenny3_sparc.deb", "packageName": "kpdf", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "mipsel", "packageFilename": "kamera_3.5.9-3+lenny3_mipsel.deb", "packageName": "kamera", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "mipsel", "packageFilename": "kfax_3.5.9-3+lenny3_mipsel.deb", "packageName": "kfax", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "ppc", "packageFilename": "kamera_3.5.9-3+lenny3_powerpc.deb", "packageName": "kamera", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "hppa", "packageFilename": "kview_3.5.9-3+lenny3_hppa.deb", "packageName": "kview", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "s390x", "packageFilename": "kooka_3.5.9-3+lenny3_s390.deb", "packageName": "kooka", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "mips", "packageFilename": "kruler_3.5.9-3+lenny3_mips.deb", "packageName": "kruler", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "x86-64", "packageFilename": "kiconedit_3.5.9-3+lenny3_amd64.deb", "packageName": "kiconedit", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "s390x", "packageFilename": "ksnapshot_3.5.9-3+lenny3_s390.deb", "packageName": "ksnapshot", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "ppc", "packageFilename": "kolourpaint_3.5.9-3+lenny3_powerpc.deb", "packageName": "kolourpaint", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "mipsel", "packageFilename": "kview_3.5.9-3+lenny3_mipsel.deb", "packageName": "kview", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "armel", "packageFilename": "kfax_3.5.9-3+lenny3_armel.deb", "packageName": "kfax", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "ia64", "packageFilename": "kghostview_3.5.9-3+lenny3_ia64.deb", "packageName": "kghostview", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "x86-64", "packageFilename": "kolourpaint_3.5.9-3+lenny3_amd64.deb", "packageName": "kolourpaint", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "arm", "packageFilename": "kghostview_3.5.9-3+lenny3_arm.deb", "packageName": "kghostview", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "ppc", "packageFilename": "kghostview_3.5.9-3+lenny3_powerpc.deb", "packageName": "kghostview", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "ppc", "packageFilename": "kpdf_3.5.9-3+lenny3_powerpc.deb", "packageName": "kpdf", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "hppa", "packageFilename": "kfaxview_3.5.9-3+lenny3_hppa.deb", "packageName": "kfaxview", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "alpha", "packageFilename": "kmrml_3.5.9-3+lenny3_alpha.deb", "packageName": "kmrml", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "sparc", "packageFilename": "kruler_3.5.9-3+lenny3_sparc.deb", "packageName": "kruler", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "mipsel", "packageFilename": "kdegraphics-dev_3.5.9-3+lenny3_mipsel.deb", "packageName": "kdegraphics-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "x86-64", "packageFilename": "ksnapshot_3.5.9-3+lenny3_amd64.deb", "packageName": "ksnapshot", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "alpha", "packageFilename": "kview_3.5.9-3+lenny3_alpha.deb", "packageName": "kview", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "sparc", "packageFilename": "kiconedit_3.5.9-3+lenny3_sparc.deb", "packageName": "kiconedit", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "ia64", "packageFilename": "kviewshell_3.5.9-3+lenny3_ia64.deb", "packageName": "kviewshell", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "s390x", "packageFilename": "libkscan-dev_3.5.9-3+lenny3_s390.deb", "packageName": "libkscan-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "ppc", "packageFilename": "kviewshell_3.5.9-3+lenny3_powerpc.deb", "packageName": "kviewshell", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "hppa", "packageFilename": "kpovmodeler_3.5.9-3+lenny3_hppa.deb", "packageName": "kpovmodeler", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "alpha", "packageFilename": "kdegraphics-dbg_3.5.9-3+lenny3_alpha.deb", "packageName": "kdegraphics-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "ppc", "packageFilename": "libkscan1_3.5.9-3+lenny3_powerpc.deb", "packageName": "libkscan1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "alpha", "packageFilename": "kdvi_3.5.9-3+lenny3_alpha.deb", "packageName": "kdvi", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "armel", "packageFilename": "kghostview_3.5.9-3+lenny3_armel.deb", "packageName": "kghostview", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "arm", "packageFilename": "kolourpaint_3.5.9-3+lenny3_arm.deb", "packageName": "kolourpaint", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "armel", "packageFilename": "ksvg_3.5.9-3+lenny3_armel.deb", "packageName": "ksvg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "s390x", "packageFilename": "kuickshow_3.5.9-3+lenny3_s390.deb", "packageName": "kuickshow", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "mipsel", "packageFilename": "ksnapshot_3.5.9-3+lenny3_mipsel.deb", "packageName": "ksnapshot", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "mipsel", "packageFilename": "kpovmodeler_3.5.9-3+lenny3_mipsel.deb", "packageName": "kpovmodeler", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "ia64", "packageFilename": "kdegraphics-kfile-plugins_3.5.9-3+lenny3_ia64.deb", "packageName": "kdegraphics-kfile-plugins", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "mipsel", "packageFilename": "kolourpaint_3.5.9-3+lenny3_mipsel.deb", "packageName": "kolourpaint", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "mips", "packageFilename": "ksvg_3.5.9-3+lenny3_mips.deb", "packageName": "ksvg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "arm", "packageFilename": "kiconedit_3.5.9-3+lenny3_arm.deb", "packageName": "kiconedit", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "armel", "packageFilename": "kviewshell_3.5.9-3+lenny3_armel.deb", "packageName": "kviewshell", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "mips", "packageFilename": "kgamma_3.5.9-3+lenny3_mips.deb", "packageName": "kgamma", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "alpha", "packageFilename": "kamera_3.5.9-3+lenny3_alpha.deb", "packageName": "kamera", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "sparc", "packageFilename": "ksvg_3.5.9-3+lenny3_sparc.deb", "packageName": "ksvg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "mipsel", "packageFilename": "kpdf_3.5.9-3+lenny3_mipsel.deb", "packageName": "kpdf", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "hppa", "packageFilename": "kruler_3.5.9-3+lenny3_hppa.deb", "packageName": "kruler", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "x86-64", "packageFilename": "kghostview_3.5.9-3+lenny3_amd64.deb", "packageName": "kghostview", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "sparc", "packageFilename": "kview_3.5.9-3+lenny3_sparc.deb", "packageName": "kview", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "mips", "packageFilename": "kolourpaint_3.5.9-3+lenny3_mips.deb", "packageName": "kolourpaint", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "armel", "packageFilename": "kpdf_3.5.9-3+lenny3_armel.deb", "packageName": "kpdf", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "ia64", "packageFilename": "kfax_3.5.9-3+lenny3_ia64.deb", "packageName": "kfax", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "mips", "packageFilename": "kdvi_3.5.9-3+lenny3_mips.deb", "packageName": "kdvi", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "s390x", "packageFilename": "kruler_3.5.9-3+lenny3_s390.deb", "packageName": "kruler", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "x86-64", "packageFilename": "kruler_3.5.9-3+lenny3_amd64.deb", "packageName": "kruler", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "mipsel", "packageFilename": "kviewshell_3.5.9-3+lenny3_mipsel.deb", "packageName": "kviewshell", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "hppa", "packageFilename": "libkscan1_3.5.9-3+lenny3_hppa.deb", "packageName": "libkscan1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "armel", "packageFilename": "kuickshow_3.5.9-3+lenny3_armel.deb", "packageName": "kuickshow", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "hppa", "packageFilename": "kgamma_3.5.9-3+lenny3_hppa.deb", "packageName": "kgamma", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "alpha", "packageFilename": "kpovmodeler_3.5.9-3+lenny3_alpha.deb", "packageName": "kpovmodeler", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "i686", "packageFilename": "kdegraphics-kfile-plugins_3.5.9-3+lenny3_i386.deb", "packageName": "kdegraphics-kfile-plugins", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "alpha", "packageFilename": "libkscan-dev_3.5.9-3+lenny3_alpha.deb", "packageName": "libkscan-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "sparc", "packageFilename": "kooka_3.5.9-3+lenny3_sparc.deb", "packageName": "kooka", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "x86-64", "packageFilename": "kpovmodeler_3.5.9-3+lenny3_amd64.deb", "packageName": "kpovmodeler", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "arm", "packageFilename": "kruler_3.5.9-3+lenny3_arm.deb", "packageName": "kruler", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "arm", "packageFilename": "kpdf_3.5.9-3+lenny3_arm.deb", "packageName": "kpdf", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "ppc", "packageFilename": "ksnapshot_3.5.9-3+lenny3_powerpc.deb", "packageName": "ksnapshot", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "s390x", "packageFilename": "kolourpaint_3.5.9-3+lenny3_s390.deb", "packageName": "kolourpaint", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "s390x", "packageFilename": "kdegraphics-dbg_3.5.9-3+lenny3_s390.deb", "packageName": "kdegraphics-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "s390x", "packageFilename": "kmrml_3.5.9-3+lenny3_s390.deb", "packageName": "kmrml", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "mipsel", "packageFilename": "libkscan-dev_3.5.9-3+lenny3_mipsel.deb", "packageName": "libkscan-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "arm", "packageFilename": "kdegraphics-dev_3.5.9-3+lenny3_arm.deb", "packageName": "kdegraphics-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "i686", "packageFilename": "kmrml_3.5.9-3+lenny3_i386.deb", "packageName": "kmrml", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "ppc", "packageFilename": "kmrml_3.5.9-3+lenny3_powerpc.deb", "packageName": "kmrml", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "s390x", "packageFilename": "kghostview_3.5.9-3+lenny3_s390.deb", "packageName": "kghostview", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "arm", "packageFilename": "libkscan-dev_3.5.9-3+lenny3_arm.deb", "packageName": "libkscan-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "mipsel", "packageFilename": "kdvi_3.5.9-3+lenny3_mipsel.deb", "packageName": "kdvi", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3.diff", "arch": "src", "packageFilename": "kdegraphics_3.5.9-3+lenny3.diff.gz", "packageName": "kdegraphics", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "mips", "packageFilename": "kpdf_3.5.9-3+lenny3_mips.deb", "packageName": "kpdf", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "mips", "packageFilename": "kcoloredit_3.5.9-3+lenny3_mips.deb", "packageName": "kcoloredit", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "armel", "packageFilename": "kdegraphics-dbg_3.5.9-3+lenny3_armel.deb", "packageName": "kdegraphics-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "hppa", "packageFilename": "kfax_3.5.9-3+lenny3_hppa.deb", "packageName": "kfax", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "s390x", "packageFilename": "kdegraphics-kfile-plugins_3.5.9-3+lenny3_s390.deb", "packageName": "kdegraphics-kfile-plugins", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "x86-64", "packageFilename": "kviewshell_3.5.9-3+lenny3_amd64.deb", "packageName": "kviewshell", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "ia64", "packageFilename": "kcoloredit_3.5.9-3+lenny3_ia64.deb", "packageName": "kcoloredit", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "s390x", "packageFilename": "kiconedit_3.5.9-3+lenny3_s390.deb", "packageName": "kiconedit", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "arm", "packageFilename": "kdegraphics-kfile-plugins_3.5.9-3+lenny3_arm.deb", "packageName": "kdegraphics-kfile-plugins", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "i686", "packageFilename": "kviewshell_3.5.9-3+lenny3_i386.deb", "packageName": "kviewshell", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "ia64", "packageFilename": "ksvg_3.5.9-3+lenny3_ia64.deb", "packageName": "ksvg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "x86-64", "packageFilename": "kdegraphics-dbg_3.5.9-3+lenny3_amd64.deb", "packageName": "kdegraphics-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "i686", "packageFilename": "kgamma_3.5.9-3+lenny3_i386.deb", "packageName": "kgamma", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "x86-64", "packageFilename": "kuickshow_3.5.9-3+lenny3_amd64.deb", "packageName": "kuickshow", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "x86-64", "packageFilename": "kgamma_3.5.9-3+lenny3_amd64.deb", "packageName": "kgamma", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "ppc", "packageFilename": "kfax_3.5.9-3+lenny3_powerpc.deb", "packageName": "kfax", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "hppa", "packageFilename": "kmrml_3.5.9-3+lenny3_hppa.deb", "packageName": "kmrml", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "i686", "packageFilename": "kuickshow_3.5.9-3+lenny3_i386.deb", "packageName": "kuickshow", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "sparc", "packageFilename": "libkscan-dev_3.5.9-3+lenny3_sparc.deb", "packageName": "libkscan-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "sparc", "packageFilename": "kdegraphics-dev_3.5.9-3+lenny3_sparc.deb", "packageName": "kdegraphics-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "ppc", "packageFilename": "kfaxview_3.5.9-3+lenny3_powerpc.deb", "packageName": "kfaxview", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "ia64", "packageFilename": "kgamma_3.5.9-3+lenny3_ia64.deb", "packageName": "kgamma", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "ia64", "packageFilename": "kolourpaint_3.5.9-3+lenny3_ia64.deb", "packageName": "kolourpaint", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "mips", "packageFilename": "kmrml_3.5.9-3+lenny3_mips.deb", "packageName": "kmrml", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "x86-64", "packageFilename": "kcoloredit_3.5.9-3+lenny3_amd64.deb", "packageName": "kcoloredit", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "sparc", "packageFilename": "kuickshow_3.5.9-3+lenny3_sparc.deb", "packageName": "kuickshow", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "hppa", "packageFilename": "kamera_3.5.9-3+lenny3_hppa.deb", "packageName": "kamera", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "hppa", "packageFilename": "kiconedit_3.5.9-3+lenny3_hppa.deb", "packageName": "kiconedit", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "ia64", "packageFilename": "kuickshow_3.5.9-3+lenny3_ia64.deb", "packageName": "kuickshow", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "sparc", "packageFilename": "kgamma_3.5.9-3+lenny3_sparc.deb", "packageName": "kgamma", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "ppc", "packageFilename": "kcoloredit_3.5.9-3+lenny3_powerpc.deb", "packageName": "kcoloredit", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "alpha", "packageFilename": "kdegraphics-kfile-plugins_3.5.9-3+lenny3_alpha.deb", "packageName": "kdegraphics-kfile-plugins", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "arm", "packageFilename": "kgamma_3.5.9-3+lenny3_arm.deb", "packageName": "kgamma", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "armel", "packageFilename": "ksnapshot_3.5.9-3+lenny3_armel.deb", "packageName": "ksnapshot", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "arm", "packageFilename": "kamera_3.5.9-3+lenny3_arm.deb", "packageName": "kamera", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "armel", "packageFilename": "libkscan1_3.5.9-3+lenny3_armel.deb", "packageName": "libkscan1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9.orig", "arch": "src", "packageFilename": "kdegraphics_3.5.9.orig.tar.gz", "packageName": "kdegraphics", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "arm", "packageFilename": "kuickshow_3.5.9-3+lenny3_arm.deb", "packageName": "kuickshow", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "ppc", "packageFilename": "ksvg_3.5.9-3+lenny3_powerpc.deb", "packageName": "ksvg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "ppc", "packageFilename": "kgamma_3.5.9-3+lenny3_powerpc.deb", "packageName": "kgamma", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "alpha", "packageFilename": "kghostview_3.5.9-3+lenny3_alpha.deb", "packageName": "kghostview", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "sparc", "packageFilename": "kfaxview_3.5.9-3+lenny3_sparc.deb", "packageName": "kfaxview", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "ppc", "packageFilename": "kdegraphics-dbg_3.5.9-3+lenny3_powerpc.deb", "packageName": "kdegraphics-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "alpha", "packageFilename": "kpdf_3.5.9-3+lenny3_alpha.deb", "packageName": "kpdf", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "x86-64", "packageFilename": "kdvi_3.5.9-3+lenny3_amd64.deb", "packageName": "kdvi", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "i686", "packageFilename": "kfaxview_3.5.9-3+lenny3_i386.deb", "packageName": "kfaxview", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "mipsel", "packageFilename": "kgamma_3.5.9-3+lenny3_mipsel.deb", "packageName": "kgamma", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "mips", "packageFilename": "kiconedit_3.5.9-3+lenny3_mips.deb", "packageName": "kiconedit", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "ia64", "packageFilename": "libkscan1_3.5.9-3+lenny3_ia64.deb", "packageName": "libkscan1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "x86-64", "packageFilename": "libkscan1_3.5.9-3+lenny3_amd64.deb", "packageName": "libkscan1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "arm", "packageFilename": "ksnapshot_3.5.9-3+lenny3_arm.deb", "packageName": "ksnapshot", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "ia64", "packageFilename": "libkscan-dev_3.5.9-3+lenny3_ia64.deb", "packageName": "libkscan-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "armel", "packageFilename": "kdvi_3.5.9-3+lenny3_armel.deb", "packageName": "kdvi", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "mips", "packageFilename": "kviewshell_3.5.9-3+lenny3_mips.deb", "packageName": "kviewshell", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "hppa", "packageFilename": "kdegraphics-dev_3.5.9-3+lenny3_hppa.deb", "packageName": "kdegraphics-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "arm", "packageFilename": "ksvg_3.5.9-3+lenny3_arm.deb", "packageName": "ksvg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "i686", "packageFilename": "ksnapshot_3.5.9-3+lenny3_i386.deb", "packageName": "ksnapshot", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "mips", "packageFilename": "kdegraphics-dbg_3.5.9-3+lenny3_mips.deb", "packageName": "kdegraphics-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "ia64", "packageFilename": "kdegraphics-dev_3.5.9-3+lenny3_ia64.deb", "packageName": "kdegraphics-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "armel", "packageFilename": "kmrml_3.5.9-3+lenny3_armel.deb", "packageName": "kmrml", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "ppc", "packageFilename": "kdvi_3.5.9-3+lenny3_powerpc.deb", "packageName": "kdvi", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "i686", "packageFilename": "kolourpaint_3.5.9-3+lenny3_i386.deb", "packageName": "kolourpaint", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "mipsel", "packageFilename": "kcoloredit_3.5.9-3+lenny3_mipsel.deb", "packageName": "kcoloredit", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "mipsel", "packageFilename": "kfaxview_3.5.9-3+lenny3_mipsel.deb", "packageName": "kfaxview", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "ia64", "packageFilename": "kmrml_3.5.9-3+lenny3_ia64.deb", "packageName": "kmrml", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "s390x", "packageFilename": "kcoloredit_3.5.9-3+lenny3_s390.deb", "packageName": "kcoloredit", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "hppa", "packageFilename": "kviewshell_3.5.9-3+lenny3_hppa.deb", "packageName": "kviewshell", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "sparc", "packageFilename": "kfax_3.5.9-3+lenny3_sparc.deb", "packageName": "kfax", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "alpha", "packageFilename": "kooka_3.5.9-3+lenny3_alpha.deb", "packageName": "kooka", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "x86-64", "packageFilename": "kfaxview_3.5.9-3+lenny3_amd64.deb", "packageName": "kfaxview", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "hppa", "packageFilename": "ksnapshot_3.5.9-3+lenny3_hppa.deb", "packageName": "ksnapshot", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "hppa", "packageFilename": "kcoloredit_3.5.9-3+lenny3_hppa.deb", "packageName": "kcoloredit", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "i686", "packageFilename": "kdvi_3.5.9-3+lenny3_i386.deb", "packageName": "kdvi", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "i686", "packageFilename": "kpovmodeler_3.5.9-3+lenny3_i386.deb", "packageName": "kpovmodeler", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "i686", "packageFilename": "libkscan-dev_3.5.9-3+lenny3_i386.deb", "packageName": "libkscan-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "mipsel", "packageFilename": "libkscan1_3.5.9-3+lenny3_mipsel.deb", "packageName": "libkscan1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "alpha", "packageFilename": "kolourpaint_3.5.9-3+lenny3_alpha.deb", "packageName": "kolourpaint", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "mips", "packageFilename": "ksnapshot_3.5.9-3+lenny3_mips.deb", "packageName": "ksnapshot", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "mipsel", "packageFilename": "kmrml_3.5.9-3+lenny3_mipsel.deb", "packageName": "kmrml", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "src", "packageFilename": "kdegraphics_3.5.9-3+lenny3.dsc", "packageName": "kdegraphics", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "mips", "packageFilename": "kfaxview_3.5.9-3+lenny3_mips.deb", "packageName": "kfaxview", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "x86-64", "packageFilename": "ksvg_3.5.9-3+lenny3_amd64.deb", "packageName": "ksvg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "armel", "packageFilename": "kgamma_3.5.9-3+lenny3_armel.deb", "packageName": "kgamma", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "arm", "packageFilename": "kfaxview_3.5.9-3+lenny3_arm.deb", "packageName": "kfaxview", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "arm", "packageFilename": "kviewshell_3.5.9-3+lenny3_arm.deb", "packageName": "kviewshell", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "alpha", "packageFilename": "kdegraphics-dev_3.5.9-3+lenny3_alpha.deb", "packageName": "kdegraphics-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "hppa", "packageFilename": "kdegraphics-dbg_3.5.9-3+lenny3_hppa.deb", "packageName": "kdegraphics-dbg", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "mips", "packageFilename": "kdegraphics-kfile-plugins_3.5.9-3+lenny3_mips.deb", "packageName": "kdegraphics-kfile-plugins", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "armel", "packageFilename": "kdegraphics-dev_3.5.9-3+lenny3_armel.deb", "packageName": "kdegraphics-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "s390x", "packageFilename": "kdegraphics-dev_3.5.9-3+lenny3_s390.deb", "packageName": "kdegraphics-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "ia64", "packageFilename": "kpovmodeler_3.5.9-3+lenny3_ia64.deb", "packageName": "kpovmodeler", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "s390x", "packageFilename": "kgamma_3.5.9-3+lenny3_s390.deb", "packageName": "kgamma", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "hppa", "packageFilename": "kpdf_3.5.9-3+lenny3_hppa.deb", "packageName": "kpdf", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "i686", "packageFilename": "kpdf_3.5.9-3+lenny3_i386.deb", "packageName": "kpdf", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "i686", "packageFilename": "kamera_3.5.9-3+lenny3_i386.deb", "packageName": "kamera", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.5.9-3+lenny3", "arch": "ppc", "packageFilename": "kpovmodeler_3.5.9-3+lenny3_powerpc.deb", "packageName": "kpovmodeler", "operator": "lt"}], "description": "Several local vulnerabilities have been discovered in KPDF, a PDF viewer for KDE, which allow the execution of arbitrary code or denial of service if a user is tricked into opening a crafted PDF document.\n\nFor the stable distribution (lenny), these problems have been fixed in version 4:3.5.9-3+lenny3.\n\nThe unstable distribution (sid) no longer contains kpdf. It's replacement, Okular, links against the poppler PDF library.\n\nWe recommend that you upgrade your kdegraphics packages.", "edition": 1, "reporter": "Debian", "published": "2010-05-24T00:00:00", "title": "kdegraphics -- several vulnerabilities", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "type": "debian", "bulletinFamily": "unix", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-1188", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3609"], "modified": "2010-05-24T00:00:00", "id": "DSA-2050", "href": "http://www.debian.org/security/dsa-2050", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-02T18:36:53", "references": [], "affectedPackage": [{"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.02-1.4+lenny2", "arch": "i686", "packageFilename": "xpdf-reader_3.02-1.4+lenny2_i386.deb", "packageName": "xpdf-reader", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.02-1.4+lenny2", "arch": "ia64", "packageFilename": "xpdf-reader_3.02-1.4+lenny2_ia64.deb", "packageName": "xpdf-reader", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.02-1.4+lenny2", "arch": "alpha", "packageFilename": "xpdf-utils_3.02-1.4+lenny2_alpha.deb", "packageName": "xpdf-utils", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.02-1.4+lenny2", "arch": "ppc", "packageFilename": "xpdf-utils_3.02-1.4+lenny2_powerpc.deb", "packageName": "xpdf-utils", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.02-1.4+lenny2", "arch": "sparc", "packageFilename": "xpdf-reader_3.02-1.4+lenny2_sparc.deb", "packageName": "xpdf-reader", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.02-1.4+lenny2", "arch": "all", "packageFilename": "xpdf_3.02-1.4+lenny2_all.deb", "packageName": "xpdf", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.02-1.4+lenny2", "arch": "arm", "packageFilename": "xpdf-utils_3.02-1.4+lenny2_arm.deb", "packageName": "xpdf-utils", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.02-1.4+lenny2", "arch": "armel", "packageFilename": "xpdf-reader_3.02-1.4+lenny2_armel.deb", "packageName": "xpdf-reader", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.02-1.4+lenny2", "arch": "sparc", "packageFilename": "xpdf-utils_3.02-1.4+lenny2_sparc.deb", "packageName": "xpdf-utils", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.02-1.4+lenny2", "arch": "arm", "packageFilename": "xpdf-reader_3.02-1.4+lenny2_arm.deb", "packageName": "xpdf-reader", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.02-1.4+lenny2", "arch": "alpha", "packageFilename": "xpdf-reader_3.02-1.4+lenny2_alpha.deb", "packageName": "xpdf-reader", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.02-1.4+lenny2", "arch": "x86-64", "packageFilename": "xpdf-reader_3.02-1.4+lenny2_amd64.deb", "packageName": "xpdf-reader", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.02-1.4+lenny2", "arch": "hppa", "packageFilename": "xpdf-reader_3.02-1.4+lenny2_hppa.deb", "packageName": "xpdf-reader", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.02-1.4+lenny2", "arch": "src", "packageFilename": "xpdf_3.02-1.4+lenny2.dsc", "packageName": "xpdf", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.02-1.4+lenny2", "arch": "x86-64", "packageFilename": "xpdf-utils_3.02-1.4+lenny2_amd64.deb", "packageName": "xpdf-utils", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.02-1.4+lenny2.diff", "arch": "src", "packageFilename": "xpdf_3.02-1.4+lenny2.diff.gz", "packageName": "xpdf", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.02-1.4+lenny2", "arch": "ppc", "packageFilename": "xpdf-reader_3.02-1.4+lenny2_powerpc.deb", "packageName": "xpdf-reader", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.02-1.4+lenny2", "arch": "s390x", "packageFilename": "xpdf-reader_3.02-1.4+lenny2_s390.deb", "packageName": "xpdf-reader", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.02-1.4+lenny2", "arch": "hppa", "packageFilename": "xpdf-utils_3.02-1.4+lenny2_hppa.deb", "packageName": "xpdf-utils", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.02-1.4+lenny2", "arch": "armel", "packageFilename": "xpdf-utils_3.02-1.4+lenny2_armel.deb", "packageName": "xpdf-utils", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.02-1.4+lenny2", "arch": "all", "packageFilename": "xpdf-common_3.02-1.4+lenny2_all.deb", "packageName": "xpdf-common", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.02.orig", "arch": "src", "packageFilename": "xpdf_3.02.orig.tar.gz", "packageName": "xpdf", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.02-1.4+lenny2", "arch": "s390x", "packageFilename": "xpdf-utils_3.02-1.4+lenny2_s390.deb", "packageName": "xpdf-utils", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.02-1.4+lenny2", "arch": "ia64", "packageFilename": "xpdf-utils_3.02-1.4+lenny2_ia64.deb", "packageName": "xpdf-utils", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "5", "packageVersion": "3.02-1.4+lenny2", "arch": "i686", "packageFilename": "xpdf-utils_3.02-1.4+lenny2_i386.deb", "packageName": "xpdf-utils", "operator": "lt"}], "description": "Several vulnerabilities have been identified in xpdf, a suite of tools for viewing and converting Portable Document Format (PDF) files.\n\nThe Common Vulnerabilities and Exposures project identifies the following problems:\n\n * [CVE-2009-1188](<https://security-tracker.debian.org/tracker/CVE-2009-1188>) and [CVE-2009-3603](<https://security-tracker.debian.org/tracker/CVE-2009-3603>)\n\nInteger overflow in SplashBitmap::SplashBitmap which might allow remote attackers to execute arbitrary code or an application crash via a crafted PDF document.\n\n * [CVE-2009-3604](<https://security-tracker.debian.org/tracker/CVE-2009-3604>)\n\nNULL pointer dereference or heap-based buffer overflow in Splash::drawImage which might allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document.\n\n * [CVE-2009-3606](<https://security-tracker.debian.org/tracker/CVE-2009-3606>)\n\nInteger overflow in the PSOutputDev::doImageL1Sep which might allow remote attackers to execute arbitrary code via a crafted PDF document.\n\n * [CVE-2009-3608](<https://security-tracker.debian.org/tracker/CVE-2009-3608>)\n\nInteger overflow in the ObjectStream::ObjectStream which might allow remote attackers to execute arbitrary code via a crafted PDF document.\n\n * [CVE-2009-3609](<https://security-tracker.debian.org/tracker/CVE-2009-3609>)\n\nInteger overflow in the ImageStream::ImageStream which might allow remote attackers to cause a denial of service via a crafted PDF document.\n\nFor the stable distribution (lenny), this problem has been fixed in version 3.02-1.4+lenny2.\n\nFor the testing distribution (squeeze), this problem will be fixed soon.\n\nFor the unstable distribution (sid), this problem has been fixed in version 3.02-2.", "edition": 1, "reporter": "Debian", "published": "2010-04-05T00:00:00", "title": "xpdf -- multiple vulnerabilities", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "type": "debian", "bulletinFamily": "unix", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-1188", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3609"], "modified": "2010-04-05T00:00:00", "id": "DSA-2028", "href": "http://www.debian.org/security/dsa-2028", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "ubuntu": [{"lastseen": "2018-08-31T00:10:20", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2009-3604", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-3603", "https://usn.ubuntu.com/usn/usn-850-1", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-3607", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-3609", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-3608"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "9.10", "packageVersion": "0.12.0-0ubuntu2.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libpoppler-glib4", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "9.10", "packageVersion": "0.12.0-0ubuntu2.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libpoppler5", "operator": "lt"}], "description": "USN-850-1 fixed vulnerabilities in poppler. This update provides the corresponding updates for Ubuntu 9.10.\n\nOriginal advisory details:\n\nIt was discovered that poppler contained multiple security issues when parsing malformed PDF documents. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program.", "edition": 3, "reporter": "Ubuntu", "published": "2009-11-02T00:00:00", "title": "poppler vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3607", "CVE-2009-3604", "CVE-2009-3609"], "modified": "2009-11-02T00:00:00", "id": "USN-850-3", "href": "https://usn.ubuntu.com/850-3/", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:08:50", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2009-0755", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-3605", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-3604", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-3603", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-3607", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-3609", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-3608"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "8.04", "packageVersion": "0.6.4-1ubuntu3.3", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libpoppler-glib2", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.10", "packageVersion": "0.8.7-1ubuntu0.4", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libpoppler-glib3", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "9.04", "packageVersion": "0.10.5-1ubuntu2.4", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libpoppler4", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.10", "packageVersion": "0.8.7-1ubuntu0.4", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libpoppler3", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "6.06", "packageVersion": "0.5.1-0ubuntu7.6", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libpoppler1", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "6.06", "packageVersion": "0.5.1-0ubuntu7.6", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libpoppler1-glib", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "9.04", "packageVersion": "0.10.5-1ubuntu2.4", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libpoppler-glib4", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.04", "packageVersion": "0.6.4-1ubuntu3.3", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libpoppler2", "operator": "lt"}], "description": "It was discovered that poppler contained multiple security issues when parsing malformed PDF documents. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program.", "edition": 3, "reporter": "Ubuntu", "published": "2009-10-21T00:00:00", "title": "poppler vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3607", "CVE-2009-0755", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-3609"], "modified": "2009-10-21T00:00:00", "id": "USN-850-1", "href": "https://usn.ubuntu.com/850-1/", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:08:11", "references": ["https://usn.ubuntu.com/usn/usn-850-1", "https://launchpad.net/bugs/457985"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "6.06", "packageVersion": "0.5.1-0ubuntu7.7", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libpoppler1-glib", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "9.04", "packageVersion": "0.10.5-1ubuntu2.5", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libpoppler4", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.04", "packageVersion": "0.6.4-1ubuntu3.4", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libpoppler-glib2", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.10", "packageVersion": "0.8.7-1ubuntu0.5", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libpoppler-glib3", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.04", "packageVersion": "0.6.4-1ubuntu3.4", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libpoppler2", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.10", "packageVersion": "0.8.7-1ubuntu0.5", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libpoppler3", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "9.04", "packageVersion": "0.10.5-1ubuntu2.5", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libpoppler-glib4", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "6.06", "packageVersion": "0.5.1-0ubuntu7.7", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libpoppler1", "operator": "lt"}], "description": "USN-850-1 fixed vulnerabilities in poppler. The security fix for CVE-2009-3605 introduced a regression that would cause certain applications, such as Okular, to segfault when opening certain PDF files.\n\nThis update fixes the problem. We apologize for the inconvenience.\n\nOriginal advisory details:\n\nIt was discovered that poppler contained multiple security issues when parsing malformed PDF documents. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program.", "edition": 3, "reporter": "Ubuntu", "published": "2009-10-22T00:00:00", "title": "poppler regression", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-3605"], "modified": "2009-10-22T00:00:00", "id": "USN-850-2", "href": "https://usn.ubuntu.com/850-2/", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T00:09:03", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2009-0800", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-0166", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-0799", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-0147", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-3606", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-1179", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-3609", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-1180", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-0146", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-0195", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-1181", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-0165", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-3608"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "9.04", "packageVersion": "1:1.6.3-7ubuntu6.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "kword", "operator": "lt"}], "description": "Will Dormann, Alin Rad Pop, Braden Thomas, and Drew Yao discovered that the Xpdf used in KOffice contained multiple security issues in its JBIG2 decoder. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program. (CVE-2009-0146, CVE-2009-0147, CVE-2009-0166, CVE-2009-0799, CVE-2009-0800, CVE-2009-1179, CVE-2009-1180, CVE-2009-1181)\n\nIt was discovered that the Xpdf used in KOffice contained multiple security issues when parsing malformed PDF documents. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program. (CVE-2009-3606, CVE-2009-3608, CVE-2009-3609)\n\nKOffice in Ubuntu 9.04 uses a very old version of Xpdf to import PDFs into KWord. Upstream KDE no longer supports PDF import in KOffice and as a result it was dropped in Ubuntu 9.10. While an attempt was made to fix the above issues, the maintenance burden for supporting this very old version of Xpdf outweighed its utility, and PDF import is now also disabled in Ubuntu 9.04.", "edition": 3, "reporter": "Ubuntu", "published": "2010-08-17T00:00:00", "title": "KOffice vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-3608", "CVE-2009-1181", "CVE-2009-1180", "CVE-2009-0195", "CVE-2009-3606", "CVE-2009-0799", "CVE-2009-0165", "CVE-2009-0166", "CVE-2009-3609", "CVE-2009-0147", "CVE-2009-0800", "CVE-2009-0146", "CVE-2009-1179"], "modified": "2010-08-17T00:00:00", "id": "USN-973-1", "href": "https://usn.ubuntu.com/973-1/", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "centos": [{"lastseen": "2017-10-03T18:25:08", "references": ["https://rhn.redhat.com/errata/RHSA-2009-1504.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "any", "packageName": "poppler", "packageFilename": "poppler-0.5.4-4.4.el5_4.11.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "any", "packageName": "poppler", "packageFilename": "poppler-0.5.4-4.4.el5_4.11.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "i386", "packageName": "poppler-devel", "packageFilename": "poppler-devel-0.5.4-4.4.el5_4.11.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "i386", "packageName": "poppler-devel", "packageFilename": "poppler-devel-0.5.4-4.4.el5_4.11.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "x86_64", "packageName": "poppler-devel", "packageFilename": "poppler-devel-0.5.4-4.4.el5_4.11.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "x86_64", "packageName": "poppler-utils", "packageFilename": "poppler-utils-0.5.4-4.4.el5_4.11.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "i386", "packageName": "poppler", "packageFilename": "poppler-0.5.4-4.4.el5_4.11.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "i386", "packageName": "poppler", "packageFilename": "poppler-0.5.4-4.4.el5_4.11.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "x86_64", "packageName": "poppler", "packageFilename": "poppler-0.5.4-4.4.el5_4.11.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "i386", "packageName": "poppler-utils", "packageFilename": "poppler-utils-0.5.4-4.4.el5_4.11.i386.rpm", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2009:1504\n\n\nPoppler is a Portable Document Format (PDF) rendering library, used by\napplications such as Evince.\n\nMultiple integer overflow flaws were found in poppler. An attacker could\ncreate a malicious PDF file that would cause applications that use poppler\n(such as Evince) to crash or, potentially, execute arbitrary code when\nopened. (CVE-2009-3603, CVE-2009-3608, CVE-2009-3609)\n\nRed Hat would like to thank Chris Rohlf for reporting the CVE-2009-3608\nissue.\n\nThis update also corrects a regression introduced in the previous poppler\nsecurity update, RHSA-2009:0480, that prevented poppler from rendering\ncertain PDF documents correctly. (BZ#528147)\n\nUsers are advised to upgrade to these updated packages, which contain\nbackported patches to resolve these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/016268.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/016271.html\n\n**Affected packages:**\npoppler\npoppler-devel\npoppler-utils\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2009-1504.html", "edition": 1, "reporter": "CentOS Project", "published": "2009-10-30T15:43:58", "title": "poppler security update", "type": "centos", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3609"], "modified": "2009-10-30T15:43:58", "href": "http://lists.centos.org/pipermail/centos-announce/2009-October/016268.html", "id": "CESA-2009:1504", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-03T18:25:56", "references": ["https://rhn.redhat.com/errata/RHSA-2009-1502.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "5", "packageVersion": "3.5.4-15.el5_4.2", "packageFilename": "kdegraphics-3.5.4-15.el5_4.2.i386.rpm", "packageName": "kdegraphics", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "3.5.4-15.el5_4.2", "packageFilename": "kdegraphics-devel-3.5.4-15.el5_4.2.i386.rpm", "packageName": "kdegraphics-devel", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "3.5.4-15.el5_4.2", "packageFilename": "kdegraphics-devel-3.5.4-15.el5_4.2.i386.rpm", "packageName": "kdegraphics-devel", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "3.5.4-15.el5_4.2", "packageFilename": "kdegraphics-3.5.4-15.el5_4.2.x86_64.rpm", "packageName": "kdegraphics", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "3.5.4-15.el5_4.2", "packageFilename": "kdegraphics-3.5.4-15.el5_4.2.src.rpm", "packageName": "kdegraphics", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "3.5.4-15.el5_4.2", "packageFilename": "kdegraphics-3.5.4-15.el5_4.2.src.rpm", "packageName": "kdegraphics", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "3.5.4-15.el5_4.2", "packageFilename": "kdegraphics-devel-3.5.4-15.el5_4.2.x86_64.rpm", "packageName": "kdegraphics-devel", "arch": "x86_64", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2009:1502\n\n\nThe kdegraphics packages contain applications for the K Desktop\nEnvironment, including KPDF, a viewer for Portable Document Format (PDF)\nfiles.\n\nMultiple integer overflow flaws were found in KPDF. An attacker could\ncreate a malicious PDF file that would cause KPDF to crash or, potentially,\nexecute arbitrary code when opened. (CVE-2009-0791, CVE-2009-1188,\nCVE-2009-3604, CVE-2009-3606, CVE-2009-3608, CVE-2009-3609)\n\nRed Hat would like to thank Adam Zabrocki for reporting the CVE-2009-3604\nissue, and Chris Rohlf for reporting the CVE-2009-3608 issue.\n\nUsers are advised to upgrade to these updated packages, which contain a\nbackported patch to resolve these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/016232.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/016233.html\n\n**Affected packages:**\nkdegraphics\nkdegraphics-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2009-1502.html", "edition": 1, "reporter": "CentOS Project", "published": "2009-10-30T15:43:50", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "title": "kdegraphics security update", "type": "centos", "bulletinFamily": "unix", "cvelist": ["CVE-2009-3608", "CVE-2009-1188", "CVE-2009-0791", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3609"], "modified": "2009-10-30T15:43:51", "href": "http://lists.centos.org/pipermail/centos-announce/2009-October/016232.html", "id": "CESA-2009:1502", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-03T18:25:59", "references": ["http://rhn.redhat.com/errata/RHSA-2009-1501.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.00-22.el4_8.1", "packageFilename": "xpdf-3.00-22.el4_8.1.i386.rpm", "packageName": "xpdf", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.00-22.el4_8.1", "packageFilename": "xpdf-3.00-22.el4_8.1.x86_64.rpm", "packageName": "xpdf", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.00-22.el4_8.1", "packageFilename": "xpdf-3.00-22.el4_8.1.src.rpm", "packageName": "xpdf", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.00-22.el4_8.1", "packageFilename": "xpdf-3.00-22.el4_8.1.src.rpm", "packageName": "xpdf", "arch": "any", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2009:1501\n\n\nXpdf is an X Window System based viewer for Portable Document Format (PDF)\nfiles.\n\nMultiple integer overflow flaws were found in Xpdf. An attacker could\ncreate a malicious PDF file that would cause Xpdf to crash or, potentially,\nexecute arbitrary code when opened. (CVE-2009-0791, CVE-2009-1188,\nCVE-2009-3604, CVE-2009-3606, CVE-2009-3608, CVE-2009-3609)\n\nRed Hat would like to thank Adam Zabrocki for reporting the CVE-2009-3604\nissue, and Chris Rohlf for reporting the CVE-2009-3608 issue.\n\nUsers are advised to upgrade to this updated package, which contains a\nbackported patch to correct these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/016189.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/016190.html\n\n**Affected packages:**\nxpdf\n\n**Upstream details at:**\n", "edition": 1, "reporter": "CentOS Project", "published": "2009-10-16T14:29:40", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "title": "xpdf security update", "type": "centos", "bulletinFamily": "unix", "cvelist": ["CVE-2009-3608", "CVE-2009-1188", "CVE-2009-0791", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3609"], "modified": "2009-10-16T14:29:46", "href": "http://lists.centos.org/pipermail/centos-announce/2009-October/016189.html", "id": "CESA-2009:1501", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-03T18:24:48", "references": ["http://rhn.redhat.com/errata/RHSA-2009-1512.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.3.1-15.el4_8.2", "arch": "x86_64", "packageName": "kdegraphics", "packageFilename": "kdegraphics-3.3.1-15.el4_8.2.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.3.1-15.el4_8.2", "arch": "x86_64", "packageName": "kdegraphics-devel", "packageFilename": "kdegraphics-devel-3.3.1-15.el4_8.2.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.3.1-15.el4_8.2", "arch": "i386", "packageName": "kdegraphics-devel", "packageFilename": "kdegraphics-devel-3.3.1-15.el4_8.2.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.3.1-15.el4_8.2", "arch": "any", "packageName": "kdegraphics", "packageFilename": "kdegraphics-3.3.1-15.el4_8.2.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.3.1-15.el4_8.2", "arch": "any", "packageName": "kdegraphics", "packageFilename": "kdegraphics-3.3.1-15.el4_8.2.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.3.1-15.el4_8.2", "arch": "i386", "packageName": "kdegraphics", "packageFilename": "kdegraphics-3.3.1-15.el4_8.2.i386.rpm", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2009:1512\n\n\nThe kdegraphics packages contain applications for the K Desktop\nEnvironment, including KPDF, a viewer for Portable Document Format (PDF)\nfiles.\n\nMultiple integer overflow flaws were found in KPDF. An attacker could\ncreate a malicious PDF file that would cause KPDF to crash or, potentially,\nexecute arbitrary code when opened. (CVE-2009-0791, CVE-2009-1188,\nCVE-2009-3604, CVE-2009-3608, CVE-2009-3609)\n\nRed Hat would like to thank Adam Zabrocki for reporting the CVE-2009-3604\nissue, and Chris Rohlf for reporting the CVE-2009-3608 issue.\n\nUsers are advised to upgrade to these updated packages, which contain a\nbackported patch to resolve these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/016193.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/016194.html\n\n**Affected packages:**\nkdegraphics\nkdegraphics-devel\n\n**Upstream details at:**\n", "edition": 1, "reporter": "CentOS Project", "published": "2009-10-16T14:29:57", "title": "kdegraphics security update", "type": "centos", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-3608", "CVE-2009-1188", "CVE-2009-0791", "CVE-2009-3604", "CVE-2009-3609"], "modified": "2009-10-16T14:30:00", "href": "http://lists.centos.org/pipermail/centos-announce/2009-October/016193.html", "id": "CESA-2009:1512", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-03T18:26:54", "references": ["http://rhn.redhat.com/errata/RHSA-2009-1503.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "4", "packageVersion": "2.8.2-7.7.2.el4_8.5", "arch": "i386", "packageName": "gpdf", "packageFilename": "gpdf-2.8.2-7.7.2.el4_8.5.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "2.8.2-7.7.2.el4_8.5", "arch": "x86_64", "packageName": "gpdf", "packageFilename": "gpdf-2.8.2-7.7.2.el4_8.5.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "2.8.2-7.7.2.el4_8.5", "arch": "any", "packageName": "gpdf", "packageFilename": "gpdf-2.8.2-7.7.2.el4_8.5.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "2.8.2-7.7.2.el4_8.5", "arch": "any", "packageName": "gpdf", "packageFilename": "gpdf-2.8.2-7.7.2.el4_8.5.src.rpm", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2009:1503\n\n\nGPdf is a viewer for Portable Document Format (PDF) files.\n\nMultiple integer overflow flaws were found in GPdf. An attacker could\ncreate a malicious PDF file that would cause GPdf to crash or, potentially,\nexecute arbitrary code when opened. (CVE-2009-0791, CVE-2009-1188,\nCVE-2009-3604, CVE-2009-3608, CVE-2009-3609)\n\nRed Hat would like to thank Adam Zabrocki for reporting the CVE-2009-3604\nissue, and Chris Rohlf for reporting the CVE-2009-3608 issue.\n\nUsers are advised to upgrade to this updated package, which contains a\nbackported patch to correct these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/016191.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/016192.html\n\n**Affected packages:**\ngpdf\n\n**Upstream details at:**\n", "edition": 1, "reporter": "CentOS Project", "published": "2009-10-16T14:29:50", "title": "gpdf security update", "type": "centos", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-3608", "CVE-2009-1188", "CVE-2009-0791", "CVE-2009-3604", "CVE-2009-3609"], "modified": "2009-10-16T14:29:54", "href": "http://lists.centos.org/pipermail/centos-announce/2009-October/016191.html", "id": "CESA-2009:1503", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-03T18:24:57", "references": ["https://rhn.redhat.com/errata/RHSA-2009-1500.html", "http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xBEFA581B"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "3", "packageVersion": "2.02-17.el3", "arch": "i386", "packageName": "xpdf", "packageFilename": "xpdf-2.02-17.el3.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "2.02-17.el3", "arch": "x86_64", "packageName": "xpdf", "packageFilename": "xpdf-2.02-17.el3.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "2.02-17.el3", "arch": "any", "packageName": "xpdf", "packageFilename": "xpdf-2.02-17.el3.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "2.02-17.el3", "arch": "any", "packageName": "xpdf", "packageFilename": "xpdf-2.02-17.el3.src.rpm", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2009:1500\n\n\nXpdf is an X Window System based viewer for Portable Document Format (PDF)\nfiles.\n\nMultiple integer overflow flaws were found in Xpdf. An attacker could\ncreate a malicious PDF file that would cause Xpdf to crash or, potentially,\nexecute arbitrary code when opened. (CVE-2009-0791, CVE-2009-3604,\nCVE-2009-3606, CVE-2009-3609)\n\nRed Hat would like to thank Adam Zabrocki for reporting the CVE-2009-3604\nissue.\n\nUsers are advised to upgrade to this updated package, which contains a\nbackported patch to correct these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/016187.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/016188.html\n\n**Affected packages:**\nxpdf\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2009-1500.html", "edition": 1, "reporter": "CentOS Project", "published": "2009-10-15T12:03:48", "title": "xpdf security update", "type": "centos", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-0791", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3609"], "modified": "2009-10-15T12:03:59", "href": "http://lists.centos.org/pipermail/centos-announce/2009-October/016187.html", "id": "CESA-2009:1500", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-03T18:24:28", "references": ["https://rhn.redhat.com/errata/RHSA-2009-1513.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "packageFilename": "cups-1.3.7-11.el5_4.3.x86_64.rpm", "packageName": "cups", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "packageFilename": "cups-lpd-1.3.7-11.el5_4.3.x86_64.rpm", "packageName": "cups-lpd", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "packageFilename": "cups-1.3.7-11.el5_4.3.src.rpm", "packageName": "cups", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "packageFilename": "cups-1.3.7-11.el5_4.3.src.rpm", "packageName": "cups", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "packageFilename": "cups-devel-1.3.7-11.el5_4.3.x86_64.rpm", "packageName": "cups-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "packageFilename": "cups-lpd-1.3.7-11.el5_4.3.i386.rpm", "packageName": "cups-lpd", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "packageFilename": "cups-libs-1.3.7-11.el5_4.3.x86_64.rpm", "packageName": "cups-libs", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "packageFilename": "cups-1.3.7-11.el5_4.3.i386.rpm", "packageName": "cups", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "packageFilename": "cups-libs-1.3.7-11.el5_4.3.i386.rpm", "packageName": "cups-libs", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "packageFilename": "cups-libs-1.3.7-11.el5_4.3.i386.rpm", "packageName": "cups-libs", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "packageFilename": "cups-devel-1.3.7-11.el5_4.3.i386.rpm", "packageName": "cups-devel", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "packageFilename": "cups-devel-1.3.7-11.el5_4.3.i386.rpm", "packageName": "cups-devel", "arch": "i386", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2009:1513\n\n\nThe Common UNIX Printing System (CUPS) provides a portable printing layer\nfor UNIX operating systems. The CUPS \"pdftops\" filter converts Portable\nDocument Format (PDF) files to PostScript.\n\nTwo integer overflow flaws were found in the CUPS \"pdftops\" filter. An\nattacker could create a malicious PDF file that would cause \"pdftops\" to\ncrash or, potentially, execute arbitrary code as the \"lp\" user if the file\nwas printed. (CVE-2009-3608, CVE-2009-3609)\n\nRed Hat would like to thank Chris Rohlf for reporting the CVE-2009-3608\nissue.\n\nUsers of cups are advised to upgrade to these updated packages, which\ncontain a backported patch to correct these issues. After installing the\nupdate, the cupsd daemon will be restarted automatically.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/016218.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/016219.html\n\n**Affected packages:**\ncups\ncups-devel\ncups-libs\ncups-lpd\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2009-1513.html", "edition": 1, "reporter": "CentOS Project", "published": "2009-10-30T15:43:47", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "title": "cups security update", "type": "centos", "bulletinFamily": "unix", "cvelist": ["CVE-2009-3608", "CVE-2009-3609"], "modified": "2009-10-30T15:43:47", "href": "http://lists.centos.org/pipermail/centos-announce/2009-October/016218.html", "id": "CESA-2009:1513", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-03T18:26:20", "references": ["https://rhn.redhat.com/errata/RHSA-2010-0755.html", "http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xBEFA581B"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.1.22-0.rc1.9.32.el4.10", "packageFilename": "cups-libs-1.1.22-0.rc1.9.32.el4.10.x86_64.rpm", "packageName": "cups-libs", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.1.22-0.rc1.9.32.el4.10", "packageFilename": "cups-1.1.22-0.rc1.9.32.el4.10.src.rpm", "packageName": "cups", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.1.22-0.rc1.9.32.el4.10", "packageFilename": "cups-1.1.22-0.rc1.9.32.el4.10.src.rpm", "packageName": "cups", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.1.22-0.rc1.9.32.el4.10", "packageFilename": "cups-devel-1.1.22-0.rc1.9.32.el4.10.x86_64.rpm", "packageName": "cups-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.1.22-0.rc1.9.32.el4.10", "packageFilename": "cups-1.1.22-0.rc1.9.32.el4.10.x86_64.rpm", "packageName": "cups", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.1.22-0.rc1.9.32.el4.10", "packageFilename": "cups-1.1.22-0.rc1.9.32.el4.10.i386.rpm", "packageName": "cups", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.1.22-0.rc1.9.32.el4.10", "packageFilename": "cups-libs-1.1.22-0.rc1.9.32.el4.10.i386.rpm", "packageName": "cups-libs", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.1.22-0.rc1.9.32.el4.10", "packageFilename": "cups-libs-1.1.22-0.rc1.9.32.el4.10.i386.rpm", "packageName": "cups-libs", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.1.22-0.rc1.9.32.el4.10", "packageFilename": "cups-devel-1.1.22-0.rc1.9.32.el4.10.i386.rpm", "packageName": "cups-devel", "arch": "i386", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2010:0755\n\n\nThe Common UNIX Printing System (CUPS) provides a portable printing layer\nfor UNIX operating systems. The CUPS \"pdftops\" filter converts Portable\nDocument Format (PDF) files to PostScript.\n\nMultiple flaws were discovered in the CUPS \"pdftops\" filter. An attacker\ncould create a malicious PDF file that, when printed, would cause \"pdftops\"\nto crash or, potentially, execute arbitrary code as the \"lp\" user.\n(CVE-2010-3702, CVE-2009-3609)\n\nUsers of cups are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing this\nupdate, the cupsd daemon will be restarted automatically.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2010-October/017051.html\nhttp://lists.centos.org/pipermail/centos-announce/2010-October/017052.html\n\n**Affected packages:**\ncups\ncups-devel\ncups-libs\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2010-0755.html", "edition": 1, "reporter": "CentOS Project", "published": "2010-10-09T18:14:48", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "title": "cups security update", "type": "centos", "bulletinFamily": "unix", "cvelist": ["CVE-2009-3609", "CVE-2010-3702"], "modified": "2010-10-09T18:15:37", "href": "http://lists.centos.org/pipermail/centos-announce/2010-October/017051.html", "id": "CESA-2010:0755", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "oraclelinux": [{"lastseen": "2018-08-31T01:42:29", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "i386", "packageFilename": "poppler-utils-0.5.4-4.4.el5_4.11.i386.rpm", "packageName": "poppler-utils", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "i386", "packageFilename": "poppler-devel-0.5.4-4.4.el5_4.11.i386.rpm", "packageName": "poppler-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "i386", "packageFilename": "poppler-devel-0.5.4-4.4.el5_4.11.i386.rpm", "packageName": "poppler-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "x86_64", "packageFilename": "poppler-0.5.4-4.4.el5_4.11.x86_64.rpm", "packageName": "poppler", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "ia64", "packageFilename": "poppler-0.5.4-4.4.el5_4.11.ia64.rpm", "packageName": "poppler", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "i386", "packageFilename": "poppler-0.5.4-4.4.el5_4.11.i386.rpm", "packageName": "poppler", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "i386", "packageFilename": "poppler-0.5.4-4.4.el5_4.11.i386.rpm", "packageName": "poppler", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "ia64", "packageFilename": "poppler-utils-0.5.4-4.4.el5_4.11.ia64.rpm", "packageName": "poppler-utils", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "ia64", "packageFilename": "poppler-devel-0.5.4-4.4.el5_4.11.ia64.rpm", "packageName": "poppler-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "x86_64", "packageFilename": "poppler-utils-0.5.4-4.4.el5_4.11.x86_64.rpm", "packageName": "poppler-utils", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "src", "packageFilename": "poppler-0.5.4-4.4.el5_4.11.src.rpm", "packageName": "poppler", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "src", "packageFilename": "poppler-0.5.4-4.4.el5_4.11.src.rpm", "packageName": "poppler", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "src", "packageFilename": "poppler-0.5.4-4.4.el5_4.11.src.rpm", "packageName": "poppler", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "x86_64", "packageFilename": "poppler-devel-0.5.4-4.4.el5_4.11.x86_64.rpm", "packageName": "poppler-devel", "operator": "lt"}], "description": "[0.5.4-4.4.el5_4.11]\n- Fixes various flaws addressed in bugs #526637, #526893 and #526915\n which were tracked in #527403.\n- Resolves: #527403\n[0.5.4-4.4.el5_4.10]\n- Add poppler-0.5.4-JBIG2-segment-reading.patch to\n fix reading of arithmetically encoded JBIG2 images with\n unknown length.\n- Resolves: #528147", "edition": 3, "reporter": "Oracle", "published": "2009-10-15T00:00:00", "title": "poppler security and bug fix update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3609"], "modified": "2009-10-15T00:00:00", "id": "ELSA-2009-1504", "href": "http://linux.oracle.com/errata/ELSA-2009-1504.html", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:40:39", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.00-22.el4_8.1", "arch": "ia64", "packageFilename": "xpdf-3.00-22.el4_8.1.ia64.rpm", "packageName": "xpdf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.00-22.el4_8.1", "arch": "src", "packageFilename": "xpdf-3.00-22.el4_8.1.src.rpm", "packageName": "xpdf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.00-22.el4_8.1", "arch": "src", "packageFilename": "xpdf-3.00-22.el4_8.1.src.rpm", "packageName": "xpdf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.00-22.el4_8.1", "arch": "src", "packageFilename": "xpdf-3.00-22.el4_8.1.src.rpm", "packageName": "xpdf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.00-22.el4_8.1", "arch": "i386", "packageFilename": "xpdf-3.00-22.el4_8.1.i386.rpm", "packageName": "xpdf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.00-22.el4_8.1", "arch": "x86_64", "packageFilename": "xpdf-3.00-22.el4_8.1.x86_64.rpm", "packageName": "xpdf", "operator": "lt"}], "description": "[3.00-22.1]\n- Resolves: #527468, CVE-2009-0791\n[3.00-22.el4]\n- CVE-2009-0791\n[3.00-21.el4]\n- CVE-2009-0791", "edition": 3, "reporter": "Oracle", "published": "2009-10-15T00:00:00", "title": "xpdf security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-3608", "CVE-2009-1188", "CVE-2009-0791", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3609"], "modified": "2009-10-15T00:00:00", "id": "ELSA-2009-1501", "href": "http://linux.oracle.com/errata/ELSA-2009-1501.html", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:40:44", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.3.1-15.el4_8.2", "arch": "src", "packageFilename": "kdegraphics-3.3.1-15.el4_8.2.src.rpm", "packageName": "kdegraphics", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.3.1-15.el4_8.2", "arch": "src", "packageFilename": "kdegraphics-3.3.1-15.el4_8.2.src.rpm", "packageName": "kdegraphics", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.3.1-15.el4_8.2", "arch": "src", "packageFilename": "kdegraphics-3.3.1-15.el4_8.2.src.rpm", "packageName": "kdegraphics", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.3.1-15.el4_8.2", "arch": "ia64", "packageFilename": "kdegraphics-3.3.1-15.el4_8.2.ia64.rpm", "packageName": "kdegraphics", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.3.1-15.el4_8.2", "arch": "i386", "packageFilename": "kdegraphics-3.3.1-15.el4_8.2.i386.rpm", "packageName": "kdegraphics", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.3.1-15.el4_8.2", "arch": "x86_64", "packageFilename": "kdegraphics-3.3.1-15.el4_8.2.x86_64.rpm", "packageName": "kdegraphics", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.3.1-15.el4_8.2", "arch": "x86_64", "packageFilename": "kdegraphics-devel-3.3.1-15.el4_8.2.x86_64.rpm", "packageName": "kdegraphics-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.3.1-15.el4_8.2", "arch": "ia64", "packageFilename": "kdegraphics-devel-3.3.1-15.el4_8.2.ia64.rpm", "packageName": "kdegraphics-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.3.1-15.el4_8.2", "arch": "i386", "packageFilename": "kdegraphics-devel-3.3.1-15.el4_8.2.i386.rpm", "packageName": "kdegraphics-devel", "operator": "lt"}], "description": "[3.3.1-15.2]\n- Add missing NULL check to CVE-2009-3608 patch\n[3.3.1-15.1]\n- CVE-2009-0791", "edition": 3, "reporter": "Oracle", "published": "2009-10-15T00:00:00", "title": "kdegraphics security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-3608", "CVE-2009-1188", "CVE-2009-0791", "CVE-2009-3604", "CVE-2009-3609"], "modified": "2009-10-15T00:00:00", "id": "ELSA-2009-1512", "href": "http://linux.oracle.com/errata/ELSA-2009-1512.html", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:40:21", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.8.2-7.7.2.el4_8.5", "arch": "x86_64", "packageFilename": "gpdf-2.8.2-7.7.2.el4_8.5.x86_64.rpm", "packageName": "gpdf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.8.2-7.7.2.el4_8.5", "arch": "i386", "packageFilename": "gpdf-2.8.2-7.7.2.el4_8.5.i386.rpm", "packageName": "gpdf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.8.2-7.7.2.el4_8.5", "arch": "src", "packageFilename": "gpdf-2.8.2-7.7.2.el4_8.5.src.rpm", "packageName": "gpdf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.8.2-7.7.2.el4_8.5", "arch": "src", "packageFilename": "gpdf-2.8.2-7.7.2.el4_8.5.src.rpm", "packageName": "gpdf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.8.2-7.7.2.el4_8.5", "arch": "src", "packageFilename": "gpdf-2.8.2-7.7.2.el4_8.5.src.rpm", "packageName": "gpdf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.8.2-7.7.2.el4_8.5", "arch": "ia64", "packageFilename": "gpdf-2.8.2-7.7.2.el4_8.5.ia64.rpm", "packageName": "gpdf", "operator": "lt"}], "description": "[2.8.2-7.7.2.el4_8.5]\n- Fixes various flaws addressed in bugs #491840 (CVE-2009-0791),\n - Resolves: #527413", "edition": 3, "reporter": "Oracle", "published": "2009-10-15T00:00:00", "title": "gpdf security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-3608", "CVE-2009-1188", "CVE-2009-0791", "CVE-2009-3604", "CVE-2009-3609"], "modified": "2009-10-15T00:00:00", "id": "ELSA-2009-1503", "href": "http://linux.oracle.com/errata/ELSA-2009-1503.html", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:45:25", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "arch": "i386", "packageFilename": "cups-devel-1.3.7-11.el5_4.3.i386.rpm", "packageName": "cups-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "arch": "i386", "packageFilename": "cups-devel-1.3.7-11.el5_4.3.i386.rpm", "packageName": "cups-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "arch": "ia64", "packageFilename": "cups-1.3.7-11.el5_4.3.ia64.rpm", "packageName": "cups", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "arch": "i386", "packageFilename": "cups-1.3.7-11.el5_4.3.i386.rpm", "packageName": "cups", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "arch": "ia64", "packageFilename": "cups-lpd-1.3.7-11.el5_4.3.ia64.rpm", "packageName": "cups-lpd", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "arch": "x86_64", "packageFilename": "cups-1.3.7-11.el5_4.3.x86_64.rpm", "packageName": "cups", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "arch": "x86_64", "packageFilename": "cups-libs-1.3.7-11.el5_4.3.x86_64.rpm", "packageName": "cups-libs", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "arch": "i386", "packageFilename": "cups-libs-1.3.7-11.el5_4.3.i386.rpm", "packageName": "cups-libs", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "arch": "i386", "packageFilename": "cups-libs-1.3.7-11.el5_4.3.i386.rpm", "packageName": "cups-libs", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "arch": "i386", "packageFilename": "cups-libs-1.3.7-11.el5_4.3.i386.rpm", "packageName": "cups-libs", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "arch": "ia64", "packageFilename": "cups-libs-1.3.7-11.el5_4.3.ia64.rpm", "packageName": "cups-libs", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "arch": "src", "packageFilename": "cups-1.3.7-11.el5_4.3.src.rpm", "packageName": "cups", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "arch": "src", "packageFilename": "cups-1.3.7-11.el5_4.3.src.rpm", "packageName": "cups", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "arch": "src", "packageFilename": "cups-1.3.7-11.el5_4.3.src.rpm", "packageName": "cups", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "arch": "i386", "packageFilename": "cups-lpd-1.3.7-11.el5_4.3.i386.rpm", "packageName": "cups-lpd", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "arch": "ia64", "packageFilename": "cups-devel-1.3.7-11.el5_4.3.ia64.rpm", "packageName": "cups-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "arch": "x86_64", "packageFilename": "cups-devel-1.3.7-11.el5_4.3.x86_64.rpm", "packageName": "cups-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "arch": "x86_64", "packageFilename": "cups-lpd-1.3.7-11.el5_4.3.x86_64.rpm", "packageName": "cups-lpd", "operator": "lt"}], "description": "[1:1.3.7-11:.3]\n- Include NULL pointer check in ObjectStream::getObject. Part of the\n fix for CVE-2009-3608 (bug #526637).\n[1:1.3.7-11:.2]\n- Applied patch to fix CVE-2009-3608 (bug #526637) and\n CVE-2009-3609 (bug #526893). ", "edition": 3, "reporter": "Oracle", "published": "2009-10-15T00:00:00", "title": "cups security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-3608", "CVE-2009-3609"], "modified": "2009-10-15T00:00:00", "id": "ELSA-2009-1513", "href": "http://linux.oracle.com/errata/ELSA-2009-1513.html", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "redhat": [{"lastseen": "2017-09-09T07:19:26", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "i386", "packageFilename": "poppler-0.5.4-4.4.el5_4.11.i386.rpm", "packageName": "poppler", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "i386", "packageFilename": "poppler-utils-0.5.4-4.4.el5_4.11.i386.rpm", "packageName": "poppler-utils", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "src", "packageFilename": "poppler-0.5.4-4.4.el5_4.11.src.rpm", "packageName": "poppler", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "x86_64", "packageFilename": "poppler-utils-0.5.4-4.4.el5_4.11.x86_64.rpm", "packageName": "poppler-utils", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "x86_64", "packageFilename": "poppler-0.5.4-4.4.el5_4.11.x86_64.rpm", "packageName": "poppler", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "ppc64", "packageFilename": "poppler-0.5.4-4.4.el5_4.11.ppc64.rpm", "packageName": "poppler", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "ppc64", "packageFilename": "poppler-devel-0.5.4-4.4.el5_4.11.ppc64.rpm", "packageName": "poppler-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "ppc", "packageFilename": "poppler-0.5.4-4.4.el5_4.11.ppc.rpm", "packageName": "poppler", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "ppc", "packageFilename": "poppler-devel-0.5.4-4.4.el5_4.11.ppc.rpm", "packageName": "poppler-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "ppc", "packageFilename": "poppler-utils-0.5.4-4.4.el5_4.11.ppc.rpm", "packageName": "poppler-utils", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "s390", "packageFilename": "poppler-0.5.4-4.4.el5_4.11.s390.rpm", "packageName": "poppler", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "s390", "packageFilename": "poppler-devel-0.5.4-4.4.el5_4.11.s390.rpm", "packageName": "poppler-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "s390x", "packageFilename": "poppler-utils-0.5.4-4.4.el5_4.11.s390x.rpm", "packageName": "poppler-utils", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "s390x", "packageFilename": "poppler-0.5.4-4.4.el5_4.11.s390x.rpm", "packageName": "poppler", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "s390x", "packageFilename": "poppler-devel-0.5.4-4.4.el5_4.11.s390x.rpm", "packageName": "poppler-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "i386", "packageFilename": "poppler-devel-0.5.4-4.4.el5_4.11.i386.rpm", "packageName": "poppler-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "x86_64", "packageFilename": "poppler-devel-0.5.4-4.4.el5_4.11.x86_64.rpm", "packageName": "poppler-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "ia64", "packageFilename": "poppler-0.5.4-4.4.el5_4.11.ia64.rpm", "packageName": "poppler", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "ia64", "packageFilename": "poppler-utils-0.5.4-4.4.el5_4.11.ia64.rpm", "packageName": "poppler-utils", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "ia64", "packageFilename": "poppler-devel-0.5.4-4.4.el5_4.11.ia64.rpm", "packageName": "poppler-devel", "operator": "lt"}], "description": "Poppler is a Portable Document Format (PDF) rendering library, used by\napplications such as Evince.\n\nMultiple integer overflow flaws were found in poppler. An attacker could\ncreate a malicious PDF file that would cause applications that use poppler\n(such as Evince) to crash or, potentially, execute arbitrary code when\nopened. (CVE-2009-3603, CVE-2009-3608, CVE-2009-3609)\n\nRed Hat would like to thank Chris Rohlf for reporting the CVE-2009-3608\nissue.\n\nThis update also corrects a regression introduced in the previous poppler\nsecurity update, RHSA-2009:0480, that prevented poppler from rendering\ncertain PDF documents correctly. (BZ#528147)\n\nUsers are advised to upgrade to these updated packages, which contain\nbackported patches to resolve these issues.", "reporter": "RedHat", "published": "2009-10-15T04:00:00", "type": "redhat", "title": "(RHSA-2009:1504) Important: poppler security and bug fix update", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-3603", "CVE-2009-3608", "CVE-2009-3609"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2017-09-08T11:58:29", "id": "RHSA-2009:1504", "href": "https://access.redhat.com/errata/RHSA-2009:1504", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-09-09T07:19:16", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.00-22.el4_8.1", "arch": "i386", "packageFilename": "xpdf-3.00-22.el4_8.1.i386.rpm", "packageName": "xpdf", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.00-22.el4_8.1", "arch": "src", "packageFilename": "xpdf-3.00-22.el4_8.1.src.rpm", "packageName": "xpdf", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.00-22.el4_8.1", "arch": "ia64", "packageFilename": "xpdf-3.00-22.el4_8.1.ia64.rpm", "packageName": "xpdf", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.00-22.el4_8.1", "arch": "x86_64", "packageFilename": "xpdf-3.00-22.el4_8.1.x86_64.rpm", "packageName": "xpdf", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.00-22.el4_8.1", "arch": "ppc", "packageFilename": "xpdf-3.00-22.el4_8.1.ppc.rpm", "packageName": "xpdf", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.00-22.el4_8.1", "arch": "s390", "packageFilename": "xpdf-3.00-22.el4_8.1.s390.rpm", "packageName": "xpdf", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.00-22.el4_8.1", "arch": "s390x", "packageFilename": "xpdf-3.00-22.el4_8.1.s390x.rpm", "packageName": "xpdf", "operator": "lt"}], "description": "Xpdf is an X Window System based viewer for Portable Document Format (PDF)\nfiles.\n\nMultiple integer overflow flaws were found in Xpdf. An attacker could\ncreate a malicious PDF file that would cause Xpdf to crash or, potentially,\nexecute arbitrary code when opened. (CVE-2009-0791, CVE-2009-1188,\nCVE-2009-3604, CVE-2009-3606, CVE-2009-3608, CVE-2009-3609)\n\nRed Hat would like to thank Adam Zabrocki for reporting the CVE-2009-3604\nissue, and Chris Rohlf for reporting the CVE-2009-3608 issue.\n\nUsers are advised to upgrade to this updated package, which contains a\nbackported patch to correct these issues.", "reporter": "RedHat", "published": "2009-10-15T04:00:00", "type": "redhat", "title": "(RHSA-2009:1501) Important: xpdf security update", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-0791", "CVE-2009-1188", "CVE-2009-3604", "CVE-2009-3606", "CVE-2009-3608", "CVE-2009-3609"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2017-09-08T12:20:16", "id": "RHSA-2009:1501", "href": "https://access.redhat.com/errata/RHSA-2009:1501", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-09-09T07:19:24", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.5.4-15.el5_4.2", "packageName": "kdegraphics", "packageFilename": "kdegraphics-3.5.4-15.el5_4.2.i386.rpm", "arch": "i386", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.5.4-15.el5_4.2", "packageName": "kdegraphics", "packageFilename": "kdegraphics-3.5.4-15.el5_4.2.src.rpm", "arch": "src", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.5.4-15.el5_4.2", "packageName": "kdegraphics", "packageFilename": "kdegraphics-3.5.4-15.el5_4.2.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.5.4-15.el5_4.2", "packageName": "kdegraphics-devel", "packageFilename": "kdegraphics-devel-3.5.4-15.el5_4.2.i386.rpm", "arch": "i386", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.5.4-15.el5_4.2", "packageName": "kdegraphics-devel", "packageFilename": "kdegraphics-devel-3.5.4-15.el5_4.2.x86_64.rpm", "arch": "x86_64", "operator": "lt"}], "description": "The kdegraphics packages contain applications for the K Desktop\nEnvironment, including KPDF, a viewer for Portable Document Format (PDF)\nfiles.\n\nMultiple integer overflow flaws were found in KPDF. An attacker could\ncreate a malicious PDF file that would cause KPDF to crash or, potentially,\nexecute arbitrary code when opened. (CVE-2009-0791, CVE-2009-1188,\nCVE-2009-3604, CVE-2009-3606, CVE-2009-3608, CVE-2009-3609)\n\nRed Hat would like to thank Adam Zabrocki for reporting the CVE-2009-3604\nissue, and Chris Rohlf for reporting the CVE-2009-3608 issue.\n\nUsers are advised to upgrade to these updated packages, which contain a\nbackported patch to resolve these issues.", "reporter": "RedHat", "published": "2009-10-15T04:00:00", "type": "redhat", "title": "(RHSA-2009:1502) Important: kdegraphics security update", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-0791", "CVE-2009-1188", "CVE-2009-3604", "CVE-2009-3606", "CVE-2009-3608", "CVE-2009-3609"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2017-09-08T12:13:54", "id": "RHSA-2009:1502", "href": "https://access.redhat.com/errata/RHSA-2009:1502", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-09-09T07:19:50", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "4", "packageVersion": "2.8.2-7.7.2.el4_8.5", "arch": "i386", "packageFilename": "gpdf-2.8.2-7.7.2.el4_8.5.i386.rpm", "packageName": "gpdf", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "2.8.2-7.7.2.el4_8.5", "arch": "src", "packageFilename": "gpdf-2.8.2-7.7.2.el4_8.5.src.rpm", "packageName": "gpdf", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "2.8.2-7.7.2.el4_8.5", "arch": "ia64", "packageFilename": "gpdf-2.8.2-7.7.2.el4_8.5.ia64.rpm", "packageName": "gpdf", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "2.8.2-7.7.2.el4_8.5", "arch": "x86_64", "packageFilename": "gpdf-2.8.2-7.7.2.el4_8.5.x86_64.rpm", "packageName": "gpdf", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "2.8.2-7.7.2.el4_8.5", "arch": "ppc", "packageFilename": "gpdf-2.8.2-7.7.2.el4_8.5.ppc.rpm", "packageName": "gpdf", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "2.8.2-7.7.2.el4_8.5", "arch": "s390", "packageFilename": "gpdf-2.8.2-7.7.2.el4_8.5.s390.rpm", "packageName": "gpdf", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "2.8.2-7.7.2.el4_8.5", "arch": "s390x", "packageFilename": "gpdf-2.8.2-7.7.2.el4_8.5.s390x.rpm", "packageName": "gpdf", "operator": "lt"}], "description": "GPdf is a viewer for Portable Document Format (PDF) files.\n\nMultiple integer overflow flaws were found in GPdf. An attacker could\ncreate a malicious PDF file that would cause GPdf to crash or, potentially,\nexecute arbitrary code when opened. (CVE-2009-0791, CVE-2009-1188,\nCVE-2009-3604, CVE-2009-3608, CVE-2009-3609)\n\nRed Hat would like to thank Adam Zabrocki for reporting the CVE-2009-3604\nissue, and Chris Rohlf for reporting the CVE-2009-3608 issue.\n\nUsers are advised to upgrade to this updated package, which contains a\nbackported patch to correct these issues.", "reporter": "RedHat", "published": "2009-10-15T04:00:00", "type": "redhat", "title": "(RHSA-2009:1503) Important: gpdf security update", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-0791", "CVE-2009-1188", "CVE-2009-3604", "CVE-2009-3608", "CVE-2009-3609"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2017-09-08T11:55:25", "id": "RHSA-2009:1503", "href": "https://access.redhat.com/errata/RHSA-2009:1503", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-09-09T07:20:05", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.3.1-15.el4_8.2", "packageName": "kdegraphics", "packageFilename": "kdegraphics-3.3.1-15.el4_8.2.i386.rpm", "arch": "i386", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.3.1-15.el4_8.2", "packageName": "kdegraphics-devel", "packageFilename": "kdegraphics-devel-3.3.1-15.el4_8.2.i386.rpm", "arch": "i386", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.3.1-15.el4_8.2", "packageName": "kdegraphics", "packageFilename": "kdegraphics-3.3.1-15.el4_8.2.src.rpm", "arch": "src", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.3.1-15.el4_8.2", "packageName": "kdegraphics", "packageFilename": "kdegraphics-3.3.1-15.el4_8.2.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.3.1-15.el4_8.2", "packageName": "kdegraphics-devel", "packageFilename": "kdegraphics-devel-3.3.1-15.el4_8.2.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.3.1-15.el4_8.2", "packageName": "kdegraphics", "packageFilename": "kdegraphics-3.3.1-15.el4_8.2.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.3.1-15.el4_8.2", "packageName": "kdegraphics-devel", "packageFilename": "kdegraphics-devel-3.3.1-15.el4_8.2.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.3.1-15.el4_8.2", "packageName": "kdegraphics-devel", "packageFilename": "kdegraphics-devel-3.3.1-15.el4_8.2.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.3.1-15.el4_8.2", "packageName": "kdegraphics", "packageFilename": "kdegraphics-3.3.1-15.el4_8.2.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.3.1-15.el4_8.2", "packageName": "kdegraphics-devel", "packageFilename": "kdegraphics-devel-3.3.1-15.el4_8.2.s390.rpm", "arch": "s390", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.3.1-15.el4_8.2", "packageName": "kdegraphics", "packageFilename": "kdegraphics-3.3.1-15.el4_8.2.s390.rpm", "arch": "s390", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.3.1-15.el4_8.2", "packageName": "kdegraphics-devel", "packageFilename": "kdegraphics-devel-3.3.1-15.el4_8.2.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.3.1-15.el4_8.2", "packageName": "kdegraphics", "packageFilename": "kdegraphics-3.3.1-15.el4_8.2.s390x.rpm", "arch": "s390x", "operator": "lt"}], "description": "The kdegraphics packages contain applications for the K Desktop\nEnvironment, including KPDF, a viewer for Portable Document Format (PDF)\nfiles.\n\nMultiple integer overflow flaws were found in KPDF. An attacker could\ncreate a malicious PDF file that would cause KPDF to crash or, potentially,\nexecute arbitrary code when opened. (CVE-2009-0791, CVE-2009-1188,\nCVE-2009-3604, CVE-2009-3608, CVE-2009-3609)\n\nRed Hat would like to thank Adam Zabrocki for reporting the CVE-2009-3604\nissue, and Chris Rohlf for reporting the CVE-2009-3608 issue.\n\nUsers are advised to upgrade to these updated packages, which contain a\nbackported patch to resolve these issues.", "reporter": "RedHat", "published": "2009-10-15T04:00:00", "type": "redhat", "title": "(RHSA-2009:1512) Important: kdegraphics security update", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-0791", "CVE-2009-1188", "CVE-2009-3604", "CVE-2009-3608", "CVE-2009-3609"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2017-09-08T12:17:50", "id": "RHSA-2009:1512", "href": "https://access.redhat.com/errata/RHSA-2009:1512", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-05-27T21:42:40", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "3", "packageVersion": "2.02-17.el3", "arch": "ppc", "packageName": "xpdf", "packageFilename": "xpdf-2.02-17.el3.ppc.rpm", "operator": "lt"}], "description": "Xpdf is an X Window System based viewer for Portable Document Format (PDF)\nfiles.\n\nMultiple integer overflow flaws were found in Xpdf. An attacker could\ncreate a malicious PDF file that would cause Xpdf to crash or, potentially,\nexecute arbitrary code when opened. (CVE-2009-0791, CVE-2009-3604,\nCVE-2009-3606, CVE-2009-3609)\n\nRed Hat would like to thank Adam Zabrocki for reporting the CVE-2009-3604\nissue.\n\nUsers are advised to upgrade to this updated package, which contains a\nbackported patch to correct these issues.", "reporter": "RedHat", "published": "2009-10-15T04:00:00", "type": "redhat", "title": "(RHSA-2009:1500) Important: xpdf security update", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-0791", "CVE-2009-3604", "CVE-2009-3606", "CVE-2009-3609"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-05-26T04:26:18", "id": "RHSA-2009:1500", "href": "https://access.redhat.com/errata/RHSA-2009:1500", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-09-09T07:19:42", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "packageName": "cups-libs", "packageFilename": "cups-libs-1.3.7-11.el5_4.3.i386.rpm", "arch": "i386", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "packageName": "cups", "packageFilename": "cups-1.3.7-11.el5_4.3.i386.rpm", "arch": "i386", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "packageName": "cups-lpd", "packageFilename": "cups-lpd-1.3.7-11.el5_4.3.i386.rpm", "arch": "i386", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "packageName": "cups", "packageFilename": "cups-1.3.7-11.el5_4.3.src.rpm", "arch": "src", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "packageName": "cups-lpd", "packageFilename": "cups-lpd-1.3.7-11.el5_4.3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "packageName": "cups-libs", "packageFilename": "cups-libs-1.3.7-11.el5_4.3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "packageName": "cups", "packageFilename": "cups-1.3.7-11.el5_4.3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "packageName": "cups-libs", "packageFilename": "cups-libs-1.3.7-11.el5_4.3.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "packageName": "cups-libs", "packageFilename": "cups-libs-1.3.7-11.el5_4.3.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "packageName": "cups-devel", "packageFilename": "cups-devel-1.3.7-11.el5_4.3.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "packageName": "cups-devel", "packageFilename": "cups-devel-1.3.7-11.el5_4.3.ppc64.rpm", "arch": "ppc64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "packageName": "cups", "packageFilename": "cups-1.3.7-11.el5_4.3.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "packageName": "cups-lpd", "packageFilename": "cups-lpd-1.3.7-11.el5_4.3.ppc.rpm", "arch": "ppc", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "packageName": "cups", "packageFilename": "cups-1.3.7-11.el5_4.3.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "packageName": "cups-lpd", "packageFilename": "cups-lpd-1.3.7-11.el5_4.3.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "packageName": "cups-libs", "packageFilename": "cups-libs-1.3.7-11.el5_4.3.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "packageName": "cups-devel", "packageFilename": "cups-devel-1.3.7-11.el5_4.3.s390.rpm", "arch": "s390", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "packageName": "cups-devel", "packageFilename": "cups-devel-1.3.7-11.el5_4.3.s390x.rpm", "arch": "s390x", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "packageName": "cups-libs", "packageFilename": "cups-libs-1.3.7-11.el5_4.3.s390.rpm", "arch": "s390", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "packageName": "cups-devel", "packageFilename": "cups-devel-1.3.7-11.el5_4.3.i386.rpm", "arch": "i386", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "packageName": "cups-devel", "packageFilename": "cups-devel-1.3.7-11.el5_4.3.x86_64.rpm", "arch": "x86_64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "packageName": "cups-lpd", "packageFilename": "cups-lpd-1.3.7-11.el5_4.3.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "packageName": "cups-libs", "packageFilename": "cups-libs-1.3.7-11.el5_4.3.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "packageName": "cups", "packageFilename": "cups-1.3.7-11.el5_4.3.ia64.rpm", "arch": "ia64", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "packageName": "cups-devel", "packageFilename": "cups-devel-1.3.7-11.el5_4.3.ia64.rpm", "arch": "ia64", "operator": "lt"}], "description": "The Common UNIX Printing System (CUPS) provides a portable printing layer\nfor UNIX operating systems. The CUPS \"pdftops\" filter converts Portable\nDocument Format (PDF) files to PostScript.\n\nTwo integer overflow flaws were found in the CUPS \"pdftops\" filter. An\nattacker could create a malicious PDF file that would cause \"pdftops\" to\ncrash or, potentially, execute arbitrary code as the \"lp\" user if the file\nwas printed. (CVE-2009-3608, CVE-2009-3609)\n\nRed Hat would like to thank Chris Rohlf for reporting the CVE-2009-3608\nissue.\n\nUsers of cups are advised to upgrade to these updated packages, which\ncontain a backported patch to correct these issues. After installing the\nupdate, the cupsd daemon will be restarted automatically.", "reporter": "RedHat", "published": "2009-10-15T04:00:00", "type": "redhat", "title": "(RHSA-2009:1513) Moderate: cups security update", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-3608", "CVE-2009-3609"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2017-09-08T12:05:19", "id": "RHSA-2009:1513", "href": "https://access.redhat.com/errata/RHSA-2009:1513", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-09-09T07:20:03", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.1.22-0.rc1.9.32.el4_8.10", "arch": "i386", "packageFilename": "cups-1.1.22-0.rc1.9.32.el4_8.10.i386.rpm", "packageName": "cups", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.1.22-0.rc1.9.32.el4_8.10", "arch": "i386", "packageFilename": "cups-devel-1.1.22-0.rc1.9.32.el4_8.10.i386.rpm", "packageName": "cups-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.1.22-0.rc1.9.32.el4_8.10", "arch": "i386", "packageFilename": "cups-libs-1.1.22-0.rc1.9.32.el4_8.10.i386.rpm", "packageName": "cups-libs", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.1.22-0.rc1.9.32.el4_8.10", "arch": "src", "packageFilename": "cups-1.1.22-0.rc1.9.32.el4_8.10.src.rpm", "packageName": "cups", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.1.22-0.rc1.9.32.el4_8.10", "arch": "ia64", "packageFilename": "cups-1.1.22-0.rc1.9.32.el4_8.10.ia64.rpm", "packageName": "cups", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.1.22-0.rc1.9.32.el4_8.10", "arch": "ia64", "packageFilename": "cups-devel-1.1.22-0.rc1.9.32.el4_8.10.ia64.rpm", "packageName": "cups-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.1.22-0.rc1.9.32.el4_8.10", "arch": "ia64", "packageFilename": "cups-libs-1.1.22-0.rc1.9.32.el4_8.10.ia64.rpm", "packageName": "cups-libs", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.1.22-0.rc1.9.32.el4_8.10", "arch": "x86_64", "packageFilename": "cups-1.1.22-0.rc1.9.32.el4_8.10.x86_64.rpm", "packageName": "cups", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.1.22-0.rc1.9.32.el4_8.10", "arch": "x86_64", "packageFilename": "cups-devel-1.1.22-0.rc1.9.32.el4_8.10.x86_64.rpm", "packageName": "cups-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.1.22-0.rc1.9.32.el4_8.10", "arch": "x86_64", "packageFilename": "cups-libs-1.1.22-0.rc1.9.32.el4_8.10.x86_64.rpm", "packageName": "cups-libs", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.1.22-0.rc1.9.32.el4_8.10", "arch": "ppc", "packageFilename": "cups-1.1.22-0.rc1.9.32.el4_8.10.ppc.rpm", "packageName": "cups", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.1.22-0.rc1.9.32.el4_8.10", "arch": "ppc", "packageFilename": "cups-devel-1.1.22-0.rc1.9.32.el4_8.10.ppc.rpm", "packageName": "cups-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.1.22-0.rc1.9.32.el4_8.10", "arch": "ppc", "packageFilename": "cups-libs-1.1.22-0.rc1.9.32.el4_8.10.ppc.rpm", "packageName": "cups-libs", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.1.22-0.rc1.9.32.el4_8.10", "arch": "ppc64", "packageFilename": "cups-libs-1.1.22-0.rc1.9.32.el4_8.10.ppc64.rpm", "packageName": "cups-libs", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.1.22-0.rc1.9.32.el4_8.10", "arch": "s390", "packageFilename": "cups-1.1.22-0.rc1.9.32.el4_8.10.s390.rpm", "packageName": "cups", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.1.22-0.rc1.9.32.el4_8.10", "arch": "s390", "packageFilename": "cups-devel-1.1.22-0.rc1.9.32.el4_8.10.s390.rpm", "packageName": "cups-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.1.22-0.rc1.9.32.el4_8.10", "arch": "s390", "packageFilename": "cups-libs-1.1.22-0.rc1.9.32.el4_8.10.s390.rpm", "packageName": "cups-libs", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.1.22-0.rc1.9.32.el4_8.10", "arch": "s390x", "packageFilename": "cups-1.1.22-0.rc1.9.32.el4_8.10.s390x.rpm", "packageName": "cups", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.1.22-0.rc1.9.32.el4_8.10", "arch": "s390x", "packageFilename": "cups-devel-1.1.22-0.rc1.9.32.el4_8.10.s390x.rpm", "packageName": "cups-devel", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.1.22-0.rc1.9.32.el4_8.10", "arch": "s390x", "packageFilename": "cups-libs-1.1.22-0.rc1.9.32.el4_8.10.s390x.rpm", "packageName": "cups-libs", "operator": "lt"}], "description": "The Common UNIX Printing System (CUPS) provides a portable printing layer\nfor UNIX operating systems. The CUPS \"pdftops\" filter converts Portable\nDocument Format (PDF) files to PostScript.\n\nMultiple flaws were discovered in the CUPS \"pdftops\" filter. An attacker\ncould create a malicious PDF file that, when printed, would cause \"pdftops\"\nto crash or, potentially, execute arbitrary code as the \"lp\" user.\n(CVE-2010-3702, CVE-2009-3609)\n\nUsers of cups are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing this\nupdate, the cupsd daemon will be restarted automatically.\n", "reporter": "RedHat", "published": "2010-10-07T04:00:00", "type": "redhat", "title": "(RHSA-2010:0755) Important: cups security update", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-3609", "CVE-2010-3702"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2017-09-08T12:17:06", "id": "RHSA-2010:0755", "href": "https://access.redhat.com/errata/RHSA-2010:0755", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:29", "references": ["http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3604", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3607", "https://bugs.gentoo.org/show_bug.cgi?id=263028", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0799", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1183", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1789", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0146", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0166", "https://bugs.gentoo.org/show_bug.cgi?id=352581", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3603", "https://bugs.gentoo.org/show_bug.cgi?id=480366", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0165", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1188", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3608", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3605", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1788", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1790", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4654", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3609", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3702", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3938", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3703", "https://bugs.gentoo.org/show_bug.cgi?id=290430", "https://bugs.gentoo.org/show_bug.cgi?id=290464", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1179", "https://bugs.gentoo.org/show_bug.cgi?id=459866", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2142", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0195", "https://bugs.gentoo.org/show_bug.cgi?id=338878", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1182", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1180", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3704", "https://bugs.gentoo.org/show_bug.cgi?id=308017", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0147", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1187", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4653", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0800", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1181", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3606"], "affectedPackage": [{"OS": "Gentoo", "OSVersion": "any", "packageVersion": "0.22.2-r1", "arch": "all", "packageFilename": "UNKNOWN", "packageName": "app-text/poppler", "operator": "lt"}], "edition": 1, "description": "### Background\n\nPoppler is a cross-platform PDF rendering library originally based on Xpdf. \n\n### Description\n\nMultiple vulnerabilities have been discovered in Poppler. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could entice a user to open a specially crafted PDF file, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Poppler users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-text/poppler-0.22.2-r1\"", "reporter": "Gentoo Foundation", "published": "2013-10-06T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "type": "gentoo", "title": "Poppler: Multiple vulnerabilities", "bulletinFamily": "unix", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-1181", "CVE-2009-3607", "CVE-2009-1188", "CVE-2012-2142", "CVE-2009-1180", "CVE-2009-0195", "CVE-2010-4653", "CVE-2013-1788", "CVE-2009-3606", "CVE-2009-0799", "CVE-2009-1182", "CVE-2013-1790", "CVE-2009-0165", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-0166", "CVE-2013-1789", "CVE-2009-3609", "CVE-2009-3938", "CVE-2009-0147", "CVE-2009-1187", "CVE-2009-1183", "CVE-2010-3704", "CVE-2010-4654", "CVE-2009-0800", "CVE-2009-0146", "CVE-2010-3702", "CVE-2010-3703", "CVE-2009-1179"], "modified": "2013-10-06T00:00:00", "id": "GLSA-201310-03", "href": "https://security.gentoo.org/glsa/201310-03", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}