{"id": "SLACKWARE_SSA_2009-302-01.NASL", "bulletinFamily": "scanner", "title": "Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 9.1 / current : xpdf (SSA:2009-302-01)", "description": "New xpdf packages are available for Slackware 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix security issues.", "published": "2009-10-29T00:00:00", "modified": "2018-06-27T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=42293", "reporter": "Tenable", "references": ["http://www.nessus.org/u?e3495990"], "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-3609"], "type": "nessus", "lastseen": "2018-09-01T23:42:20", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:slackware:slackware_linux:12.0", "cpe:/o:slackware:slackware_linux:12.2", "cpe:/o:slackware:slackware_linux:9.1", "cpe:/o:slackware:slackware_linux:13.0", "cpe:/o:slackware:slackware_linux:10.1", "cpe:/o:slackware:slackware_linux:10.0", "p-cpe:/a:slackware:slackware_linux:xpdf", "cpe:/o:slackware:slackware_linux:11.0", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:10.2", "cpe:/o:slackware:slackware_linux:12.1"], "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-3609"], "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "New xpdf packages are available for Slackware 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix security issues.", "edition": 4, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "f51544fad1720b39c1290bde6d06e8839c8b83e7a1c3ac59d205dcf93b422a52", "hashmap": [{"hash": "3e11a47e08439232f42a209efa61912e", "key": "cvelist"}, {"hash": "3cc2d181271797b9e089ddb7263e0987", "key": "description"}, {"hash": "2076413bdcb42307d016f5286cbae795", "key": "cvss"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "6f1bbf42385776271e2f36360eaf155a", "key": "title"}, {"hash": "dbe8490a2306a688b8e7274f6c4be51c", "key": "references"}, {"hash": "d6f385a9dfc88031692c12fd466b9e10", "key": "href"}, {"hash": "9241135ad5589209cfecf47d77e8289f", "key": "published"}, {"hash": "858e422a528c0b91f6b7e8028a66f82a", "key": "sourceData"}, {"hash": "728473341116a99431f0ee4793831664", "key": "modified"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "72e81de94dfc0373b006ca75e9c851a1", "key": "pluginID"}, {"hash": "43a3ec56ec636b53af6d97a47899295c", "key": "naslFamily"}, {"hash": "50f77a5fc8b1360499ad211f22545dc8", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=42293", "id": "SLACKWARE_SSA_2009-302-01.NASL", "lastseen": "2018-06-29T05:41:41", "modified": "2018-06-27T00:00:00", "naslFamily": "Slackware Local Security Checks", "objectVersion": "1.3", "pluginID": "42293", "published": "2009-10-29T00:00:00", "references": ["http://www.nessus.org/u?e3495990"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2009-302-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(42293);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2018/06/27 18:42:26\");\n\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3605\", \"CVE-2009-3606\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_bugtraq_id(36703);\n script_xref(name:\"SSA\", value:\"2009-302-01\");\n\n script_name(english:\"Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 9.1 / current : xpdf (SSA:2009-302-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New xpdf packages are available for Slackware 9.1, 10.0, 10.1, 10.2,\n11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.585854\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e3495990\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected xpdf package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:xpdf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:11.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:9.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"9.1\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack9.1\")) flag++;\n\nif (slackware_check(osver:\"10.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack10.0\")) flag++;\n\nif (slackware_check(osver:\"10.1\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack10.1\")) flag++;\n\nif (slackware_check(osver:\"10.2\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack10.2\")) flag++;\n\nif (slackware_check(osver:\"11.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack11.0\")) flag++;\n\nif (slackware_check(osver:\"12.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack12.0\")) flag++;\n\nif (slackware_check(osver:\"12.1\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack12.1\")) flag++;\n\nif (slackware_check(osver:\"12.2\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack12.2\")) flag++;\n\nif (slackware_check(osver:\"13.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack13.0\")) flag++;\nif (slackware_check(osver:\"13.0\", arch:\"x86_64\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.0\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 9.1 / current : xpdf (SSA:2009-302-01)", "type": "nessus", "viewCount": 3}, "differentElements": ["cvss"], "edition": 4, "lastseen": "2018-06-29T05:41:41"}, {"bulletin": {"bulletinFamily": "exploit", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-3609"], "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "New xpdf packages are available for Slackware 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix security issues.", "edition": 1, "hash": "881feb458cf91ccb90b247d1e6ad2fc4e68149b3fbd526c0055884b523319a73", "hashmap": [{"hash": "3e11a47e08439232f42a209efa61912e", "key": "cvelist"}, {"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "3cc2d181271797b9e089ddb7263e0987", "key": "description"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "dab2c88dbe46e37b3606fac8b73c9715", "key": "sourceData"}, {"hash": "a33e65a768b0cca01f769a54f9f4ed8b", "key": "cvss"}, {"hash": "6f1bbf42385776271e2f36360eaf155a", "key": "title"}, {"hash": "dbe8490a2306a688b8e7274f6c4be51c", "key": "references"}, {"hash": "d6f385a9dfc88031692c12fd466b9e10", "key": "href"}, {"hash": "9241135ad5589209cfecf47d77e8289f", "key": "published"}, {"hash": "7ffda9669264dbb8d98fe2f4177b79f6", "key": "modified"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "72e81de94dfc0373b006ca75e9c851a1", "key": "pluginID"}, {"hash": "43a3ec56ec636b53af6d97a47899295c", "key": "naslFamily"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=42293", "id": "SLACKWARE_SSA_2009-302-01.NASL", "lastseen": "2016-09-26T17:24:13", "modified": "2013-10-25T00:00:00", "naslFamily": "Slackware Local Security Checks", "objectVersion": "1.2", "pluginID": "42293", "published": "2009-10-29T00:00:00", "references": ["http://www.nessus.org/u?e3495990"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2009-302-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(42293);\n script_version(\"$Revision: 1.12 $\");\n script_cvs_date(\"$Date: 2013/10/25 10:43:06 $\");\n\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3605\", \"CVE-2009-3606\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_bugtraq_id(36703);\n script_osvdb_id(59175, 59176, 59177, 59178, 59179, 59180, 59181, 59182, 59183, 59825);\n script_xref(name:\"SSA\", value:\"2009-302-01\");\n\n script_name(english:\"Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 9.1 / current : xpdf (SSA:2009-302-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New xpdf packages are available for Slackware 9.1, 10.0, 10.1, 10.2,\n11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.585854\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e3495990\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected xpdf package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:xpdf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:11.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:9.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2013 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"9.1\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack9.1\")) flag++;\n\nif (slackware_check(osver:\"10.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack10.0\")) flag++;\n\nif (slackware_check(osver:\"10.1\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack10.1\")) flag++;\n\nif (slackware_check(osver:\"10.2\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack10.2\")) flag++;\n\nif (slackware_check(osver:\"11.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack11.0\")) flag++;\n\nif (slackware_check(osver:\"12.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack12.0\")) flag++;\n\nif (slackware_check(osver:\"12.1\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack12.1\")) flag++;\n\nif (slackware_check(osver:\"12.2\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack12.2\")) flag++;\n\nif (slackware_check(osver:\"13.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack13.0\")) flag++;\nif (slackware_check(osver:\"13.0\", arch:\"x86_64\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.0\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 9.1 / current : xpdf (SSA:2009-302-01)", "type": "nessus", "viewCount": 1}, "differentElements": ["modified", "sourceData"], "edition": 1, "lastseen": "2016-09-26T17:24:13"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-3609"], "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "New xpdf packages are available for Slackware 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix security issues.", "edition": 2, "enchantments": {}, "hash": "5ca10e347aa1ebcd3c13653da1b6faf1e9a92da42eb7faff4767d2bf829382ab", "hashmap": [{"hash": "3e11a47e08439232f42a209efa61912e", "key": "cvelist"}, {"hash": "3cc2d181271797b9e089ddb7263e0987", "key": "description"}, {"hash": "2076413bdcb42307d016f5286cbae795", "key": "cvss"}, {"hash": "4a82993e5bae24a8de850ec42ad6df26", "key": "sourceData"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "6f1bbf42385776271e2f36360eaf155a", "key": "title"}, {"hash": "dbe8490a2306a688b8e7274f6c4be51c", "key": "references"}, {"hash": "3f29908c6bb6f5efaf3e67cda47b94f7", "key": "modified"}, {"hash": "d6f385a9dfc88031692c12fd466b9e10", "key": "href"}, {"hash": "9241135ad5589209cfecf47d77e8289f", "key": "published"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "72e81de94dfc0373b006ca75e9c851a1", "key": "pluginID"}, {"hash": "43a3ec56ec636b53af6d97a47899295c", "key": "naslFamily"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=42293", "id": "SLACKWARE_SSA_2009-302-01.NASL", "lastseen": "2016-12-10T05:35:04", "modified": "2016-12-09T00:00:00", "naslFamily": "Slackware Local Security Checks", "objectVersion": "1.2", "pluginID": "42293", "published": "2009-10-29T00:00:00", "references": ["http://www.nessus.org/u?e3495990"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2009-302-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(42293);\n script_version(\"$Revision: 1.13 $\");\n script_cvs_date(\"$Date: 2016/12/09 20:54:58 $\");\n\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3605\", \"CVE-2009-3606\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_bugtraq_id(36703);\n script_osvdb_id(59175, 59176, 59177, 59178, 59179, 59180, 59181, 59182, 59183, 59825);\n script_xref(name:\"SSA\", value:\"2009-302-01\");\n\n script_name(english:\"Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 9.1 / current : xpdf (SSA:2009-302-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New xpdf packages are available for Slackware 9.1, 10.0, 10.1, 10.2,\n11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.585854\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e3495990\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected xpdf package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:xpdf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:11.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:9.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"9.1\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack9.1\")) flag++;\n\nif (slackware_check(osver:\"10.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack10.0\")) flag++;\n\nif (slackware_check(osver:\"10.1\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack10.1\")) flag++;\n\nif (slackware_check(osver:\"10.2\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack10.2\")) flag++;\n\nif (slackware_check(osver:\"11.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack11.0\")) flag++;\n\nif (slackware_check(osver:\"12.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack12.0\")) flag++;\n\nif (slackware_check(osver:\"12.1\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack12.1\")) flag++;\n\nif (slackware_check(osver:\"12.2\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack12.2\")) flag++;\n\nif (slackware_check(osver:\"13.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack13.0\")) flag++;\nif (slackware_check(osver:\"13.0\", arch:\"x86_64\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.0\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 9.1 / current : xpdf (SSA:2009-302-01)", "type": "nessus", "viewCount": 3}, "differentElements": ["cpe"], "edition": 2, "lastseen": "2016-12-10T05:35:04"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:slackware:slackware_linux:12.0", "cpe:/o:slackware:slackware_linux:12.2", "cpe:/o:slackware:slackware_linux:9.1", "cpe:/o:slackware:slackware_linux:13.0", "cpe:/o:slackware:slackware_linux:10.1", "cpe:/o:slackware:slackware_linux:10.0", "p-cpe:/a:slackware:slackware_linux:xpdf", "cpe:/o:slackware:slackware_linux:11.0", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:10.2", "cpe:/o:slackware:slackware_linux:12.1"], "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-3609"], "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "New xpdf packages are available for Slackware 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix security issues.", "edition": 3, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "9d885e3476c7caa87da6c83dd4abd33769321bc3bd125816e14ac97c6ba5cdbb", "hashmap": [{"hash": "3e11a47e08439232f42a209efa61912e", "key": "cvelist"}, {"hash": "3cc2d181271797b9e089ddb7263e0987", "key": "description"}, {"hash": "2076413bdcb42307d016f5286cbae795", "key": "cvss"}, {"hash": "4a82993e5bae24a8de850ec42ad6df26", "key": "sourceData"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "6f1bbf42385776271e2f36360eaf155a", "key": "title"}, {"hash": "dbe8490a2306a688b8e7274f6c4be51c", "key": "references"}, {"hash": "3f29908c6bb6f5efaf3e67cda47b94f7", "key": "modified"}, {"hash": "d6f385a9dfc88031692c12fd466b9e10", "key": "href"}, {"hash": "9241135ad5589209cfecf47d77e8289f", "key": "published"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "72e81de94dfc0373b006ca75e9c851a1", "key": "pluginID"}, {"hash": "43a3ec56ec636b53af6d97a47899295c", "key": "naslFamily"}, {"hash": "50f77a5fc8b1360499ad211f22545dc8", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=42293", "id": "SLACKWARE_SSA_2009-302-01.NASL", "lastseen": "2017-10-29T13:36:50", "modified": "2016-12-09T00:00:00", "naslFamily": "Slackware Local Security Checks", "objectVersion": "1.3", "pluginID": "42293", "published": "2009-10-29T00:00:00", "references": ["http://www.nessus.org/u?e3495990"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2009-302-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(42293);\n script_version(\"$Revision: 1.13 $\");\n script_cvs_date(\"$Date: 2016/12/09 20:54:58 $\");\n\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3605\", \"CVE-2009-3606\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_bugtraq_id(36703);\n script_osvdb_id(59175, 59176, 59177, 59178, 59179, 59180, 59181, 59182, 59183, 59825);\n script_xref(name:\"SSA\", value:\"2009-302-01\");\n\n script_name(english:\"Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 9.1 / current : xpdf (SSA:2009-302-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New xpdf packages are available for Slackware 9.1, 10.0, 10.1, 10.2,\n11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.585854\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e3495990\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected xpdf package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:xpdf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:11.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:9.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"9.1\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack9.1\")) flag++;\n\nif (slackware_check(osver:\"10.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack10.0\")) flag++;\n\nif (slackware_check(osver:\"10.1\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack10.1\")) flag++;\n\nif (slackware_check(osver:\"10.2\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack10.2\")) flag++;\n\nif (slackware_check(osver:\"11.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack11.0\")) flag++;\n\nif (slackware_check(osver:\"12.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack12.0\")) flag++;\n\nif (slackware_check(osver:\"12.1\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack12.1\")) flag++;\n\nif (slackware_check(osver:\"12.2\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack12.2\")) flag++;\n\nif (slackware_check(osver:\"13.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack13.0\")) flag++;\nif (slackware_check(osver:\"13.0\", arch:\"x86_64\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.0\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 9.1 / current : xpdf (SSA:2009-302-01)", "type": "nessus", "viewCount": 3}, "differentElements": ["modified", "sourceData"], "edition": 3, "lastseen": "2017-10-29T13:36:50"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:slackware:slackware_linux:12.0", "cpe:/o:slackware:slackware_linux:12.2", "cpe:/o:slackware:slackware_linux:9.1", "cpe:/o:slackware:slackware_linux:13.0", "cpe:/o:slackware:slackware_linux:10.1", "cpe:/o:slackware:slackware_linux:10.0", "p-cpe:/a:slackware:slackware_linux:xpdf", "cpe:/o:slackware:slackware_linux:11.0", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:10.2", "cpe:/o:slackware:slackware_linux:12.1"], "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-3609"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "New xpdf packages are available for Slackware 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix security issues.", "edition": 5, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "923689ff7776c6a5495ce8b3eda10de8f6af15c8e57e7e292c356c4e52e1895a", "hashmap": [{"hash": "3e11a47e08439232f42a209efa61912e", "key": "cvelist"}, {"hash": "3cc2d181271797b9e089ddb7263e0987", "key": "description"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "6f1bbf42385776271e2f36360eaf155a", "key": "title"}, {"hash": "dbe8490a2306a688b8e7274f6c4be51c", "key": "references"}, {"hash": "d6f385a9dfc88031692c12fd466b9e10", "key": "href"}, {"hash": "9241135ad5589209cfecf47d77e8289f", "key": "published"}, {"hash": "858e422a528c0b91f6b7e8028a66f82a", "key": "sourceData"}, {"hash": "728473341116a99431f0ee4793831664", "key": "modified"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "72e81de94dfc0373b006ca75e9c851a1", "key": "pluginID"}, {"hash": "43a3ec56ec636b53af6d97a47899295c", "key": "naslFamily"}, {"hash": "50f77a5fc8b1360499ad211f22545dc8", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=42293", "id": "SLACKWARE_SSA_2009-302-01.NASL", "lastseen": "2018-08-30T19:36:50", "modified": "2018-06-27T00:00:00", "naslFamily": "Slackware Local Security Checks", "objectVersion": "1.3", "pluginID": "42293", "published": "2009-10-29T00:00:00", "references": ["http://www.nessus.org/u?e3495990"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2009-302-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(42293);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2018/06/27 18:42:26\");\n\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3605\", \"CVE-2009-3606\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_bugtraq_id(36703);\n script_xref(name:\"SSA\", value:\"2009-302-01\");\n\n script_name(english:\"Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 9.1 / current : xpdf (SSA:2009-302-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New xpdf packages are available for Slackware 9.1, 10.0, 10.1, 10.2,\n11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.585854\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e3495990\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected xpdf package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:xpdf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:11.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:9.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"9.1\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack9.1\")) flag++;\n\nif (slackware_check(osver:\"10.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack10.0\")) flag++;\n\nif (slackware_check(osver:\"10.1\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack10.1\")) flag++;\n\nif (slackware_check(osver:\"10.2\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack10.2\")) flag++;\n\nif (slackware_check(osver:\"11.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack11.0\")) flag++;\n\nif (slackware_check(osver:\"12.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack12.0\")) flag++;\n\nif (slackware_check(osver:\"12.1\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack12.1\")) flag++;\n\nif (slackware_check(osver:\"12.2\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack12.2\")) flag++;\n\nif (slackware_check(osver:\"13.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack13.0\")) flag++;\nif (slackware_check(osver:\"13.0\", arch:\"x86_64\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.0\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 9.1 / current : xpdf (SSA:2009-302-01)", "type": "nessus", "viewCount": 3}, "differentElements": ["cvss"], "edition": 5, "lastseen": "2018-08-30T19:36:50"}], "edition": 6, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "50f77a5fc8b1360499ad211f22545dc8"}, {"key": "cvelist", "hash": "3e11a47e08439232f42a209efa61912e"}, {"key": "cvss", "hash": "2076413bdcb42307d016f5286cbae795"}, {"key": "description", "hash": "3cc2d181271797b9e089ddb7263e0987"}, {"key": "href", "hash": "d6f385a9dfc88031692c12fd466b9e10"}, {"key": "modified", "hash": "728473341116a99431f0ee4793831664"}, {"key": "naslFamily", "hash": "43a3ec56ec636b53af6d97a47899295c"}, {"key": "pluginID", "hash": "72e81de94dfc0373b006ca75e9c851a1"}, {"key": "published", "hash": "9241135ad5589209cfecf47d77e8289f"}, {"key": "references", "hash": "dbe8490a2306a688b8e7274f6c4be51c"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "858e422a528c0b91f6b7e8028a66f82a"}, {"key": "title", "hash": "6f1bbf42385776271e2f36360eaf155a"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "f51544fad1720b39c1290bde6d06e8839c8b83e7a1c3ac59d205dcf93b422a52", "viewCount": 3, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}, "vulnersScore": 5.0}, "objectVersion": "1.3", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2009-302-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(42293);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2018/06/27 18:42:26\");\n\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3605\", \"CVE-2009-3606\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_bugtraq_id(36703);\n script_xref(name:\"SSA\", value:\"2009-302-01\");\n\n script_name(english:\"Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 9.1 / current : xpdf (SSA:2009-302-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New xpdf packages are available for Slackware 9.1, 10.0, 10.1, 10.2,\n11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.585854\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e3495990\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected xpdf package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:xpdf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:11.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:9.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"9.1\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack9.1\")) flag++;\n\nif (slackware_check(osver:\"10.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack10.0\")) flag++;\n\nif (slackware_check(osver:\"10.1\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack10.1\")) flag++;\n\nif (slackware_check(osver:\"10.2\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack10.2\")) flag++;\n\nif (slackware_check(osver:\"11.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack11.0\")) flag++;\n\nif (slackware_check(osver:\"12.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack12.0\")) flag++;\n\nif (slackware_check(osver:\"12.1\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack12.1\")) flag++;\n\nif (slackware_check(osver:\"12.2\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack12.2\")) flag++;\n\nif (slackware_check(osver:\"13.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack13.0\")) flag++;\nif (slackware_check(osver:\"13.0\", arch:\"x86_64\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.0\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "Slackware Local Security Checks", "pluginID": "42293", "cpe": ["cpe:/o:slackware:slackware_linux:12.0", "cpe:/o:slackware:slackware_linux:12.2", "cpe:/o:slackware:slackware_linux:9.1", "cpe:/o:slackware:slackware_linux:13.0", "cpe:/o:slackware:slackware_linux:10.1", "cpe:/o:slackware:slackware_linux:10.0", "p-cpe:/a:slackware:slackware_linux:xpdf", "cpe:/o:slackware:slackware_linux:11.0", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:10.2", "cpe:/o:slackware:slackware_linux:12.1"]}

{"slackware": [{"lastseen": "2018-08-31T02:36:42", "references": [], "affectedPackage": [{"OS": "Slackware", "OSVersion": "10.1", "packageVersion": "3.02pl4", "arch": "i486", "packageFilename": "xpdf-3.02pl4-i486-1_slack10.1.tgz", "packageName": "xpdf", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "12.0", "packageVersion": "3.02pl4", "arch": "i486", "packageFilename": "xpdf-3.02pl4-i486-1_slack12.0.tgz", "packageName": "xpdf", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "10.0", "packageVersion": "3.02pl4", "arch": "i486", "packageFilename": "xpdf-3.02pl4-i486-1_slack10.0.tgz", "packageName": "xpdf", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "12.2", "packageVersion": "3.02pl4", "arch": "i486", "packageFilename": "xpdf-3.02pl4-i486-1_slack12.2.tgz", "packageName": "xpdf", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "12.1", "packageVersion": "3.02pl4", "arch": "i486", "packageFilename": "xpdf-3.02pl4-i486-1_slack12.1.tgz", "packageName": "xpdf", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "13.0", "packageVersion": "3.02pl4", "arch": "x86_64", "packageFilename": "xpdf-3.02pl4-x86_64-1_slack13.0.txz", "packageName": "xpdf", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "13.0", "packageVersion": "3.02pl4", "arch": "i486", "packageFilename": "xpdf-3.02pl4-i486-1_slack13.0.txz", "packageName": "xpdf", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "11.0", "packageVersion": "3.02pl4", "arch": "i486", "packageFilename": "xpdf-3.02pl4-i486-1_slack11.0.tgz", "packageName": "xpdf", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "9.1", "packageVersion": "3.02pl4", "arch": "i486", "packageFilename": "xpdf-3.02pl4-i486-1_slack9.1.tgz", "packageName": "xpdf", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "10.2", "packageVersion": "3.02pl4", "arch": "i486", "packageFilename": "xpdf-3.02pl4-i486-1_slack10.2.tgz", "packageName": "xpdf", "operator": "lt"}], "description": "New xpdf packages are available for Slackware 9.1, 10.0, 10.1, 10.2, 11.0,\n12.0, 12.1, 12.2, 13.0, and -current to fix security issues.\n\nMore details about the issues may be found in the Common\nVulnerabilities and Exposures (CVE) database:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3605\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609\n\n\nHere are the details from the Slackware 13.0 ChangeLog:\n\npatches/packages/xpdf-3.02pl4-i486-1_slack13.0.tgz: Upgraded.\n This update fixes several security issues that could lead to an\n application crash, or execution of arbitrary code.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3605\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609\n (* Security fix *)\n\nWhere to find the new packages:\n\nHINT: Getting slow download speeds from ftp.slackware.com?\nGive slackware.osuosl.org a try. This is another primary FTP site\nfor Slackware that can be considerably faster than downloading\ndirectly from ftp.slackware.com.\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating additional FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the &quot;Get Slack&quot; section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 9.1:\nftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/xpdf-3.02pl4-i486-1_slack9.1.tgz\n\nUpdated package for Slackware 10.0:\nftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/xpdf-3.02pl4-i486-1_slack10.0.tgz\n\nUpdated package for Slackware 10.1:\nftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/xpdf-3.02pl4-i486-1_slack10.1.tgz\n\nUpdated package for Slackware 10.2:\nftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/xpdf-3.02pl4-i486-1_slack10.2.tgz\n\nUpdated package for Slackware 11.0:\nftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/xpdf-3.02pl4-i486-1_slack11.0.tgz\n\nUpdated package for Slackware 12.0:\nftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/xpdf-3.02pl4-i486-1_slack12.0.tgz\n\nUpdated package for Slackware 12.1:\nftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/xpdf-3.02pl4-i486-1_slack12.1.tgz\n\nUpdated package for Slackware 12.2:\nftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/xpdf-3.02pl4-i486-1_slack12.2.tgz\n\nUpdated package for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/xpdf-3.02pl4-i486-1_slack13.0.txz\n\nUpdated package for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/xpdf-3.02pl4-x86_64-1_slack13.0.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/xpdf-3.02pl4-i486-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/xap/xpdf-3.02pl4-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 9.1 package:\nfd58cae84772ed2c03ca720b0a71ef49 xpdf-3.02pl4-i486-1_slack9.1.tgz\n\nSlackware 10.0 package:\n37cf2a9f5c02b6585d622374cd9a8756 xpdf-3.02pl4-i486-1_slack10.0.tgz\n\nSlackware 10.1 package:\na3e2b22532f7a0190782590ee5310b4b xpdf-3.02pl4-i486-1_slack10.1.tgz\n\nSlackware 10.2 package:\n78d27cc6c8a33f21d7e5f21d90aa0c43 xpdf-3.02pl4-i486-1_slack10.2.tgz\n\nSlackware 11.0 package:\nda0134b674360e0509689ad68877a21c xpdf-3.02pl4-i486-1_slack11.0.tgz\n\nSlackware 12.0 package:\ne3a10ebf3f499882a8a364963d6287f9 xpdf-3.02pl4-i486-1_slack12.0.tgz\n\nSlackware 12.1 package:\n83b8a9b89877987c65f9c1bf3a01b321 xpdf-3.02pl4-i486-1_slack12.1.tgz\n\nSlackware 12.2 package:\nddfd41747e7f76e20a8a39911d0080ac xpdf-3.02pl4-i486-1_slack12.2.tgz\n\nSlackware 13.0 package:\n4e42d51c18a7e354e961857096e09140 xpdf-3.02pl4-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 package:\n977dfd83fdb4c1af3d68ffa12c882424 xpdf-3.02pl4-x86_64-1_slack13.0.txz\n\nSlackware -current package:\n3c756246f0db86bea9f9f127f1461e8f xpdf-3.02pl4-i486-1.txz\n\nSlackware x86_64 -current package:\nf8f257349bad0cdf7d0bada5654b0190 xpdf-3.02pl4-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg xpdf-3.02pl4-i486-1_slack13.0.txz", "edition": 3, "reporter": "Slackware Linux Project", "published": "2009-10-28T23:28:02", "title": "xpdf", "type": "slackware", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-3609"], "modified": "2009-10-28T23:28:02", "id": "SSA-2009-302-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.585854", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:37:03", "references": [], "affectedPackage": [{"OS": "Slackware", "OSVersion": "13.0", "packageVersion": "0.10.7", "arch": "x86_64", "packageFilename": "poppler-0.10.7-x86_64-2_slack13.0.txz", "packageName": "poppler", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "13.0", "packageVersion": "0.10.7", "arch": "i486", "packageFilename": "poppler-0.10.7-i486-2_slack13.0.txz", "packageName": "poppler", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "12.1", "packageVersion": "0.6.4", "arch": "i486", "packageFilename": "poppler-0.6.4-i486-2_slack12.1.tgz", "packageName": "poppler", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "12.0", "packageVersion": "0.6.2", "arch": "i486", "packageFilename": "poppler-0.6.2-i486-2_slack12.0.tgz", "packageName": "poppler", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "12.2", "packageVersion": "0.8.5", "arch": "i486", "packageFilename": "poppler-0.8.5-i486-3_slack12.2.tgz", "packageName": "poppler", "operator": "lt"}], "description": "New poppler packages are available for Slackware 12.0, 12.1, 12.2, 13.0,\nand -current to fix security issues.\n\nMore details about this issue may be found in the Common\nVulnerabilities and Exposures (CVE) database:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3605\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609\n\n\nHere are the details from the Slackware 13.0 ChangeLog:\n\npatches/packages/poppler-0.10.7-i486-2_slack13.0.txz: Rebuilt.\n This updated package includes patches based on xpdf 3.02pl4.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3605\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609\n (* Security fix *)\n\nWhere to find the new packages:\n\nHINT: Getting slow download speeds from ftp.slackware.com?\nGive slackware.osuosl.org a try. This is another primary FTP site\nfor Slackware that can be considerably faster than downloading\ndirectly from ftp.slackware.com.\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating additional FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the &quot;Get Slack&quot; section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 12.0:\nftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/poppler-0.6.2-i486-2_slack12.0.tgz\n\nUpdated package for Slackware 12.1:\nftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/poppler-0.6.4-i486-2_slack12.1.tgz\n\nUpdated package for Slackware 12.2:\nftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/poppler-0.8.5-i486-3_slack12.2.tgz\n\nUpdated package for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/poppler-0.10.7-i486-2_slack13.0.txz\n\nUpdated package for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/poppler-0.10.7-x86_64-2_slack13.0.txz\n\nUpdated packages for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/poppler-0.12.1-i486-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/poppler-data-0.3.0-noarch-1.txz\n\nUpdated packages for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/poppler-0.12.1-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/poppler-data-0.3.0-noarch-1.txz\n\n\nMD5 signatures:\n\nSlackware 12.0 package:\nb084a88ec1c9e5f1402fccb897040576 poppler-0.6.2-i486-2_slack12.0.tgz\n\nSlackware 12.1 package:\n090431253d54585f5aa4276521c4ba7e poppler-0.6.4-i486-2_slack12.1.tgz\n\nSlackware 12.2 package:\nf68a76fa4c24a6d2c201734a30d66008 poppler-0.8.5-i486-3_slack12.2.tgz\n\nSlackware 13.0 package:\nb107cf8a1b87cf068567a7523b2ed095 poppler-0.10.7-i486-2_slack13.0.txz\n\nSlackware x86_64 13.0 package:\n00db7f2b403b75c41e9845af9fb5acf9 poppler-0.10.7-x86_64-2_slack13.0.txz\n\nSlackware -current packages:\n44884e2ac09419ef8d3da49b2e754ee8 poppler-0.12.1-i486-1.txz\n6eb0574ab09269d8789c4b64a56d6692 poppler-data-0.3.0-noarch-1.txz\n\nSlackware x86_64 -current packages:\nc90a9e6dfa090c0098ca45e5e14f0892 poppler-0.12.1-x86_64-1.txz\n28ac087f83577b39cbed515e501ee447 poppler-data-0.3.0-noarch-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg poppler-0.10.7-i486-2_slack13.0.txz", "edition": 3, "reporter": "Slackware Linux Project", "published": "2009-10-28T23:28:23", "title": "poppler", "type": "slackware", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-3609"], "modified": "2009-10-28T23:28:23", "id": "SSA-2009-302-02", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.518348", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2018-09-02T00:04:39", "references": ["http://support.novell.com/security/cve/CVE-2009-3603.html", "http://support.novell.com/security/cve/CVE-2009-3604.html", "http://support.novell.com/security/cve/CVE-2009-3606.html", "http://support.novell.com/security/cve/CVE-2009-3605.html", "http://support.novell.com/security/cve/CVE-2009-3608.html", "http://support.novell.com/security/cve/CVE-2009-3609.html"], "pluginID": "49935", "description": "Specially crafted PDF files could cause buffer overflows in xpdf when viewing such a document. (CVE-2009-3603 / CVE-2009-3604 / CVE-2009-3605 / CVE-2009-3606 / CVE-2009-3608 / CVE-2009-3609)", "edition": 5, "reporter": "Tenable", "published": "2010-10-11T00:00:00", "title": "SuSE 10 Security Update : xpdf (ZYPP Patch Number 6560)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-3609"], "modified": "2016-12-22T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_XPDF-6560.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=49935", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(49935);\n script_version (\"$Revision: 1.6 $\");\n script_cvs_date(\"$Date: 2016/12/22 20:42:29 $\");\n\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3605\", \"CVE-2009-3606\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n\n script_name(english:\"SuSE 10 Security Update : xpdf (ZYPP Patch Number 6560)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Specially crafted PDF files could cause buffer overflows in xpdf when\nviewing such a document. (CVE-2009-3603 / CVE-2009-3604 /\nCVE-2009-3605 / CVE-2009-3606 / CVE-2009-3608 / CVE-2009-3609)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3603.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3604.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3605.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3606.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3608.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3609.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 6560.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/10/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2016 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:3, reference:\"xpdf-tools-3.01-21.23.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"xpdf-tools-3.01-21.23.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:57:53", "references": ["http://support.novell.com/security/cve/CVE-2009-3603.html", "http://support.novell.com/security/cve/CVE-2009-3604.html", "http://support.novell.com/security/cve/CVE-2009-3606.html", "http://support.novell.com/security/cve/CVE-2009-3605.html", "http://support.novell.com/security/cve/CVE-2009-3608.html", "http://support.novell.com/security/cve/CVE-2009-3609.html"], "pluginID": "42406", "description": "Specially crafted PDF files could cause buffer overflows in xpdf when viewing such a document. (CVE-2009-3603 / CVE-2009-3604 / CVE-2009-3605 / CVE-2009-3606 / CVE-2009-3608 / CVE-2009-3609)", "edition": 5, "reporter": "Tenable", "published": "2009-11-06T00:00:00", "title": "SuSE 10 Security Update : xpdf (ZYPP Patch Number 6556)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-3609"], "modified": "2016-12-22T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_XPDF-6556.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=42406", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(42406);\n script_version (\"$Revision: 1.10 $\");\n script_cvs_date(\"$Date: 2016/12/22 20:42:29 $\");\n\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3605\", \"CVE-2009-3606\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n\n script_name(english:\"SuSE 10 Security Update : xpdf (ZYPP Patch Number 6556)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Specially crafted PDF files could cause buffer overflows in xpdf when\nviewing such a document. (CVE-2009-3603 / CVE-2009-3604 /\nCVE-2009-3605 / CVE-2009-3606 / CVE-2009-3608 / CVE-2009-3609)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3603.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3604.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3605.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3606.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3608.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-3609.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 6556.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/11/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"xpdf-tools-3.01-21.22.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"xpdf-tools-3.01-21.22.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-02T00:03:36", "references": ["https://bugzilla.novell.com/show_bug.cgi?id=539875", "https://bugzilla.novell.com/show_bug.cgi?id=543410", "https://bugzilla.novell.com/show_bug.cgi?id=534764"], "pluginID": "42417", "description": "Specially crafted PDF files could cause buffer overflows in xpdf when viewing such a document (CVE-2009-3603, CVE-2009-3604, CVE-2009-3605, CVE-2009-3606, CVE-2009-3608, CVE-2009-3609).", "edition": 5, "reporter": "Tenable", "published": "2009-11-09T00:00:00", "title": "openSUSE Security Update : xpdf (xpdf-1397)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-3609"], "modified": "2016-12-21T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:xpdf-tools", "cpe:/o:novell:opensuse:11.0", "p-cpe:/a:novell:opensuse:xpdf"], "id": "SUSE_11_0_XPDF-091023.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=42417", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update xpdf-1397.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(42417);\n script_version(\"$Revision: 1.9 $\");\n script_cvs_date(\"$Date: 2016/12/21 20:09:51 $\");\n\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3605\", \"CVE-2009-3606\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n\n script_name(english:\"openSUSE Security Update : xpdf (xpdf-1397)\");\n script_summary(english:\"Check for the xpdf-1397 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Specially crafted PDF files could cause buffer overflows in xpdf when\nviewing such a document (CVE-2009-3603, CVE-2009-3604, CVE-2009-3605,\nCVE-2009-3606, CVE-2009-3608, CVE-2009-3609).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=534764\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=539875\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=543410\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected xpdf packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xpdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xpdf-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/11/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"xpdf-3.02-95.9\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"xpdf-tools-3.02-95.9\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xpdf / xpdf-tools\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:53:09", "references": ["https://bugzilla.novell.com/show_bug.cgi?id=539875", "https://bugzilla.novell.com/show_bug.cgi?id=543410", "https://bugzilla.novell.com/show_bug.cgi?id=534764"], "pluginID": "42419", "description": "Specially crafted PDF files could cause buffer overflows in xpdf when viewing such a document (CVE-2009-3603, CVE-2009-3604, CVE-2009-3605, CVE-2009-3606, CVE-2009-3608, CVE-2009-3609).", "edition": 5, "reporter": "Tenable", "published": "2009-11-09T00:00:00", "title": "openSUSE Security Update : xpdf (xpdf-1397)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-3609"], "modified": "2016-12-21T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:xpdf-tools", "cpe:/o:novell:opensuse:11.1", "p-cpe:/a:novell:opensuse:xpdf"], "id": "SUSE_11_1_XPDF-091024.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=42419", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update xpdf-1397.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(42419);\n script_version(\"$Revision: 1.9 $\");\n script_cvs_date(\"$Date: 2016/12/21 20:21:19 $\");\n\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3605\", \"CVE-2009-3606\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n\n script_name(english:\"openSUSE Security Update : xpdf (xpdf-1397)\");\n script_summary(english:\"Check for the xpdf-1397 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Specially crafted PDF files could cause buffer overflows in xpdf when\nviewing such a document (CVE-2009-3603, CVE-2009-3604, CVE-2009-3605,\nCVE-2009-3606, CVE-2009-3608, CVE-2009-3609).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=534764\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=539875\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=543410\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected xpdf packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xpdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xpdf-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/11/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"xpdf-3.02-97.81.3\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"xpdf-tools-3.02-97.81.3\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xpdf / xpdf-tools\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:42:43", "references": [], "pluginID": "42422", "description": "Specially crafted PDF files could cause buffer overflows in xpdf when viewing such a document (CVE-2009-3603, CVE-2009-3604, CVE-2009-3605, CVE-2009-3606, CVE-2009-3608, CVE-2009-3609).", "edition": 5, "reporter": "Tenable", "published": "2009-11-09T00:00:00", "title": "openSUSE 10 Security Update : xpdf (xpdf-6558)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-3609"], "modified": "2016-12-22T00:00:00", "cpe": ["cpe:/o:novell:opensuse:10.3", "p-cpe:/a:novell:opensuse:xpdf-tools", "p-cpe:/a:novell:opensuse:xpdf"], "id": "SUSE_XPDF-6558.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=42422", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update xpdf-6558.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(42422);\n script_version (\"$Revision: 1.7 $\");\n script_cvs_date(\"$Date: 2016/12/22 20:42:29 $\");\n\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3605\", \"CVE-2009-3606\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n\n script_name(english:\"openSUSE 10 Security Update : xpdf (xpdf-6558)\");\n script_summary(english:\"Check for the xpdf-6558 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Specially crafted PDF files could cause buffer overflows in xpdf when\nviewing such a document (CVE-2009-3603, CVE-2009-3604, CVE-2009-3605,\nCVE-2009-3606, CVE-2009-3608, CVE-2009-3609).\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected xpdf packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xpdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xpdf-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/11/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.3\", reference:\"xpdf-3.02-19.13\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"xpdf-tools-3.02-19.13\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xpdf / xpdf-tools\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:56:37", "references": ["http://www.nessus.org/u?dba4f1ad"], "pluginID": "42294", "description": "New poppler packages are available for Slackware 12.0, 12.1, 12.2, 13.0, and -current to fix security issues.", "edition": 5, "reporter": "Tenable", "published": "2009-10-29T00:00:00", "title": "Slackware 12.0 / 12.1 / 12.2 / 13.0 / current : poppler (SSA:2009-302-02)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Slackware Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-3609"], "modified": "2016-12-09T00:00:00", "cpe": ["cpe:/o:slackware:slackware_linux:12.0", "p-cpe:/a:slackware:slackware_linux:poppler", "cpe:/o:slackware:slackware_linux:12.2", "cpe:/o:slackware:slackware_linux:13.0", "cpe:/o:slackware:slackware_linux", "p-cpe:/a:slackware:slackware_linux:poppler-data", "cpe:/o:slackware:slackware_linux:12.1"], "id": "SLACKWARE_SSA_2009-302-02.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=42294", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2009-302-02. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(42294);\n script_version(\"$Revision: 1.12 $\");\n script_cvs_date(\"$Date: 2016/12/09 20:54:58 $\");\n\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3605\", \"CVE-2009-3606\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_bugtraq_id(36703);\n script_xref(name:\"SSA\", value:\"2009-302-02\");\n\n script_name(english:\"Slackware 12.0 / 12.1 / 12.2 / 13.0 / current : poppler (SSA:2009-302-02)\");\n script_summary(english:\"Checks for updated packages in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New poppler packages are available for Slackware 12.0, 12.1, 12.2,\n13.0, and -current to fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.518348\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?dba4f1ad\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected poppler and / or poppler-data packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:poppler\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:poppler-data\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"12.0\", pkgname:\"poppler\", pkgver:\"0.6.2\", pkgarch:\"i486\", pkgnum:\"2_slack12.0\")) flag++;\n\nif (slackware_check(osver:\"12.1\", pkgname:\"poppler\", pkgver:\"0.6.4\", pkgarch:\"i486\", pkgnum:\"2_slack12.1\")) flag++;\n\nif (slackware_check(osver:\"12.2\", pkgname:\"poppler\", pkgver:\"0.8.5\", pkgarch:\"i486\", pkgnum:\"3_slack12.2\")) flag++;\n\nif (slackware_check(osver:\"13.0\", pkgname:\"poppler\", pkgver:\"0.10.7\", pkgarch:\"i486\", pkgnum:\"2_slack13.0\")) flag++;\nif (slackware_check(osver:\"13.0\", arch:\"x86_64\", pkgname:\"poppler\", pkgver:\"0.10.7\", pkgarch:\"x86_64\", pkgnum:\"2_slack13.0\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"poppler\", pkgver:\"0.12.1\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", pkgname:\"poppler-data\", pkgver:\"0.3.0\", pkgarch:\"noarch\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"poppler\", pkgver:\"0.12.1\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"poppler-data\", pkgver:\"0.3.0\", pkgarch:\"noarch\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:41:22", "references": [], "pluginID": "42215", "description": "Multiple vulnerabilities has been found and corrected in xpdf :\n\nInteger overflow in the SplashBitmap::SplashBitmap function in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1 might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third-party information. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2009-1188 (CVE-2009-3603).\n\nThe Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before 3.02pl4, and Poppler 0.x, as used in GPdf and kdegraphics KPDF, does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document that triggers a NULL pointer dereference or a heap-based buffer overflow (CVE-2009-3604).\n\nInteger overflow in the PSOutputDev::doImageL1Sep function in Xpdf before 3.02pl4, and Poppler 0.x, as used in kdegraphics KPDF, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow (CVE-2009-3606).\n\nInteger overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow (CVE-2009-3608).\n\nInteger overflow in the ImageStream::ImageStream function in Stream.cc in Xpdf before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, and CUPS pdftops, allows remote attackers to cause a denial of service (application crash) via a crafted PDF document that triggers a NULL pointer dereference or buffer over-read (CVE-2009-3609).\n\nThis update fixes these vulnerabilities.\n\nUpdate :\n\nPackages for 2008.0 are provided for Corporate Desktop 2008.0 customers", "edition": 6, "reporter": "Tenable", "published": "2009-10-23T00:00:00", "title": "Mandriva Linux Security Advisory : xpdf (MDVSA-2009:287-1)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "naslFamily": "Mandriva Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3609"], "modified": "2018-07-19T00:00:00", "cpe": ["cpe:/o:mandriva:linux:2008.0", "p-cpe:/a:mandriva:linux:xpdf-tools", "p-cpe:/a:mandriva:linux:xpdf", "p-cpe:/a:mandriva:linux:xpdf-common"], "id": "MANDRIVA_MDVSA-2009-287.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=42215", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2009:287. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(42215);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2018/07/19 20:59:16\");\n\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3606\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_bugtraq_id(36703);\n script_xref(name:\"MDVSA\", value:\"2009:287-1\");\n\n script_name(english:\"Mandriva Linux Security Advisory : xpdf (MDVSA-2009:287-1)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities has been found and corrected in xpdf :\n\nInteger overflow in the SplashBitmap::SplashBitmap function in Xpdf\n3.x before 3.02pl4 and Poppler before 0.12.1 might allow remote\nattackers to execute arbitrary code via a crafted PDF document that\ntriggers a heap-based buffer overflow. NOTE: some of these details are\nobtained from third-party information. NOTE: this issue reportedly\nexists because of an incomplete fix for CVE-2009-1188 (CVE-2009-3603).\n\nThe Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before\n3.02pl4, and Poppler 0.x, as used in GPdf and kdegraphics KPDF, does\nnot properly allocate memory, which allows remote attackers to cause a\ndenial of service (application crash) or possibly execute arbitrary\ncode via a crafted PDF document that triggers a NULL pointer\ndereference or a heap-based buffer overflow (CVE-2009-3604).\n\nInteger overflow in the PSOutputDev::doImageL1Sep function in Xpdf\nbefore 3.02pl4, and Poppler 0.x, as used in kdegraphics KPDF, might\nallow remote attackers to execute arbitrary code via a crafted PDF\ndocument that triggers a heap-based buffer overflow (CVE-2009-3606).\n\nInteger overflow in the ObjectStream::ObjectStream function in XRef.cc\nin Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf,\nkdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote\nattackers to execute arbitrary code via a crafted PDF document that\ntriggers a heap-based buffer overflow (CVE-2009-3608).\n\nInteger overflow in the ImageStream::ImageStream function in Stream.cc\nin Xpdf before 3.02pl4 and Poppler before 0.12.1, as used in GPdf,\nkdegraphics KPDF, and CUPS pdftops, allows remote attackers to cause a\ndenial of service (application crash) via a crafted PDF document that\ntriggers a NULL pointer dereference or buffer over-read\n(CVE-2009-3609).\n\nThis update fixes these vulnerabilities.\n\nUpdate :\n\nPackages for 2008.0 are provided for Corporate Desktop 2008.0\ncustomers\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected xpdf, xpdf-common and / or xpdf-tools packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:xpdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:xpdf-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:xpdf-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/12/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2008.0\", reference:\"xpdf-3.02-8.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"xpdf-common-3.02-8.3mdv2008.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2008.0\", reference:\"xpdf-tools-3.02-8.3mdv2008.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-02T00:06:15", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=495907", "https://bugzilla.redhat.com/show_bug.cgi?id=526637", "http://www.nessus.org/u?19943eef", "https://bugzilla.redhat.com/show_bug.cgi?id=526911", "https://bugzilla.redhat.com/show_bug.cgi?id=526893", "https://bugzilla.redhat.com/show_bug.cgi?id=526877"], "pluginID": "47272", "description": "Add patch from upstream to fix several security issues in xpdf code:\nCVE-2009-1188/CVE-2009-3603, CVE-2009-3604, CVE-2009-3606, CVE-2009-3608, CVE-2009-3609\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 5, "reporter": "Tenable", "published": "2010-07-01T00:00:00", "title": "Fedora 13 : pdfedit-0.4.3-4.fc13 (2010-1805)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-1188", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3609"], "modified": "2016-12-08T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:pdfedit", "cpe:/o:fedoraproject:fedora:13"], "id": "FEDORA_2010-1805.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=47272", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-1805.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(47272);\n script_version(\"$Revision: 1.11 $\");\n script_cvs_date(\"$Date: 2016/12/08 20:31:53 $\");\n\n script_cve_id(\"CVE-2009-1188\", \"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3606\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_bugtraq_id(34568, 36703);\n script_xref(name:\"FEDORA\", value:\"2010-1805\");\n\n script_name(english:\"Fedora 13 : pdfedit-0.4.3-4.fc13 (2010-1805)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Add patch from upstream to fix several security issues in xpdf code:\nCVE-2009-1188/CVE-2009-3603, CVE-2009-3604, CVE-2009-3606,\nCVE-2009-3608, CVE-2009-3609\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=495907\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=526637\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=526877\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=526893\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=526911\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?19943eef\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected pdfedit package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:pdfedit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:13\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/02/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/07/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^13([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 13.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC13\", reference:\"pdfedit-0.4.3-4.fc13\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pdfedit\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-11-11T12:47:46", "references": ["https://security-tracker.debian.org/tracker/CVE-2009-3608", "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551287", "https://security-tracker.debian.org/tracker/CVE-2009-3606", "https://security-tracker.debian.org/tracker/CVE-2009-3604", "https://security-tracker.debian.org/tracker/CVE-2009-3603", "https://security-tracker.debian.org/tracker/CVE-2009-1188", "https://security-tracker.debian.org/tracker/CVE-2009-3609", "https://www.debian.org/security/2010/dsa-2028"], "pluginID": "45427", "description": "Several vulnerabilities have been identified in xpdf, a suite of tools for viewing and converting Portable Document Format (PDF) files.\n\nThe Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2009-1188 and CVE-2009-3603 Integer overflow in SplashBitmap::SplashBitmap which might allow remote attackers to execute arbitrary code or an application crash via a crafted PDF document.\n\n - CVE-2009-3604 NULL pointer dereference or heap-based buffer overflow in Splash::drawImage which might allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document.\n\n - CVE-2009-3606 Integer overflow in the PSOutputDev::doImageL1Sep which might allow remote attackers to execute arbitrary code via a crafted PDF document.\n\n - CVE-2009-3608 Integer overflow in the ObjectStream::ObjectStream which might allow remote attackers to execute arbitrary code via a crafted PDF document.\n\n - CVE-2009-3609 Integer overflow in the ImageStream::ImageStream which might allow remote attackers to cause a denial of service via a crafted PDF document.", "edition": 8, "reporter": "Tenable", "published": "2010-04-06T00:00:00", "title": "Debian DSA-2028-1 : xpdf - multiple vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-1188", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3609"], "modified": "2018-11-10T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:5.0", "p-cpe:/a:debian:debian_linux:xpdf"], "id": "DEBIAN_DSA-2028.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=45427", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2028. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(45427);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2018/11/10 11:49:34\");\n\n script_cve_id(\"CVE-2009-1188\", \"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3606\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_bugtraq_id(34568, 36703);\n script_xref(name:\"DSA\", value:\"2028\");\n\n script_name(english:\"Debian DSA-2028-1 : xpdf - multiple vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been identified in xpdf, a suite of tools\nfor viewing and converting Portable Document Format (PDF) files.\n\nThe Common Vulnerabilities and Exposures project identifies the\nfollowing problems :\n\n - CVE-2009-1188 and CVE-2009-3603\n Integer overflow in SplashBitmap::SplashBitmap which\n might allow remote attackers to execute arbitrary code\n or an application crash via a crafted PDF document.\n\n - CVE-2009-3604\n NULL pointer dereference or heap-based buffer overflow\n in Splash::drawImage which might allow remote attackers\n to cause a denial of service (application crash) or\n possibly execute arbitrary code via a crafted PDF\n document.\n\n - CVE-2009-3606\n Integer overflow in the PSOutputDev::doImageL1Sep which\n might allow remote attackers to execute arbitrary code\n via a crafted PDF document.\n\n - CVE-2009-3608\n Integer overflow in the ObjectStream::ObjectStream which\n might allow remote attackers to execute arbitrary code\n via a crafted PDF document.\n\n - CVE-2009-3609\n Integer overflow in the ImageStream::ImageStream which\n might allow remote attackers to cause a denial of\n service via a crafted PDF document.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551287\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1188\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-3603\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-3604\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-3606\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-3608\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-3609\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2010/dsa-2028\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"For the stable distribution (lenny), this problem has been fixed in\nversion 3.02-1.4+lenny2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xpdf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/04/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/04/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"xpdf\", reference:\"3.02-1.4+lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"xpdf-common\", reference:\"3.02-1.4+lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"xpdf-reader\", reference:\"3.02-1.4+lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"xpdf-utils\", reference:\"3.02-1.4+lenny2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-02T00:08:45", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=526924", "https://bugzilla.redhat.com/show_bug.cgi?id=526637", "https://bugzilla.redhat.com/show_bug.cgi?id=526915", "http://www.nessus.org/u?40b9b183", "https://bugzilla.redhat.com/show_bug.cgi?id=526911", "https://bugzilla.redhat.com/show_bug.cgi?id=526893", "https://bugzilla.redhat.com/show_bug.cgi?id=526877"], "pluginID": "42280", "description": "This build addresses several recent security issues.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 5, "reporter": "Tenable", "published": "2009-10-28T00:00:00", "title": "Fedora 11 : poppler-0.10.7-3.fc11 (2009-10845)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3607", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3609"], "modified": "2016-12-08T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:poppler", "cpe:/o:fedoraproject:fedora:11"], "id": "FEDORA_2009-10845.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=42280", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-10845.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(42280);\n script_version(\"$Revision: 1.12 $\");\n script_cvs_date(\"$Date: 2016/12/08 20:21:54 $\");\n\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3606\", \"CVE-2009-3607\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_bugtraq_id(36703, 36718);\n script_xref(name:\"FEDORA\", value:\"2009-10845\");\n\n script_name(english:\"Fedora 11 : poppler-0.10.7-3.fc11 (2009-10845)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This build addresses several recent security issues.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=526637\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=526877\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=526893\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=526911\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=526915\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=526924\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-October/030415.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?40b9b183\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected poppler package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:poppler\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^11([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 11.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC11\", reference:\"poppler-0.10.7-3.fc11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"poppler\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2018-04-06T11:39:43", "references": [], "pluginID": "136141256231066234", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n xpdf-tools\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "edition": 1, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-11-11T00:00:00", "title": "SLES10: Security update for xpdf", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-3609"], "modified": "2018-04-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066234", "id": "OPENVAS:136141256231066234", "sourceData": "#\n#VID slesp2-xpdf-6556\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for xpdf\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n xpdf-tools\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66234\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-11 15:56:44 +0100 (Wed, 11 Nov 2009)\");\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3605\", \"CVE-2009-3606\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES10: Security update for xpdf\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"xpdf-tools\", rpm:\"xpdf-tools~3.01~21.22.2\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:56:01", "references": [], "pluginID": "66234", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n xpdf-tools\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "edition": 2, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-11-11T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "SLES10: Security update for xpdf", "type": "openvas", "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-3609"], "modified": "2017-07-11T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=66234", "id": "OPENVAS:66234", "sourceData": "#\n#VID slesp2-xpdf-6556\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for xpdf\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n xpdf-tools\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_id(66234);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-11-11 15:56:44 +0100 (Wed, 11 Nov 2009)\");\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3605\", \"CVE-2009-3606\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES10: Security update for xpdf\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"xpdf-tools\", rpm:\"xpdf-tools~3.01~21.22.2\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:35", "references": [], "pluginID": "66151", "description": "The remote host is missing an update as announced\nvia advisory SSA:2009-302-01.", "edition": 2, "reporter": "Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com", "published": "2012-09-11T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "Slackware Advisory SSA:2009-302-01 xpdf ", "type": "openvas", "naslFamily": "Slackware Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-3609"], "modified": "2017-07-07T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=66151", "id": "OPENVAS:66151", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2009_302_01.nasl 6598 2017-07-07 09:36:44Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"New xpdf packages are available for Slackware 9.1, 10.0, 10.1, 10.2, 11.0,\n12.0, 12.1, 12.2, 13.0, and -current to fix security issues.\";\ntag_summary = \"The remote host is missing an update as announced\nvia advisory SSA:2009-302-01.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2009-302-01\";\n \nif(description)\n{\n script_id(66151);\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:36:44 +0200 (Fri, 07 Jul 2017) $\");\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3605\", \"CVE-2009-3606\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_version(\"$Revision: 6598 $\");\n script_name(\"Slackware Advisory SSA:2009-302-01 xpdf \");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-slack.inc\");\nvuln = 0;\nif(isslkpkgvuln(pkg:\"xpdf\", ver:\"3.02pl4-i486-1_slack9.1\", rls:\"SLK9.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"xpdf\", ver:\"3.02pl4-i486-1_slack10.0\", rls:\"SLK10.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"xpdf\", ver:\"3.02pl4-i486-1_slack10.1\", rls:\"SLK10.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"xpdf\", ver:\"3.02pl4-i486-1_slack10.2\", rls:\"SLK10.2\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"xpdf\", ver:\"3.02pl4-i486-1_slack11.0\", rls:\"SLK11.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"xpdf\", ver:\"3.02pl4-i486-1_slack12.0\", rls:\"SLK12.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"xpdf\", ver:\"3.02pl4-i486-1_slack12.1\", rls:\"SLK12.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"xpdf\", ver:\"3.02pl4-i486-1_slack12.2\", rls:\"SLK12.2\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"xpdf\", ver:\"3.02pl4-i486-1_slack13.0\", rls:\"SLK13.0\")) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:48", "references": [], "pluginID": "66150", "description": "The remote host is missing an update as announced\nvia advisory SSA:2009-302-02.", "edition": 2, "reporter": "Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com", "published": "2012-09-11T00:00:00", "title": "Slackware Advisory SSA:2009-302-02 poppler ", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Slackware Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-3609"], "modified": "2017-07-07T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=66150", "id": "OPENVAS:66150", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2009_302_02.nasl 6598 2017-07-07 09:36:44Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"New poppler packages are available for Slackware 12.0, 12.1, 12.2, 13.0,\nand -current to fix security issues.\";\ntag_summary = \"The remote host is missing an update as announced\nvia advisory SSA:2009-302-02.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2009-302-02\";\n \nif(description)\n{\n script_id(66150);\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:36:44 +0200 (Fri, 07 Jul 2017) $\");\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3605\", \"CVE-2009-3606\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_version(\"$Revision: 6598 $\");\n script_name(\"Slackware Advisory SSA:2009-302-02 poppler \");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-slack.inc\");\nvuln = 0;\nif(isslkpkgvuln(pkg:\"poppler\", ver:\"0.6.2-i486-2_slack12.0\", rls:\"SLK12.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"poppler\", ver:\"0.6.4-i486-2_slack12.1\", rls:\"SLK12.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"poppler\", ver:\"0.8.5-i486-3_slack12.2\", rls:\"SLK12.2\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"poppler\", ver:\"0.10.7-i486-2_slack13.0\", rls:\"SLK13.0\")) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-02T00:00:20", "references": [], "pluginID": "136141256231066151", "description": "The remote host is missing an update as announced\nvia advisory SSA:2009-302-01.", "edition": 3, "reporter": "Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com", "published": "2012-09-11T00:00:00", "title": "Slackware Advisory SSA:2009-302-01 xpdf ", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Slackware Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-3609"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231066151", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066151", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2009_302_01.nasl 9352 2018-04-06 07:13:02Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"New xpdf packages are available for Slackware 9.1, 10.0, 10.1, 10.2, 11.0,\n12.0, 12.1, 12.2, 13.0, and -current to fix security issues.\";\ntag_summary = \"The remote host is missing an update as announced\nvia advisory SSA:2009-302-01.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2009-302-01\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66151\");\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:13:02 +0200 (Fri, 06 Apr 2018) $\");\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3605\", \"CVE-2009-3606\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_version(\"$Revision: 9352 $\");\n script_name(\"Slackware Advisory SSA:2009-302-01 xpdf \");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-slack.inc\");\nvuln = 0;\nif(isslkpkgvuln(pkg:\"xpdf\", ver:\"3.02pl4-i486-1_slack9.1\", rls:\"SLK9.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"xpdf\", ver:\"3.02pl4-i486-1_slack10.0\", rls:\"SLK10.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"xpdf\", ver:\"3.02pl4-i486-1_slack10.1\", rls:\"SLK10.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"xpdf\", ver:\"3.02pl4-i486-1_slack10.2\", rls:\"SLK10.2\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"xpdf\", ver:\"3.02pl4-i486-1_slack11.0\", rls:\"SLK11.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"xpdf\", ver:\"3.02pl4-i486-1_slack12.0\", rls:\"SLK12.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"xpdf\", ver:\"3.02pl4-i486-1_slack12.1\", rls:\"SLK12.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"xpdf\", ver:\"3.02pl4-i486-1_slack12.2\", rls:\"SLK12.2\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"xpdf\", ver:\"3.02pl4-i486-1_slack13.0\", rls:\"SLK13.0\")) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-02T00:02:23", "references": [], "pluginID": "136141256231066150", "description": "The remote host is missing an update as announced\nvia advisory SSA:2009-302-02.", "edition": 3, "reporter": "Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com", "published": "2012-09-11T00:00:00", "title": "Slackware Advisory SSA:2009-302-02 poppler ", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Slackware Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-3609"], "modified": "2018-02-03T00:00:00", "id": "OPENVAS:136141256231066150", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066150", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2009_302_02.nasl 8649 2018-02-03 12:16:43Z teissa $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"New poppler packages are available for Slackware 12.0, 12.1, 12.2, 13.0,\nand -current to fix security issues.\";\ntag_summary = \"The remote host is missing an update as announced\nvia advisory SSA:2009-302-02.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2009-302-02\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66150\");\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-02-03 13:16:43 +0100 (Sat, 03 Feb 2018) $\");\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3605\", \"CVE-2009-3606\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_version(\"$Revision: 8649 $\");\n script_name(\"Slackware Advisory SSA:2009-302-02 poppler \");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-slack.inc\");\nvuln = 0;\nif(isslkpkgvuln(pkg:\"poppler\", ver:\"0.6.2-i486-2_slack12.0\", rls:\"SLK12.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"poppler\", ver:\"0.6.4-i486-2_slack12.1\", rls:\"SLK12.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"poppler\", ver:\"0.8.5-i486-3_slack12.2\", rls:\"SLK12.2\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"poppler\", ver:\"0.10.7-i486-2_slack13.0\", rls:\"SLK13.0\")) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-02T10:54:52", "references": ["http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html", "2010-1842"], "pluginID": "1361412562310861624", "description": "Check for the Version of pdfedit", "edition": 1, "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "published": "2010-03-02T00:00:00", "title": "Fedora Update for pdfedit FEDORA-2010-1842", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-1188", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3609"], "modified": "2017-12-27T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310861624", "id": "OPENVAS:1361412562310861624", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for pdfedit FEDORA-2010-1842\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"pdfedit on Fedora 11\";\ntag_insight = \"Free pdf editing using PdfEdit. Complete editing of pdf documents is made\n possible with PDFedit. You can change either raw pdf objects (for advanced\n users) or use predefined gui functions. Functions can be easily added as\n everything is based on a script.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.861624\");\n script_version(\"$Revision: 8250 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-27 08:29:15 +0100 (Wed, 27 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-03-02 08:38:02 +0100 (Tue, 02 Mar 2010)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-1842\");\n script_cve_id(\"CVE-2009-1188\", \"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3606\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_name(\"Fedora Update for pdfedit FEDORA-2010-1842\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of pdfedit\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC11\")\n{\n\n if ((res = isrpmvuln(pkg:\"pdfedit\", rpm:\"pdfedit~0.4.3~4.fc11\", rls:\"FC11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:49:03", "references": [], "pluginID": "67403", "description": "The remote host is missing an update to kdegraphics\nannounced via advisory DSA 2050-1.", "edition": 2, "reporter": "Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com", "published": "2010-06-03T00:00:00", "title": "Debian Security Advisory DSA 2050-1 (kdegraphics)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-1188", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3609"], "modified": "2017-07-07T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=67403", "id": "OPENVAS:67403", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2050_1.nasl 6614 2017-07-07 12:09:12Z cfischer $\n# Description: Auto-generated from advisory DSA 2050-1 (kdegraphics)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several local vulnerabilities have been discovered in KPDF, a PDF viewer\nfor KDE, which allow the execution of arbitrary code or denial of\nservice if a user is tricked into opening a crafted PDF document.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 4:3.5.9-3+lenny3.\n\nThe unstable distribution (sid) no longer contains kpdf. It's replacement,\nOkular, links against the poppler PDF library.\n\nWe recommend that you upgrade your kdegraphics packages.\";\ntag_summary = \"The remote host is missing an update to kdegraphics\nannounced via advisory DSA 2050-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202050-1\";\n\n\nif(description)\n{\n script_id(67403);\n script_version(\"$Revision: 6614 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:09:12 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-06-03 22:55:24 +0200 (Thu, 03 Jun 2010)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2009-1188\", \"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3606\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_name(\"Debian Security Advisory DSA 2050-1 (kdegraphics)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"kdegraphics\", ver:\"3.5.9-3+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kdegraphics-doc-html\", ver:\"3.5.9-3+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ksvg\", ver:\"3.5.9-3+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kuickshow\", ver:\"3.5.9-3+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kpovmodeler\", ver:\"3.5.9-3+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kdegraphics-kfile-plugins\", ver:\"3.5.9-3+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kruler\", ver:\"3.5.9-3+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kfax\", ver:\"3.5.9-3+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kolourpaint\", ver:\"3.5.9-3+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kghostview\", ver:\"3.5.9-3+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kfaxview\", ver:\"3.5.9-3+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kview\", ver:\"3.5.9-3+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kdvi\", ver:\"3.5.9-3+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kcoloredit\", ver:\"3.5.9-3+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kooka\", ver:\"3.5.9-3+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kviewshell\", ver:\"3.5.9-3+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkscan-dev\", ver:\"3.5.9-3+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kgamma\", ver:\"3.5.9-3+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkscan1\", ver:\"3.5.9-3+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ksnapshot\", ver:\"3.5.9-3+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kmrml\", ver:\"3.5.9-3+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kdegraphics-dbg\", ver:\"3.5.9-3+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kiconedit\", ver:\"3.5.9-3+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kamera\", ver:\"3.5.9-3+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kpdf\", ver:\"3.5.9-3+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kdegraphics-dev\", ver:\"3.5.9-3+lenny3\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-02T10:54:08", "references": ["2010-1377", "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html"], "pluginID": "861687", "description": "Check for the Version of pdfedit", "edition": 3, "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "published": "2010-03-02T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "Fedora Update for pdfedit FEDORA-2010-1377", "type": "openvas", "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-1188", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3609"], "modified": "2017-12-22T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=861687", "id": "OPENVAS:861687", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for pdfedit FEDORA-2010-1377\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"pdfedit on Fedora 12\";\ntag_insight = \"Free pdf editing using PdfEdit. Complete editing of pdf documents is made\n possible with PDFedit. You can change either raw pdf objects (for advanced\n users) or use predefined gui functions. Functions can be easily added as\n everything is based on a script.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html\");\n script_id(861687);\n script_version(\"$Revision: 8226 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-22 07:30:26 +0100 (Fri, 22 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-03-02 08:38:02 +0100 (Tue, 02 Mar 2010)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-1377\");\n script_cve_id(\"CVE-2009-1188\", \"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3606\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_name(\"Fedora Update for pdfedit FEDORA-2010-1377\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of pdfedit\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"pdfedit\", rpm:\"pdfedit~0.4.3~4.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:39:23", "references": [], "pluginID": "136141256231066381", "description": "The remote host is missing an update to xpdf\nannounced via advisory MDVSA-2009:287-1.", "edition": 1, "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "published": "2009-12-10T00:00:00", "type": "openvas", "title": "Mandriva Security Advisory MDVSA-2009:287-1 (xpdf)", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "naslFamily": "Mandrake Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-1188", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3609"], "modified": "2018-04-06T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066381", "id": "OPENVAS:136141256231066381", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_287_1.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:287-1 (xpdf)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities has been found and corrected in xpdf:\n\nInteger overflow in the SplashBitmap::SplashBitmap function in Xpdf 3.x\nbefore 3.02pl4 and Poppler before 0.12.1 might allow remote attackers\nto execute arbitrary code via a crafted PDF document that triggers a\nheap-based buffer overflow. NOTE: some of these details are obtained\nfrom third party information. NOTE: this issue reportedly exists\nbecause of an incomplete fix for CVE-2009-1188 (CVE-2009-3603).\n\nThe Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x\nbefore 3.02pl4, and Poppler 0.x, as used in GPdf and kdegraphics KPDF,\ndoes not properly allocate memory, which allows remote attackers to\ncause a denial of service (application crash) or possibly execute\narbitrary code via a crafted PDF document that triggers a NULL pointer\ndereference or a heap-based buffer overflow (CVE-2009-3604).\n\nInteger overflow in the PSOutputDev::doImageL1Sep function in Xpdf\nbefore 3.02pl4, and Poppler 0.x, as used in kdegraphics KPDF, might\nallow remote attackers to execute arbitrary code via a crafted PDF\ndocument that triggers a heap-based buffer overflow (CVE-2009-3606).\n\nInteger overflow in the ObjectStream::ObjectStream function in XRef.cc\nin Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in\nGPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote\nattackers to execute arbitrary code via a crafted PDF document that\ntriggers a heap-based buffer overflow (CVE-2009-3608).\n\nInteger overflow in the ImageStream::ImageStream function in Stream.cc\nin Xpdf before 3.02pl4 and Poppler before 0.12.1, as used in GPdf,\nkdegraphics KPDF, and CUPS pdftops, allows remote attackers to\ncause a denial of service (application crash) via a crafted PDF\ndocument that triggers a NULL pointer dereference or buffer over-read\n(CVE-2009-3609).\n\nThis update fixes these vulnerabilities.\n\nUpdate:\n\nPackages for 2008.0 are being provided due to extended support for\nCorporate products.\n\nAffected: 2008.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:287-1\";\ntag_summary = \"The remote host is missing an update to xpdf\nannounced via advisory MDVSA-2009:287-1.\";\n\n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.66381\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-12-10 00:23:54 +0100 (Thu, 10 Dec 2009)\");\n script_cve_id(\"CVE-2009-1188\", \"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3606\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Mandriva Security Advisory MDVSA-2009:287-1 (xpdf)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"xpdf\", rpm:\"xpdf~3.02~8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xpdf-common\", rpm:\"xpdf-common~3.02~8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xpdf-tools\", rpm:\"xpdf-tools~3.02~8.3mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:34", "references": ["https://vulners.com/securityvulns/securityvulns:doc:22693", "https://vulners.com/securityvulns/securityvulns:doc:22668", "https://vulners.com/securityvulns/securityvulns:doc:22669", "https://vulners.com/securityvulns/securityvulns:doc:22659"], "description": "Integer overflows, race condiotions.", "edition": 1, "reporter": "BUGTRAQ", "published": "2009-10-28T00:00:00", "title": "CUPS / poppler / xpdf / Adobe Reader multipls security vulnerabilities", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:09:34", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "poppler", "version": "0.10", "operator": "eq"}, {"name": "cups", "version": "1.3", "operator": "eq"}, {"name": "xpdf", "version": "3.02", "operator": "eq"}, {"name": "cups", "version": "1.1", "operator": "eq"}], "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3609"], "modified": "2009-10-28T00:00:00", "id": "SECURITYVULNS:VULN:10333", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:10333", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:32", "references": [], "description": "===========================================================\r\nUbuntu Security Notice USN-850-1 October 21, 2009\r\npoppler vulnerabilities\r\nCVE-2009-0755, CVE-2009-3603, CVE-2009-3604, CVE-2009-3605,\r\nCVE-2009-3607, CVE-2009-3608, CVE-2009-3609\r\n===========================================================\r\n\r\nA security issue affects the following Ubuntu releases:\r\n\r\nUbuntu 6.06 LTS\r\nUbuntu 8.04 LTS\r\nUbuntu 8.10\r\nUbuntu 9.04\r\n\r\nThis advisory also applies to the corresponding versions of\r\nKubuntu, Edubuntu, and Xubuntu.\r\n\r\nThe problem can be corrected by upgrading your system to the\r\nfollowing package versions:\r\n\r\nUbuntu 6.06 LTS:\r\n libpoppler1 0.5.1-0ubuntu7.6\r\n libpoppler1-glib 0.5.1-0ubuntu7.6\r\n\r\nUbuntu 8.04 LTS:\r\n libpoppler-glib2 0.6.4-1ubuntu3.3\r\n libpoppler2 0.6.4-1ubuntu3.3\r\n\r\nUbuntu 8.10:\r\n libpoppler-glib3 0.8.7-1ubuntu0.4\r\n libpoppler3 0.8.7-1ubuntu0.4\r\n\r\nUbuntu 9.04:\r\n libpoppler-glib4 0.10.5-1ubuntu2.4\r\n libpoppler4 0.10.5-1ubuntu2.4\r\n\r\nIn general, a standard system upgrade is sufficient to effect the\r\nnecessary changes.\r\n\r\nDetails follow:\r\n\r\nIt was discovered that poppler contained multiple security issues when\r\nparsing malformed PDF documents. If a user or automated system were tricked\r\ninto opening a crafted PDF file, an attacker could cause a denial of\r\nservice or execute arbitrary code with privileges of the user invoking the\r\nprogram.\r\n\r\n\r\nUpdated packages for Ubuntu 6.06 LTS:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.5.1-0ubuntu7.6.diff.gz\r\n Size/MD5: 26014 c8e36cb77908ace0ef50d06c13519c1c\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.5.1-0ubuntu7.6.dsc\r\n Size/MD5: 1734 089921510c5d3b3b50309f0506bc2164\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.5.1.orig.tar.gz\r\n Size/MD5: 954930 a136cd731892f4570933034ba97c8704\r\n\r\n amd64 architecture &#40;Athlon64, Opteron, EM64T Xeon&#41;:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.5.1-0ubuntu7.6_amd64.deb\r\n Size/MD5: 729460 4892a2a3d13f20dbc042b70ac9c056b3\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.5.1-0ubuntu7.6_amd64.deb\r\n Size/MD5: 58022 6396e4a641c90bcecbcdb24dc9054a1d\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.5.1-0ubuntu7.6_amd64.deb\r\n Size/MD5: 47188 d203ddd76344d1b9215d4652a20fdbf1\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-glib_0.5.1-0ubuntu7.6_amd64.deb\r\n Size/MD5: 52802 2f78b429ae2d1b08331d778142441823\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-qt_0.5.1-0ubuntu7.6_amd64.deb\r\n Size/MD5: 43410 5948b4734df17e874e71b42594ace38a\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1_0.5.1-0ubuntu7.6_amd64.deb\r\n Size/MD5: 546278 baae4d2a454e735385745512d4da800b\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.5.1-0ubuntu7.6_amd64.deb\r\n Size/MD5: 101156 e68a490ee1c4499e57ef5e1d886aeadb\r\n\r\n i386 architecture &#40;x86 compatible Intel/AMD&#41;:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.5.1-0ubuntu7.6_i386.deb\r\n Size/MD5: 661088 a5ee7236a4790292ecdce280ee59b022\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.5.1-0ubuntu7.6_i386.deb\r\n Size/MD5: 54714 c772b7e5d1f880e8c51f53a39b6d5fa9\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.5.1-0ubuntu7.6_i386.deb\r\n Size/MD5: 45188 218acbdc8de3d8c0a72a8ee5a1def1f2\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-glib_0.5.1-0ubuntu7.6_i386.deb\r\n Size/MD5: 50702 9cb9a3acee4fd4a383c51295a27c7c4d\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-qt_0.5.1-0ubuntu7.6_i386.deb\r\n Size/MD5: 42370 55501e517d970baa87082a94ceb0b00c\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1_0.5.1-0ubuntu7.6_i386.deb\r\n Size/MD5: 505460 98a402cce24f2890e49fdf6377c8cb1c\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.5.1-0ubuntu7.6_i386.deb\r\n Size/MD5: 94110 963f5b32e38196994ae4eee354f9462d\r\n\r\n powerpc architecture &#40;Apple Macintosh G3/G4/G5&#41;:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.5.1-0ubuntu7.6_powerpc.deb\r\n Size/MD5: 769172 cb169b95a698a40bc709cd4a97744e37\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.5.1-0ubuntu7.6_powerpc.deb\r\n Size/MD5: 60048 7288585bf7d7e55d0ceee35874db8e07\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.5.1-0ubuntu7.6_powerpc.deb\r\n Size/MD5: 47336 2119d5183a137e6efa0b0059c6e1ee51\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-glib_0.5.1-0ubuntu7.6_powerpc.deb\r\n Size/MD5: 54072 da99e20ce87a87f9f63f8914cccb1348\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-qt_0.5.1-0ubuntu7.6_powerpc.deb\r\n Size/MD5: 44678 056a96edecc39006f20c8f1009e78e14\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1_0.5.1-0ubuntu7.6_powerpc.deb\r\n Size/MD5: 552382 0c8b945a6116fbca65f4e6c67b2f985c\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.5.1-0ubuntu7.6_powerpc.deb\r\n Size/MD5: 105720 5b073564481728b979ebe299b3b79f7a\r\n\r\n sparc architecture &#40;Sun SPARC/UltraSPARC&#41;:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.5.1-0ubuntu7.6_sparc.deb\r\n Size/MD5: 690370 a9c51e1d62f11aae947e04ea76c39c20\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.5.1-0ubuntu7.6_sparc.deb\r\n Size/MD5: 56382 314eb4ad1560f52de5739670edd29fb2\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.5.1-0ubuntu7.6_sparc.deb\r\n Size/MD5: 45876 cc3b771f9275b4fcecf75ad046408eed\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-glib_0.5.1-0ubuntu7.6_sparc.deb\r\n Size/MD5: 51142 20981b6f09b85bf39ad6e7ddbb4f7110\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1-qt_0.5.1-0ubuntu7.6_sparc.deb\r\n Size/MD5: 42142 2ad865090541e8663ee9d5f08a00e318\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler1_0.5.1-0ubuntu7.6_sparc.deb\r\n Size/MD5: 518150 4c01a054f8020f2eb91e8d4d3d49959b\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.5.1-0ubuntu7.6_sparc.deb\r\n Size/MD5: 93650 0d1808cab566d8442e33173cd8ff48c9\r\n\r\nUpdated packages for Ubuntu 8.04 LTS:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.6.4-1ubuntu3.3.diff.gz\r\n Size/MD5: 22046 dc4e94beeae281169523c1e7d2e10c73\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.6.4-1ubuntu3.3.dsc\r\n Size/MD5: 1191 ec6fcf282f0db7c3d787e238d31673aa\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.6.4.orig.tar.gz\r\n Size/MD5: 1294481 13d12ca4e349574cfbbcf4a9b2b3ae52\r\n\r\n amd64 architecture &#40;Athlon64, Opteron, EM64T Xeon&#41;:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.6.4-1ubuntu3.3_amd64.deb\r\n Size/MD5: 895298 219546ad254659ccfdc5143e093d2a63\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.6.4-1ubuntu3.3_amd64.deb\r\n Size/MD5: 109130 71ff567e4c64480e905f19d27f1836fd\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib2_0.6.4-1ubuntu3.3_amd64.deb\r\n Size/MD5: 54818 d7af0e3b2919a1f25638db21a76bc8c4\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.6.4-1ubuntu3.3_amd64.deb\r\n Size/MD5: 46006 83bed87814bfd9f14d03cc65b5289551\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt2_0.6.4-1ubuntu3.3_amd64.deb\r\n Size/MD5: 25524 513bba303af69a26a4bea1dacc1f47f3\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-2_0.6.4-1ubuntu3.3_amd64.deb\r\n Size/MD5: 146754 c7629ade1c8e47877f78d284fecba340\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-dev_0.6.4-1ubuntu3.3_amd64.deb\r\n Size/MD5: 201174 5f4b5800f48e8c2caecb3a5ee2c52729\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler2_0.6.4-1ubuntu3.3_amd64.deb\r\n Size/MD5: 648400 aaaf426a317911328534f6129b02e149\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.6.4-1ubuntu3.3_amd64.deb\r\n Size/MD5: 79038 a124c1e84f6701aaf271332fcb9c0759\r\n\r\n i386 architecture &#40;x86 compatible Intel/AMD&#41;:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.6.4-1ubuntu3.3_i386.deb\r\n Size/MD5: 839448 14f855567511009760acf692c5f89684\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.6.4-1ubuntu3.3_i386.deb\r\n Size/MD5: 102846 362d45cf1e5f592b12ea856cd30cd32c\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib2_0.6.4-1ubuntu3.3_i386.deb\r\n Size/MD5: 52348 6d121599ab1e673ef77bbbdbe9f757a0\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.6.4-1ubuntu3.3_i386.deb\r\n Size/MD5: 42408 f0c93f9e47e1f0fcf29f4b08c534c33e\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt2_0.6.4-1ubuntu3.3_i386.deb\r\n Size/MD5: 25052 de8b30c3222e60f1d03269eab81699e4\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-2_0.6.4-1ubuntu3.3_i386.deb\r\n Size/MD5: 143624 51ee5444da2b1c3b5f127710aa336efa\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-dev_0.6.4-1ubuntu3.3_i386.deb\r\n Size/MD5: 189926 019b17e18eb324b59dcee9d21e423135\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler2_0.6.4-1ubuntu3.3_i386.deb\r\n Size/MD5: 622942 119416a864ad74672ca6ae4ac58d43ce\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.6.4-1ubuntu3.3_i386.deb\r\n Size/MD5: 73696 6973e5e2d963207ebcd71f39314c6a13\r\n\r\n lpia architecture &#40;Low Power Intel Architecture&#41;:\r\n\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.6.4-1ubuntu3.3_lpia.deb\r\n Size/MD5: 859552 2d93fe0ca136f2f5817ace0e73065b14\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.6.4-1ubuntu3.3_lpia.deb\r\n Size/MD5: 103828 302309d7417af275876bd3a6556aef35\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib2_0.6.4-1ubuntu3.3_lpia.deb\r\n Size/MD5: 52620 a4cb4db985a35d20322051a84814ea17\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.6.4-1ubuntu3.3_lpia.deb\r\n Size/MD5: 42838 c0f2ddd9b079a4ff4be4ef8ff90698dc\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.6.4-1ubuntu3.3_lpia.deb\r\n Size/MD5: 24802 b94c9f2599d512c3dd2be98318040018\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-2_0.6.4-1ubuntu3.3_lpia.deb\r\n Size/MD5: 145068 ed1883c96fb14e03fff4bd3274f04343\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.6.4-1ubuntu3.3_lpia.deb\r\n Size/MD5: 191082 4772280b06b12e07165851d768edcc2b\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler2_0.6.4-1ubuntu3.3_lpia.deb\r\n Size/MD5: 636962 451af3e71acda77f54e048501c7fddb9\r\n http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.6.4-1ubuntu3.3_lpia.deb\r\n Size/MD5: 74712 b321b22d5c40fe8f656493c04f4be89d\r\n\r\n powerpc architecture &#40;Apple Macintosh G3/G4/G5&#41;:\r\n\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.6.4-1ubuntu3.3_powerpc.deb\r\n Size/MD5: 956782 a06ae04dd6f93262a6d80bae3217e2db\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.6.4-1ubuntu3.3_powerpc.deb\r\n Size/MD5: 115788 c9c10a70870477dc0867fda19eedd64f\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib2_0.6.4-1ubuntu3.3_powerpc.deb\r\n Size/MD5: 58458 db075999849b99cd0ef8bb38e2eda8aa\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.6.4-1ubuntu3.3_powerpc.deb\r\n Size/MD5: 45922 3bd77539dd13bb5363daf126554662d8\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.6.4-1ubuntu3.3_powerpc.deb\r\n Size/MD5: 28866 32dff1a016af9b02b51bec51a3092716\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-2_0.6.4-1ubuntu3.3_powerpc.deb\r\n Size/MD5: 152742 b511df58777e3247891adeffca1cbd89\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.6.4-1ubuntu3.3_powerpc.deb\r\n Size/MD5: 209314 15cf5b72a3448a54c0cbed1b18ebd5e2\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler2_0.6.4-1ubuntu3.3_powerpc.deb\r\n Size/MD5: 683136 aaf150cd2bbf9cad134cb5233088c28a\r\n http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.6.4-1ubuntu3.3_powerpc.deb\r\n Size/MD5: 94452 5d5faf7fc87829300bb97d8c41a6eb51\r\n\r\n sparc architecture &#40;Sun SPARC/UltraSPARC&#41;:\r\n\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.6.4-1ubuntu3.3_sparc.deb\r\n Size/MD5: 859928 0c68602a90c714eb0914d049b73954ef\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.6.4-1ubuntu3.3_sparc.deb\r\n Size/MD5: 104154 624cad01fcb5261ac9777b2410dc3eb4\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib2_0.6.4-1ubuntu3.3_sparc.deb\r\n Size/MD5: 51408 becf3564b792c91e136725e9667df063\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.6.4-1ubuntu3.3_sparc.deb\r\n Size/MD5: 41796 f0b04adbbb9d62b7072b6161167f2dc1\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.6.4-1ubuntu3.3_sparc.deb\r\n Size/MD5: 23902 7c693d6a4184172c42e3d5d7eef32458\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-2_0.6.4-1ubuntu3.3_sparc.deb\r\n Size/MD5: 145338 aaae4f4e8fae85c14135180d73cb9b32\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.6.4-1ubuntu3.3_sparc.deb\r\n Size/MD5: 193072 e009739521f4136808a739643344c64e\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler2_0.6.4-1ubuntu3.3_sparc.deb\r\n Size/MD5: 631336 fecabd8a767e7fedbd7cd2c8a9c50382\r\n http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.6.4-1ubuntu3.3_sparc.deb\r\n Size/MD5: 72984 e81125ee0c55e2b21ed5c9f4f7e095f4\r\n\r\nUpdated packages for Ubuntu 8.10:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.8.7-1ubuntu0.4.diff.gz\r\n Size/MD5: 24158 1da9804b9914b0af10e74e62c9df03c7\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.8.7-1ubuntu0.4.dsc\r\n Size/MD5: 1600 61fc879aeed7bee88fc003d4adb2da06\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.8.7.orig.tar.gz\r\n Size/MD5: 1469587 9af81429d6f8639c357a5eed25583365\r\n\r\n amd64 architecture &#40;Athlon64, Opteron, EM64T Xeon&#41;:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.8.7-1ubuntu0.4_amd64.deb\r\n Size/MD5: 966770 8acc6bc0c741a5e817bbee53dbf86d8a\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.8.7-1ubuntu0.4_amd64.deb\r\n Size/MD5: 123086 1cae2bbd3c71be377d9f876f32b3d065\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib3_0.8.7-1ubuntu0.4_amd64.deb\r\n Size/MD5: 64042 3cd74a188283c4149927e7c59adde7de\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.8.7-1ubuntu0.4_amd64.deb\r\n Size/MD5: 47810 06c3131b490cfdfa6231e95aec4cfd80\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt2_0.8.7-1ubuntu0.4_amd64.deb\r\n Size/MD5: 25640 f7bb740f8a414a57b53ec2697852a918\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-3_0.8.7-1ubuntu0.4_amd64.deb\r\n Size/MD5: 159080 acec6880e769524a5f8ae34ec0e59cd0\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-dev_0.8.7-1ubuntu0.4_amd64.deb\r\n Size/MD5: 221642 32c78853005f4f8d4d2ebe482092d310\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler3_0.8.7-1ubuntu0.4_amd64.deb\r\n Size/MD5: 695346 4ed3b91dfa76d01b1e950f94dc1133e6\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-dbg_0.8.7-1ubuntu0.4_amd64.deb\r\n Size/MD5: 3011574 4d6a39ecdd55e8976d9ec799074c8a73\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.8.7-1ubuntu0.4_amd64.deb\r\n Size/MD5: 79508 d32759ad9e23ff7b9eb8ac198487f780\r\n\r\n i386 architecture &#40;x86 compatible Intel/AMD&#41;:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.8.7-1ubuntu0.4_i386.deb\r\n Size/MD5: 900318 1f62ce8877e641804fc88ce342dab2b6\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.8.7-1ubuntu0.4_i386.deb\r\n Size/MD5: 115974 d30df656bdcb44932f49f2989e29e6d3\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib3_0.8.7-1ubuntu0.4_i386.deb\r\n Size/MD5: 60938 1fecffda599ec890464195f8fd9925dd\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.8.7-1ubuntu0.4_i386.deb\r\n Size/MD5: 44696 48c34ef2b45c4903dc888c8a7a702158\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt2_0.8.7-1ubuntu0.4_i386.deb\r\n Size/MD5: 24982 a2e04c884e6d1fd32ad5efdbc3acc4db\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-3_0.8.7-1ubuntu0.4_i386.deb\r\n Size/MD5: 157454 528df7b609f648728877bbef3d5cbe95\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-dev_0.8.7-1ubuntu0.4_i386.deb\r\n Size/MD5: 207464 0dd3dc8669a297c7b201b41c58609e73\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler3_0.8.7-1ubuntu0.4_i386.deb\r\n Size/MD5: 668308 7d2072b84fd23300dbfec7d38a94d391\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-dbg_0.8.7-1ubuntu0.4_i386.deb\r\n Size/MD5: 2923984 b3265aca3331dd090d9402801542bd8b\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.8.7-1ubuntu0.4_i386.deb\r\n Size/MD5: 74888 6877168e0af223857c9ba1baa74106a4\r\n\r\n lpia architecture &#40;Low Power Intel Architecture&#41;:\r\n\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.8.7-1ubuntu0.4_lpia.deb\r\n Size/MD5: 919440 c13af3207d680e18c8181cf4a9060973\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.8.7-1ubuntu0.4_lpia.deb\r\n Size/MD5: 116604 a360513ac87d3f6da4e0b98bf11e9330\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib3_0.8.7-1ubuntu0.4_lpia.deb\r\n Size/MD5: 60906 828e377e2a249ae4fe271f92dfc09470\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.8.7-1ubuntu0.4_lpia.deb\r\n Size/MD5: 44902 cfbffe98181c17b2b9e368c1c025756d\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.8.7-1ubuntu0.4_lpia.deb\r\n Size/MD5: 24646 8afedd14cb1b36bae346e265bddeb0de\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-3_0.8.7-1ubuntu0.4_lpia.deb\r\n Size/MD5: 157966 eecbb3a0010b0d7a15217583ce7a954c\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.8.7-1ubuntu0.4_lpia.deb\r\n Size/MD5: 207228 1560664feb5e11639b4f5c3108f947da\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler3_0.8.7-1ubuntu0.4_lpia.deb\r\n Size/MD5: 678412 d774435bddc786b8d34b556177a295df\r\n http://ports.ubuntu.com/pool/main/p/poppler/poppler-dbg_0.8.7-1ubuntu0.4_lpia.deb\r\n Size/MD5: 2957052 7b080c08ff6df105e00deef71b8ea7d8\r\n http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.8.7-1ubuntu0.4_lpia.deb\r\n Size/MD5: 75866 773bdcc21c439041f3c25e590ee9f64a\r\n\r\n powerpc architecture &#40;Apple Macintosh G3/G4/G5&#41;:\r\n\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.8.7-1ubuntu0.4_powerpc.deb\r\n Size/MD5: 1029056 faf4d3b315a8cd3e3de6a7e8524623df\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.8.7-1ubuntu0.4_powerpc.deb\r\n Size/MD5: 130822 73fe7e497cef3c67ee2144d573ba1ed5\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib3_0.8.7-1ubuntu0.4_powerpc.deb\r\n Size/MD5: 68536 e1a37bab13354c58c18d39d74c4f1bde\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.8.7-1ubuntu0.4_powerpc.deb\r\n Size/MD5: 48086 82cae6caf3e7cb8626edc838790e41aa\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.8.7-1ubuntu0.4_powerpc.deb\r\n Size/MD5: 28476 3d2a87d6f2f8a686c2d710f95eed6aa8\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-3_0.8.7-1ubuntu0.4_powerpc.deb\r\n Size/MD5: 163284 32988e0c6d47c7c158b7b63d8e400deb\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.8.7-1ubuntu0.4_powerpc.deb\r\n Size/MD5: 224680 64cd73e5b3d4f2ef48de722e3193bbf9\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler3_0.8.7-1ubuntu0.4_powerpc.deb\r\n Size/MD5: 729068 ec5fdd7d15d827648ceadf695cbdf26e\r\n http://ports.ubuntu.com/pool/main/p/poppler/poppler-dbg_0.8.7-1ubuntu0.4_powerpc.deb\r\n Size/MD5: 3104526 a1e99dfbe8749b43e57ba985beeceb5f\r\n http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.8.7-1ubuntu0.4_powerpc.deb\r\n Size/MD5: 92510 b5a856882342bf3a03751de8a8471a27\r\n\r\n sparc architecture &#40;Sun SPARC/UltraSPARC&#41;:\r\n\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.8.7-1ubuntu0.4_sparc.deb\r\n Size/MD5: 923002 7afd390ed9c12a46ea668947d4e2d501\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.8.7-1ubuntu0.4_sparc.deb\r\n Size/MD5: 119470 1bfbe4868933e7c240125261e8a75300\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib3_0.8.7-1ubuntu0.4_sparc.deb\r\n Size/MD5: 60718 09b689a4003fc8ca539ff11508129257\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.8.7-1ubuntu0.4_sparc.deb\r\n Size/MD5: 44464 69b6d581f396dbd0ce9addf6a07e7782\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.8.7-1ubuntu0.4_sparc.deb\r\n Size/MD5: 23886 17b66ef9fc7bbdc66a1f8fe38dafcdf2\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-3_0.8.7-1ubuntu0.4_sparc.deb\r\n Size/MD5: 156126 d9c7e655879ecea5d992b05f4be4ea80\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.8.7-1ubuntu0.4_sparc.deb\r\n Size/MD5: 212292 e7d7c3ad5ad7dbf989444de26567a0bf\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler3_0.8.7-1ubuntu0.4_sparc.deb\r\n Size/MD5: 675402 4334c410965ebfff7c7b4a5f39c6c3e1\r\n http://ports.ubuntu.com/pool/main/p/poppler/poppler-dbg_0.8.7-1ubuntu0.4_sparc.deb\r\n Size/MD5: 2871974 cc36e815266a93d873cf63f63f888ed9\r\n http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.8.7-1ubuntu0.4_sparc.deb\r\n Size/MD5: 75294 8e3a17219f044d9fe3558842baecb84c\r\n\r\nUpdated packages for Ubuntu 9.04:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.10.5-1ubuntu2.4.diff.gz\r\n Size/MD5: 21967 7c17d321cd599e6da3dd33bd59f01565\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.10.5-1ubuntu2.4.dsc\r\n Size/MD5: 1678 d683c76a2156ca77317d7435b255fbe1\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler_0.10.5.orig.tar.gz\r\n Size/MD5: 1516687 125f671a19707861132fb03e73b61184\r\n\r\n amd64 architecture &#40;Athlon64, Opteron, EM64T Xeon&#41;:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.10.5-1ubuntu2.4_amd64.deb\r\n Size/MD5: 1000768 a0e2e828bcdbc4715198863dc49d43d1\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.10.5-1ubuntu2.4_amd64.deb\r\n Size/MD5: 124328 711c52c9a16e3ac32f169cd058cf947d\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib4_0.10.5-1ubuntu2.4_amd64.deb\r\n Size/MD5: 64506 c31d5399f247855d5acb82550e9d9741\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.10.5-1ubuntu2.4_amd64.deb\r\n Size/MD5: 50888 93f5ea904e38ba9e9b4780bdd6e0a915\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt2_0.10.5-1ubuntu2.4_amd64.deb\r\n Size/MD5: 26082 26f9a4a41026f7634c14c8ee0809d623\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-3_0.10.5-1ubuntu2.4_amd64.deb\r\n Size/MD5: 166090 0bc5695ed5d9e9a10199629857ff20df\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-dev_0.10.5-1ubuntu2.4_amd64.deb\r\n Size/MD5: 234724 128e2b210a979fc4ad940dba62ee720c\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler4_0.10.5-1ubuntu2.4_amd64.deb\r\n Size/MD5: 715500 1b4b86ccfc3018544d1694fc106cf76f\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-dbg_0.10.5-1ubuntu2.4_amd64.deb\r\n Size/MD5: 3191322 7288b29103a19c927e31ba3aabb54e0a\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.10.5-1ubuntu2.4_amd64.deb\r\n Size/MD5: 80300 f5648765dfa3d73be8e36c09bdaa0136\r\n\r\n i386 architecture &#40;x86 compatible Intel/AMD&#41;:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-dev_0.10.5-1ubuntu2.4_i386.deb\r\n Size/MD5: 935458 361e8221fa3dcf59fb85b4a06ad67f8d\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib-dev_0.10.5-1ubuntu2.4_i386.deb\r\n Size/MD5: 117376 d4d2e71929b0407dc09e434f053785c2\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-glib4_0.10.5-1ubuntu2.4_i386.deb\r\n Size/MD5: 61436 3e2bbeaa77c5d65abdb73dd7e532d190\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt-dev_0.10.5-1ubuntu2.4_i386.deb\r\n Size/MD5: 47614 faafa312c78c4e839f1e1f145c28118f\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt2_0.10.5-1ubuntu2.4_i386.deb\r\n Size/MD5: 25404 51083efe90553e15eaaf3cf4b3e8a405\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-3_0.10.5-1ubuntu2.4_i386.deb\r\n Size/MD5: 164404 bda33e8dc6a9d924c31dc1074c728ab7\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler-qt4-dev_0.10.5-1ubuntu2.4_i386.deb\r\n Size/MD5: 218296 c83b140bcc67db51c3952e45f494b367\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/libpoppler4_0.10.5-1ubuntu2.4_i386.deb\r\n Size/MD5: 686830 0add04ee693b60e36d908a6378b0ab07\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-dbg_0.10.5-1ubuntu2.4_i386.deb\r\n Size/MD5: 3106562 5db385b598df691055483b77444e73f9\r\n http://security.ubuntu.com/ubuntu/pool/main/p/poppler/poppler-utils_0.10.5-1ubuntu2.4_i386.deb\r\n Size/MD5: 75078 1b60efe5df2b7c62421a7480307b85f4\r\n\r\n lpia architecture &#40;Low Power Intel Architecture&#41;:\r\n\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.10.5-1ubuntu2.4_lpia.deb\r\n Size/MD5: 951662 8840f9e9d94af5417940bee13c46cf82\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.10.5-1ubuntu2.4_lpia.deb\r\n Size/MD5: 118048 4b631fb4dcc82eb9769e94e1630417f1\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib4_0.10.5-1ubuntu2.4_lpia.deb\r\n Size/MD5: 61514 a176373b7db781d0689553b5b593c73c\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.10.5-1ubuntu2.4_lpia.deb\r\n Size/MD5: 47972 2b56a02f66cf4239d8a2cd0b9a7c8e70\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.10.5-1ubuntu2.4_lpia.deb\r\n Size/MD5: 25098 657633589a42da164bfbf466deefd911\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-3_0.10.5-1ubuntu2.4_lpia.deb\r\n Size/MD5: 164644 136f53d85418b02585bcb5060f3fdd77\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.10.5-1ubuntu2.4_lpia.deb\r\n Size/MD5: 219694 3d728fe5329c0f8cbb2bf56128842e46\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler4_0.10.5-1ubuntu2.4_lpia.deb\r\n Size/MD5: 697596 17aa5399a8fac79e9dcb8fa561d338ca\r\n http://ports.ubuntu.com/pool/main/p/poppler/poppler-dbg_0.10.5-1ubuntu2.4_lpia.deb\r\n Size/MD5: 3140998 30f9a4c18ba87fea04767e893a5a83af\r\n http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.10.5-1ubuntu2.4_lpia.deb\r\n Size/MD5: 75850 fd1b0d089a4350df387f4a4f777059f0\r\n\r\n powerpc architecture &#40;Apple Macintosh G3/G4/G5&#41;:\r\n\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.10.5-1ubuntu2.4_powerpc.deb\r\n Size/MD5: 1067780 ead2895feebaabd9ff072a7e18489a09\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.10.5-1ubuntu2.4_powerpc.deb\r\n Size/MD5: 132060 cd79f38776f8e68d023fb1757856207d\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib4_0.10.5-1ubuntu2.4_powerpc.deb\r\n Size/MD5: 69136 37f7ca9ff8f61f5606e560c79c6ee962\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.10.5-1ubuntu2.4_powerpc.deb\r\n Size/MD5: 50978 b0631536bcd6127b5564b784364721cf\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.10.5-1ubuntu2.4_powerpc.deb\r\n Size/MD5: 28786 a2d9a659dffd9e59a232f5170eba3bf6\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-3_0.10.5-1ubuntu2.4_powerpc.deb\r\n Size/MD5: 170362 a76c300480f571da923ae11b812fb4c2\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.10.5-1ubuntu2.4_powerpc.deb\r\n Size/MD5: 238952 a82157d9e253291d5061fa8ec65a7d18\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler4_0.10.5-1ubuntu2.4_powerpc.deb\r\n Size/MD5: 750614 193e253c64217205b2cb58e92fce69c6\r\n http://ports.ubuntu.com/pool/main/p/poppler/poppler-dbg_0.10.5-1ubuntu2.4_powerpc.deb\r\n Size/MD5: 3289136 92f7040b67b3857870dd8045cba9abc3\r\n http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.10.5-1ubuntu2.4_powerpc.deb\r\n Size/MD5: 92852 27f4a2039d15983031a2b970135e8a55\r\n\r\n sparc architecture &#40;Sun SPARC/UltraSPARC&#41;:\r\n\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-dev_0.10.5-1ubuntu2.4_sparc.deb\r\n Size/MD5: 958792 e71b4e06fc8aa96bd99f1788ceacc007\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib-dev_0.10.5-1ubuntu2.4_sparc.deb\r\n Size/MD5: 120810 8a672bab1c6a1edf657067f7d6d06a0b\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-glib4_0.10.5-1ubuntu2.4_sparc.deb\r\n Size/MD5: 61174 a6d73a14ef08f14ca355758fb6cccbbd\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt-dev_0.10.5-1ubuntu2.4_sparc.deb\r\n Size/MD5: 47318 0c621578bf9de1be5ee81569d0fed54a\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt2_0.10.5-1ubuntu2.4_sparc.deb\r\n Size/MD5: 24306 264350a4ddfbc7cac8e518c7a39a6c51\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-3_0.10.5-1ubuntu2.4_sparc.deb\r\n Size/MD5: 165792 fcf772cd1496b6bb31732b2d42102116\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler-qt4-dev_0.10.5-1ubuntu2.4_sparc.deb\r\n Size/MD5: 226704 438e25e7224151ae3d384a07494d256b\r\n http://ports.ubuntu.com/pool/main/p/poppler/libpoppler4_0.10.5-1ubuntu2.4_sparc.deb\r\n Size/MD5: 699252 01803573fd4c0f4d693f3c4ea9cfa9f1\r\n http://ports.ubuntu.com/pool/main/p/poppler/poppler-dbg_0.10.5-1ubuntu2.4_sparc.deb\r\n Size/MD5: 3054100 2d809268a9f476aeb4e975a82e50c290\r\n http://ports.ubuntu.com/pool/main/p/poppler/poppler-utils_0.10.5-1ubuntu2.4_sparc.deb\r\n Size/MD5: 75468 c07c71a0a672e1a57dfad58d4ef29a8d\r\n\r\n\r\n", "edition": 1, "reporter": "Securityvulns", "published": "2009-10-22T00:00:00", "title": "[USN-850-1] poppler vulnerabilities", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:32", "vector": "NONE", "value": 6.8}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3607", "CVE-2009-0755", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-3609"], "modified": "2009-10-22T00:00:00", "id": "SECURITYVULNS:DOC:22668", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:22668", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:32", "references": [], "description": "#2009-016 Poppler, Xpdf integer overflows during heap allocation\r\n\r\nDescription:\r\n\r\nPoppler and Xpdf are two popular open source projects for processing PDF\r\nfiles. Both projects are vulnerable to an integer overflow during heap\r\nmemory allocation when processing a PDF file. In general, this results\r\nin unexpected process termination. If an application using this code is\r\nmulti-threaded &#40;or uses a crash signal handler&#41;, it may be possible to\r\nexecute arbitrary code.\r\n\r\nThe vulnerability resides in the object stream handler. In particular,\r\na multiplicative overflow occurs when a large number of embedded objects\r\nare specified. An overflow check was in place in the code, but it only\r\nprotected related calls to gmalloc&#40;&#41;. The C++ object array allocation\r\ncode &#40;new[]&#41; is not guarded by the upper bound check and the call to\r\nnew[] does not result in an exception with gcc. This results in bytes\r\nbeing written after the valid heap allocation during object\r\nconstruction.\r\n\r\nBoth software packages have released fixed versions which limit the allowed\r\nobject count to a domain specific value.\r\n\r\nA detailed analysis by the reporter can be found in the References.\r\n\r\n\r\nAffected version:\r\n\r\nPoppler &lt; 0.12.1\r\n\r\nXpdf &lt; 3.02pl4\r\n\r\n\r\nFixed version:\r\n\r\nPoppler &gt;= 0.12.1\r\n\r\nXpdf &gt;= 3.02pl4\r\n\r\n\r\nCredit: vulnerability report and PoC received from\r\n Chris Rohlf &lt;chris.rohlf@gmail.com&gt;.\r\n\r\n\r\nCVE: CVE-2009-3608\r\n\r\n\r\nTimeline:\r\n\r\n2009-09-04: vulnerability report received\r\n2009-09-17: proof of concept received from reporter\r\n2009-09-21: impact reviewed\r\n2009-09-29: contacted poppler maintainer\r\n2009-09-29: vendor-sec notified\r\n2009-09-30: vendor-sec discussion expanded to include xpdf maintainer\r\n2009-10-02: final fix agreed upon by both maintainers\r\n2009-10-12: CVE assigned by Tomas Hoger of RedHat\r\n2009-10-14: fixed Xpdf released\r\n2009-10-18: fixed Poppler released\r\n2009-10-21: advisory published\r\n\r\n\r\nReferences:\r\nhttp://poppler.freedesktop.org/\r\nhttp://www.foolabs.com/xpdf/CHANGES\r\nhttp://chargen.matasano.com/chargen/2009/10/9/a-c-challenge.html\r\nhttp://chargen.matasano.com/chargen/2009/10/15/a-c-challenge-the-conclusion.html\r\nhttp://sites.google.com/site/em386cr/Home/CVE-2009-3608-explained.txt\r\nhttp://gcc.gnu.org/bugzilla/show_bug.cgi?id=19351\r\n\r\n\r\nPermalink:\r\nhttp://www.ocert.org/advisories/ocert-2009-016.html\r\n\r\n--\r\nWill Drewry &lt;redpig@ocert.org&gt;\r\nhttp://ocert.org", "edition": 1, "reporter": "Securityvulns", "published": "2009-10-22T00:00:00", "title": "[oCERT-2009-016] Poppler, xpdf integer overflow during heap allocation", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:32", "vector": "NONE", "value": 7.5}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2009-3608"], "modified": "2009-10-22T00:00:00", "id": "SECURITYVULNS:DOC:22669", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:22669", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "cve": [{"lastseen": "2017-09-19T13:36:40", "references": ["http://www.ubuntu.com/usn/USN-850-3", "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287", "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1", "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch", "http://www.vupen.com/english/advisories/2009/2925", "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175", "http://www.vupen.com/english/advisories/2010/0802", "http://www.vupen.com/english/advisories/2010/1040", "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html", "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1", "http://securitytracker.com/id?1023029", "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html", "http://www.debian.org/security/2010/dsa-2050", "http://www.securityfocus.com/bid/36703", "https://bugzilla.redhat.com/show_bug.cgi?id=526915", "http://www.vupen.com/english/advisories/2010/1220", "http://www.ubuntu.com/usn/USN-850-1", "http://poppler.freedesktop.org/", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087", "https://rhn.redhat.com/errata/RHSA-2009-1504.html", "http://www.debian.org/security/2010/dsa-2028", "https://exchange.xforce.ibmcloud.com/vulnerabilities/53793", "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html", "http://www.vupen.com/english/advisories/2009/2924", "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html"], "description": "Integer overflow in the SplashBitmap::SplashBitmap function in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1 might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2009-1188.", "edition": 3, "reporter": "NVD", "published": "2009-10-21T13:30:00", "title": "CVE-2009-3603", "type": "cve", "enchantments": {"score": {"modified": "2017-09-19T13:36:40", "vector": "NONE", "value": 9.3}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:9671", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9671"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2009-3603"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:9671", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:9671"}], "modified": "2017-09-18T21:29:41", "cpe": ["cpe:/a:poppler:poppler:0.9.3", "cpe:/a:poppler:poppler:0.5.1", "cpe:/a:poppler:poppler:0.12.0", "cpe:/a:poppler:poppler:0.4.3", "cpe:/a:poppler:poppler:0.9.1", "cpe:/a:poppler:poppler:0.5.0", "cpe:/a:poppler:poppler:0.7.3", "cpe:/a:poppler:poppler:0.10.5", "cpe:/a:poppler:poppler:0.3.1", "cpe:/a:foolabs:xpdf:3.02", "cpe:/a:poppler:poppler:0.5.3", "cpe:/a:poppler:poppler:0.8.0", "cpe:/a:poppler:poppler:0.5.9", "cpe:/a:poppler:poppler:0.1.2", "cpe:/a:poppler:poppler:0.10.2", "cpe:/a:foolabs:xpdf:3.00", "cpe:/a:poppler:poppler:0.3.3", "cpe:/a:poppler:poppler:0.11.3", "cpe:/a:poppler:poppler:0.4.4", "cpe:/a:foolabs:xpdf:3.01", "cpe:/a:poppler:poppler:0.10.6", "cpe:/a:poppler:poppler:0.7.1", "cpe:/a:foolabs:xpdf:3.02pl3", "cpe:/a:foolabs:xpdf:3.02pl1", "cpe:/a:poppler:poppler:0.5.2", "cpe:/a:poppler:poppler:0.10.1", "cpe:/a:poppler:poppler:0.4.0", "cpe:/a:poppler:poppler:0.8.6", "cpe:/a:poppler:poppler:0.6.2", "cpe:/a:poppler:poppler:0.11.2", "cpe:/a:poppler:poppler:0.8.4", "cpe:/a:poppler:poppler:0.4.2", "cpe:/a:poppler:poppler:0.5.4", "cpe:/a:poppler:poppler:0.8.1", "cpe:/a:poppler:poppler:0.6.0", "cpe:/a:poppler:poppler:0.7.2", "cpe:/a:poppler:poppler:0.1", "cpe:/a:poppler:poppler:0.3.2", "cpe:/a:poppler:poppler:0.11.0", "cpe:/a:poppler:poppler:0.3.0", "cpe:/a:poppler:poppler:0.10.0", "cpe:/a:poppler:poppler:0.10.3", "cpe:/a:poppler:poppler:0.8.3", "cpe:/a:poppler:poppler:0.9.0", "cpe:/a:poppler:poppler:0.4.1", "cpe:/a:poppler:poppler:0.2.0", "cpe:/a:poppler:poppler:0.11.1", "cpe:/a:poppler:poppler:0.10.4", "cpe:/a:poppler:poppler:0.10.7", "cpe:/a:poppler:poppler:0.8.7", "cpe:/a:poppler:poppler:0.6.1", "cpe:/a:foolabs:xpdf:3.02pl2", "cpe:/a:poppler:poppler:0.6.4", "cpe:/a:poppler:poppler:0.1.1", "cpe:/a:poppler:poppler:0.9.2", "cpe:/a:poppler:poppler:0.6.3", "cpe:/a:poppler:poppler:0.7.0", "cpe:/a:poppler:poppler:0.8.2"], "id": "CVE-2009-3603", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3603", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-09-19T13:36:40", "references": ["http://cgit.freedesktop.org/poppler/poppler/commit/?id=9cf2325fb22f812b31858e519411f57747d39bd8", "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1", "https://bugzilla.redhat.com/show_bug.cgi?id=491840", "https://launchpad.net/ubuntu/+archive/primary/+files/poppler_0.10.5-1ubuntu2.4.diff.gz", "http://cgit.freedesktop.org/poppler/poppler/commit/?id=284a92899602daa4a7f429e61849e794569310b5", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175", "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1", "http://www.ubuntu.com/usn/USN-850-1", "http://www.mandriva.com/security/advisories?name=MDVSA-2009:334", "https://launchpad.net/ubuntu/+archive/primary/+files/poppler_0.8.7-1ubuntu0.4.diff.gz", "https://bugs.launchpad.net/bugs/cve/2009-3605", "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html", "http://cgit.freedesktop.org/poppler/poppler/commit/?id=7b2d314a61fd0e12f47c62996cb49ec0d1ba747a"], "description": "Multiple integer overflows in Poppler 0.10.5 and earlier allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file, related to (1) glib/poppler-page.cc; (2) ArthurOutputDev.cc, (3) CairoOutputDev.cc, (4) GfxState.cc, (5) JBIG2Stream.cc, (6) PSOutputDev.cc, and (7) SplashOutputDev.cc in poppler/; and (8) SplashBitmap.cc, (9) Splash.cc, and (10) SplashFTFont.cc in splash/. NOTE: this may overlap CVE-2009-0791.", "edition": 2, "reporter": "NVD", "published": "2009-11-02T10:30:00", "title": "CVE-2009-3605", "type": "cve", "enchantments": {"score": {"modified": "2017-09-19T13:36:40", "vector": "NONE", "value": 6.8}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:7731", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7731"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2009-3605"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:7731", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:7731"}], "modified": "2017-09-18T21:29:41", "cpe": ["cpe:/a:poppler:poppler:0.9.3", "cpe:/a:poppler:poppler:0.5.1", "cpe:/a:poppler:poppler:0.4.3", "cpe:/a:poppler:poppler:0.9.1", "cpe:/a:poppler:poppler:0.5.0", "cpe:/a:poppler:poppler:0.7.3", "cpe:/a:poppler:poppler:0.10.5", "cpe:/a:poppler:poppler:0.3.1", "cpe:/a:poppler:poppler:0.5.3", "cpe:/a:poppler:poppler:0.8.0", "cpe:/a:poppler:poppler:0.5.9", "cpe:/a:poppler:poppler:0.1.2", "cpe:/a:poppler:poppler:0.10.2", "cpe:/a:poppler:poppler:0.3.3", "cpe:/a:poppler:poppler:0.4.4", "cpe:/a:poppler:poppler:0.7.1", "cpe:/a:poppler:poppler:0.5.2", "cpe:/a:poppler:poppler:0.10.1", "cpe:/a:poppler:poppler:0.4.0", "cpe:/a:poppler:poppler:0.8.6", "cpe:/a:poppler:poppler:0.6.2", "cpe:/a:poppler:poppler:0.8.5", "cpe:/a:poppler:poppler:0.8.4", "cpe:/a:poppler:poppler:0.4.2", "cpe:/a:poppler:poppler:0.5.4", "cpe:/a:poppler:poppler:0.8.1", "cpe:/a:poppler:poppler:0.5.90", "cpe:/a:poppler:poppler:0.6.0", "cpe:/a:poppler:poppler:0.7.2", "cpe:/a:poppler:poppler:0.1", "cpe:/a:poppler:poppler:0.3.2", "cpe:/a:poppler:poppler:0.3.0", "cpe:/a:poppler:poppler:0.10.0", "cpe:/a:poppler:poppler:0.10.3", "cpe:/a:poppler:poppler:0.8.3", "cpe:/a:poppler:poppler:0.9.0", "cpe:/a:poppler:poppler:0.4.1", "cpe:/a:poppler:poppler:0.2.0", "cpe:/a:poppler:poppler:0.10.4", "cpe:/a:poppler:poppler:0.8.7", "cpe:/a:poppler:poppler:0.6.1", "cpe:/a:poppler:poppler:0.5.91", "cpe:/a:poppler:poppler:0.6.4", "cpe:/a:poppler:poppler:0.1.1", "cpe:/a:poppler:poppler:0.9.2", "cpe:/a:poppler:poppler:0.6.3", "cpe:/a:poppler:poppler:0.7.0", "cpe:/a:poppler:poppler:0.8.2"], "id": "CVE-2009-3605", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3605", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-09-19T13:36:40", "references": ["http://www.openwall.com/lists/oss-security/2009/12/01/5", "http://cgit.freedesktop.org/poppler/poppler/diff/poppler/PSOutputDev.cc?id=7b2d314a61", "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287", "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1", "http://www.openwall.com/lists/oss-security/2009/12/01/1", "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch", "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175", "https://rhn.redhat.com/errata/RHSA-2009-1502.html", "http://www.vupen.com/english/advisories/2010/0802", "http://www.vupen.com/english/advisories/2010/1040", "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html", "https://exchange.xforce.ibmcloud.com/vulnerabilities/53798", "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1", "http://securitytracker.com/id?1023029", "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html", "http://www.debian.org/security/2010/dsa-2050", "http://www.securityfocus.com/bid/36703", "https://rhn.redhat.com/errata/RHSA-2009-1501.html", "http://www.vupen.com/english/advisories/2009/2928", "http://www.vupen.com/english/advisories/2010/1220", "https://rhn.redhat.com/errata/RHSA-2009-1500.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087", "http://www.debian.org/security/2010/dsa-2028", "https://bugzilla.redhat.com/show_bug.cgi?id=526877", "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html", "http://www.vupen.com/english/advisories/2009/2924", "http://www.openwall.com/lists/oss-security/2009/12/01/6", "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html", "http://www.debian.org/security/2009/dsa-1941"], "description": "Integer overflow in the PSOutputDev::doImageL1Sep function in Xpdf before 3.02pl4, and Poppler 0.x, as used in kdegraphics KPDF, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow.", "edition": 3, "reporter": "NVD", "published": "2009-10-21T13:30:00", "title": "CVE-2009-3606", "type": "cve", "enchantments": {"score": {"modified": "2017-09-19T13:36:40", "vector": "NONE", "value": 9.3}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:11289", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11289"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2009-3606"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:11289", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:11289"}], "modified": "2017-09-18T21:29:41", "cpe": ["cpe:/a:poppler:poppler:0.9.3", "cpe:/a:poppler:poppler:0.5.1", "cpe:/a:poppler:poppler:0.12.0", "cpe:/a:poppler:poppler:0.4.3", "cpe:/a:poppler:poppler:0.9.1", "cpe:/a:poppler:poppler:0.5.0", "cpe:/a:poppler:poppler:0.7.3", "cpe:/a:poppler:poppler:0.10.5", "cpe:/a:poppler:poppler:0.3.1", "cpe:/a:foolabs:xpdf:3.02", "cpe:/a:poppler:poppler:0.5.3", "cpe:/a:poppler:poppler:0.8.0", "cpe:/a:poppler:poppler:0.5.9", "cpe:/a:poppler:poppler:0.1.2", "cpe:/a:poppler:poppler:0.10.2", "cpe:/a:foolabs:xpdf:3.00", "cpe:/a:poppler:poppler:0.3.3", "cpe:/a:poppler:poppler:0.11.3", "cpe:/a:poppler:poppler:0.4.4", "cpe:/a:foolabs:xpdf:3.01", "cpe:/a:poppler:poppler:0.10.6", "cpe:/a:poppler:poppler:0.7.1", "cpe:/a:foolabs:xpdf:3.02pl3", "cpe:/a:foolabs:xpdf:3.02pl1", "cpe:/a:poppler:poppler:0.5.2", "cpe:/a:poppler:poppler:0.10.1", "cpe:/a:poppler:poppler:0.4.0", "cpe:/a:poppler:poppler:0.8.6", "cpe:/a:poppler:poppler:0.6.2", "cpe:/a:poppler:poppler:0.11.2", "cpe:/a:poppler:poppler:0.8.4", "cpe:/a:poppler:poppler:0.4.2", "cpe:/a:poppler:poppler:0.5.4", "cpe:/a:poppler:poppler:0.8.1", "cpe:/a:poppler:poppler:0.6.0", "cpe:/a:poppler:poppler:0.7.2", "cpe:/a:poppler:poppler:0.1", "cpe:/a:poppler:poppler:0.3.2", "cpe:/a:poppler:poppler:0.11.0", "cpe:/a:poppler:poppler:0.3.0", "cpe:/a:poppler:poppler:0.10.0", "cpe:/a:poppler:poppler:0.10.3", "cpe:/a:poppler:poppler:0.8.3", "cpe:/a:poppler:poppler:0.9.0", "cpe:/a:poppler:poppler:0.4.1", "cpe:/a:poppler:poppler:0.2.0", "cpe:/a:poppler:poppler:0.11.1", "cpe:/a:poppler:poppler:0.10.4", "cpe:/a:poppler:poppler:0.10.7", "cpe:/a:poppler:poppler:0.8.7", "cpe:/a:poppler:poppler:0.6.1", "cpe:/a:foolabs:xpdf:3.02pl2", "cpe:/a:poppler:poppler:0.6.4", "cpe:/a:poppler:poppler:0.1.1", "cpe:/a:poppler:poppler:0.9.2", "cpe:/a:poppler:poppler:0.6.3", "cpe:/a:poppler:poppler:0.7.0", "cpe:/a:poppler:poppler:0.8.2"], "id": "CVE-2009-3606", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3606", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-09-19T13:36:40", "references": ["https://rhn.redhat.com/errata/RHSA-2009-1513.html", "http://www.redhat.com/support/errata/RHSA-2010-0755.html", "http://www.ubuntu.com/usn/USN-850-3", "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287", "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1", "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch", "http://www.vupen.com/english/advisories/2009/2925", "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175", "https://rhn.redhat.com/errata/RHSA-2009-1502.html", "https://rhn.redhat.com/errata/RHSA-2009-1512.html", "http://www.vupen.com/english/advisories/2010/0802", "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html", "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1", "http://securitytracker.com/id?1023029", "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html", "http://www.debian.org/security/2010/dsa-2050", "http://www.securityfocus.com/bid/36703", "https://rhn.redhat.com/errata/RHSA-2009-1501.html", "http://www.vupen.com/english/advisories/2009/2928", "http://www.vupen.com/english/advisories/2010/1220", "https://rhn.redhat.com/errata/RHSA-2009-1500.html", "http://www.ubuntu.com/usn/USN-850-1", "http://www.mandriva.com/security/advisories?name=MDVSA-2009:334", "https://bugzilla.redhat.com/show_bug.cgi?id=526893", "http://poppler.freedesktop.org/", "http://www.vupen.com/english/advisories/2009/2926", "https://rhn.redhat.com/errata/RHSA-2009-1503.html", "https://rhn.redhat.com/errata/RHSA-2009-1504.html", "http://www.debian.org/security/2010/dsa-2028", "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html", "http://www.vupen.com/english/advisories/2009/2924", "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html", "https://exchange.xforce.ibmcloud.com/vulnerabilities/53800"], "description": "Integer overflow in the ImageStream::ImageStream function in Stream.cc in Xpdf before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, and CUPS pdftops, allows remote attackers to cause a denial of service (application crash) via a crafted PDF document that triggers a NULL pointer dereference or buffer over-read.", "edition": 3, "reporter": "NVD", "published": "2009-10-21T13:30:00", "title": "CVE-2009-3609", "type": "cve", "enchantments": {"score": {"modified": "2017-09-19T13:36:40", "vector": "NONE", "value": 4.3}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:11043", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11043"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2009-3609"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:11043", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:11043"}], "modified": "2017-09-18T21:29:41", "cpe": ["cpe:/a:poppler:poppler:0.9.3", "cpe:/a:poppler:poppler:0.5.1", "cpe:/a:poppler:poppler:0.12.0", "cpe:/a:poppler:poppler:0.4.3", "cpe:/a:poppler:poppler:0.9.1", "cpe:/a:poppler:poppler:0.5.0", "cpe:/a:poppler:poppler:0.7.3", "cpe:/a:poppler:poppler:0.10.5", "cpe:/a:poppler:poppler:0.3.1", "cpe:/a:foolabs:xpdf:3.02", "cpe:/a:poppler:poppler:0.5.3", "cpe:/a:poppler:poppler:0.8.0", "cpe:/a:poppler:poppler:0.5.9", "cpe:/a:poppler:poppler:0.1.2", "cpe:/a:poppler:poppler:0.10.2", "cpe:/a:foolabs:xpdf:3.00", "cpe:/a:poppler:poppler:0.3.3", "cpe:/a:poppler:poppler:0.11.3", "cpe:/a:poppler:poppler:0.4.4", "cpe:/a:foolabs:xpdf:3.01", "cpe:/a:poppler:poppler:0.10.6", "cpe:/a:poppler:poppler:0.7.1", "cpe:/a:foolabs:xpdf:3.02pl3", "cpe:/a:foolabs:xpdf:3.02pl1", "cpe:/a:poppler:poppler:0.5.2", "cpe:/a:poppler:poppler:0.10.1", "cpe:/a:poppler:poppler:0.4.0", "cpe:/a:poppler:poppler:0.8.6", "cpe:/a:poppler:poppler:0.6.2", "cpe:/a:poppler:poppler:0.11.2", "cpe:/a:poppler:poppler:0.8.4", "cpe:/a:poppler:poppler:0.4.2", "cpe:/a:poppler:poppler:0.5.4", "cpe:/a:poppler:poppler:0.8.1", "cpe:/a:poppler:poppler:0.6.0", "cpe:/a:poppler:poppler:0.7.2", "cpe:/a:poppler:poppler:0.1", "cpe:/a:poppler:poppler:0.3.2", "cpe:/a:poppler:poppler:0.11.0", "cpe:/a:poppler:poppler:0.3.0", "cpe:/a:poppler:poppler:0.10.0", "cpe:/a:poppler:poppler:0.10.3", "cpe:/a:poppler:poppler:0.8.3", "cpe:/a:poppler:poppler:0.9.0", "cpe:/a:poppler:poppler:0.4.1", "cpe:/a:poppler:poppler:0.2.0", "cpe:/a:poppler:poppler:0.11.1", "cpe:/a:poppler:poppler:0.10.4", "cpe:/a:poppler:poppler:0.10.7", "cpe:/a:poppler:poppler:0.8.7", "cpe:/a:poppler:poppler:0.6.1", "cpe:/a:foolabs:xpdf:3.02pl2", "cpe:/a:poppler:poppler:0.6.4", "cpe:/a:poppler:poppler:0.1.1", "cpe:/a:poppler:poppler:0.9.2", "cpe:/a:poppler:poppler:0.6.3", "cpe:/a:poppler:poppler:0.7.0", "cpe:/a:poppler:poppler:0.8.2"], "id": "CVE-2009-3609", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3609", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-09-19T13:36:40", "references": ["http://www.openwall.com/lists/oss-security/2009/12/01/5", "https://rhn.redhat.com/errata/RHSA-2009-1513.html", "http://www.ubuntu.com/usn/USN-850-3", "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287", "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1", "http://www.openwall.com/lists/oss-security/2009/12/01/1", "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch", "http://www.vupen.com/english/advisories/2009/2925", "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175", "https://rhn.redhat.com/errata/RHSA-2009-1502.html", "https://rhn.redhat.com/errata/RHSA-2009-1512.html", "http://www.vupen.com/english/advisories/2010/0802", "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html", "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1", "http://securitytracker.com/id?1023029", "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html", "http://www.debian.org/security/2010/dsa-2050", "https://bugzilla.redhat.com/show_bug.cgi?id=526637", "http://www.securityfocus.com/bid/36703", "https://rhn.redhat.com/errata/RHSA-2009-1501.html", "http://www.vupen.com/english/advisories/2009/2928", "http://www.ocert.org/advisories/ocert-2009-016.html", "http://www.vupen.com/english/advisories/2010/1220", "http://www.ubuntu.com/usn/USN-850-1", "http://www.mandriva.com/security/advisories?name=MDVSA-2009:334", "http://poppler.freedesktop.org/", "http://www.vupen.com/english/advisories/2009/2926", "https://rhn.redhat.com/errata/RHSA-2009-1503.html", "https://rhn.redhat.com/errata/RHSA-2009-1504.html", "http://www.debian.org/security/2010/dsa-2028", "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html", "http://www.vupen.com/english/advisories/2009/2924", "http://www.openwall.com/lists/oss-security/2009/12/01/6", "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html", "http://www.debian.org/security/2009/dsa-1941", "https://exchange.xforce.ibmcloud.com/vulnerabilities/53794"], "description": "Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow.", "edition": 3, "reporter": "NVD", "published": "2009-10-21T13:30:00", "title": "CVE-2009-3608", "type": "cve", "enchantments": {"score": {"modified": "2017-09-19T13:36:40", "vector": "NONE", "value": 9.3}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:9536", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9536"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2009-3608"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:9536", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:9536"}], "modified": "2017-09-18T21:29:41", "cpe": ["cpe:/a:poppler:poppler:0.9.3", "cpe:/a:poppler:poppler:0.5.1", "cpe:/a:poppler:poppler:0.12.0", "cpe:/a:poppler:poppler:0.4.3", "cpe:/a:poppler:poppler:0.9.1", "cpe:/a:poppler:poppler:0.5.0", "cpe:/a:poppler:poppler:0.7.3", "cpe:/a:poppler:poppler:0.10.5", "cpe:/a:poppler:poppler:0.3.1", "cpe:/a:foolabs:xpdf:3.02", "cpe:/a:poppler:poppler:0.5.3", "cpe:/a:poppler:poppler:0.8.0", "cpe:/a:poppler:poppler:0.5.9", "cpe:/a:poppler:poppler:0.1.2", "cpe:/a:poppler:poppler:0.10.2", "cpe:/a:foolabs:xpdf:3.00", "cpe:/a:poppler:poppler:0.3.3", "cpe:/a:poppler:poppler:0.11.3", "cpe:/a:poppler:poppler:0.4.4", "cpe:/a:foolabs:xpdf:3.01", "cpe:/a:poppler:poppler:0.10.6", "cpe:/a:poppler:poppler:0.7.1", "cpe:/a:foolabs:xpdf:3.02pl3", "cpe:/a:foolabs:xpdf:3.02pl1", "cpe:/a:poppler:poppler:0.5.2", "cpe:/a:poppler:poppler:0.10.1", "cpe:/a:poppler:poppler:0.4.0", "cpe:/a:poppler:poppler:0.8.6", "cpe:/a:poppler:poppler:0.6.2", "cpe:/a:poppler:poppler:0.11.2", "cpe:/a:poppler:poppler:0.8.4", "cpe:/a:poppler:poppler:0.4.2", "cpe:/a:poppler:poppler:0.5.4", "cpe:/a:poppler:poppler:0.8.1", "cpe:/a:poppler:poppler:0.6.0", "cpe:/a:poppler:poppler:0.7.2", "cpe:/a:poppler:poppler:0.1", "cpe:/a:poppler:poppler:0.3.2", "cpe:/a:poppler:poppler:0.11.0", "cpe:/a:poppler:poppler:0.3.0", "cpe:/a:poppler:poppler:0.10.0", "cpe:/a:poppler:poppler:0.10.3", "cpe:/a:poppler:poppler:0.8.3", "cpe:/a:poppler:poppler:0.9.0", "cpe:/a:poppler:poppler:0.4.1", "cpe:/a:poppler:poppler:0.2.0", "cpe:/a:poppler:poppler:0.11.1", "cpe:/a:poppler:poppler:0.10.4", "cpe:/a:poppler:poppler:0.10.7", "cpe:/a:poppler:poppler:0.8.7", "cpe:/a:poppler:poppler:0.6.1", "cpe:/a:foolabs:xpdf:3.02pl2", "cpe:/a:poppler:poppler:0.6.4", "cpe:/a:poppler:poppler:0.1.1", "cpe:/a:poppler:poppler:0.9.2", "cpe:/a:poppler:poppler:0.6.3", "cpe:/a:poppler:poppler:0.7.0", "cpe:/a:poppler:poppler:0.8.2"], "id": "CVE-2009-3608", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3608", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-09-19T13:36:40", "references": ["http://www.ubuntu.com/usn/USN-850-3", "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035399.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2009:287", "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021706.1-1", "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl4.patch", "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00750.html", "http://www.mandriva.com/security/advisories?name=MDVSA-2011:175", "https://rhn.redhat.com/errata/RHSA-2009-1502.html", "https://rhn.redhat.com/errata/RHSA-2009-1512.html", "http://www.vupen.com/english/advisories/2010/0802", "http://site.pi3.com.pl/adv/xpdf.txt", "http://www.vupen.com/english/advisories/2010/1040", "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035408.html", "http://sunsolve.sun.com/search/document.do?assetkey=1-66-274030-1", "http://securitytracker.com/id?1023029", "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035340.html", "http://www.debian.org/security/2010/dsa-2050", "http://www.securityfocus.com/bid/36703", "https://rhn.redhat.com/errata/RHSA-2009-1501.html", "http://www.vupen.com/english/advisories/2009/2928", "http://www.vupen.com/english/advisories/2010/1220", "https://rhn.redhat.com/errata/RHSA-2009-1500.html", "https://exchange.xforce.ibmcloud.com/vulnerabilities/53795", "http://www.ubuntu.com/usn/USN-850-1", "https://bugzilla.redhat.com/show_bug.cgi?id=526911", "http://www.mandriva.com/security/advisories?name=MDVSA-2010:087", "http://cgit.freedesktop.org/poppler/poppler/commit/?id=9cf2325fb2", "https://rhn.redhat.com/errata/RHSA-2009-1503.html", "http://www.debian.org/security/2010/dsa-2028", "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00784.html", "http://www.vupen.com/english/advisories/2009/2924", "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00004.html", "http://cgit.freedesktop.org/poppler/poppler/diff/?id=284a928996&id2=75c3466ba2"], "description": "The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before 3.02pl4, and Poppler 0.x, as used in GPdf and kdegraphics KPDF, does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document that triggers a NULL pointer dereference or a heap-based buffer overflow.", "edition": 3, "reporter": "NVD", "published": "2009-10-21T13:30:00", "title": "CVE-2009-3604", "type": "cve", "enchantments": {"score": {"modified": "2017-09-19T13:36:40", "vector": "NONE", "value": 6.8}}, "assessment": {"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:10969", "href": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10969"}, "bulletinFamily": "NVD", "cvelist": ["CVE-2009-3604"], "scanner": [{"system": "http://oval.mitre.org/XMLSchema/oval-definitions-5", "name": "oval:org.mitre.oval:def:10969", "href": "http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:10969"}], "modified": "2017-09-18T21:29:41", "cpe": ["cpe:/a:poppler:poppler:0.9.3", "cpe:/a:poppler:poppler:0.5.1", "cpe:/a:poppler:poppler:0.12.0", "cpe:/a:foolabs:xpdf:2.00", "cpe:/a:poppler:poppler:0.4.3", "cpe:/a:poppler:poppler:0.9.1", "cpe:/a:poppler:poppler:0.5.0", "cpe:/a:poppler:poppler:0.7.3", "cpe:/a:poppler:poppler:0.10.5", "cpe:/a:foolabs:xpdf:2.01", "cpe:/a:poppler:poppler:0.3.1", "cpe:/a:foolabs:xpdf:3.02", "cpe:/a:poppler:poppler:0.5.3", "cpe:/a:poppler:poppler:0.8.0", "cpe:/a:poppler:poppler:0.5.9", "cpe:/a:poppler:poppler:0.1.2", "cpe:/a:poppler:poppler:0.10.2", "cpe:/a:foolabs:xpdf:3.00", "cpe:/a:poppler:poppler:0.3.3", "cpe:/a:poppler:poppler:0.11.3", "cpe:/a:poppler:poppler:0.4.4", "cpe:/a:foolabs:xpdf:3.01", "cpe:/a:poppler:poppler:0.10.6", "cpe:/a:poppler:poppler:0.7.1", "cpe:/a:foolabs:xpdf:3.02pl3", "cpe:/a:foolabs:xpdf:3.02pl1", "cpe:/a:poppler:poppler:0.5.2", "cpe:/a:poppler:poppler:0.10.1", "cpe:/a:poppler:poppler:0.4.0", "cpe:/a:poppler:poppler:0.8.6", "cpe:/a:poppler:poppler:0.6.2", "cpe:/a:poppler:poppler:0.8.5", "cpe:/a:poppler:poppler:0.11.2", "cpe:/a:poppler:poppler:0.8.4", "cpe:/a:poppler:poppler:0.4.2", "cpe:/a:poppler:poppler:0.5.4", "cpe:/a:poppler:poppler:0.8.1", "cpe:/a:poppler:poppler:0.5.90", "cpe:/a:poppler:poppler:0.6.0", "cpe:/a:poppler:poppler:0.7.2", "cpe:/a:poppler:poppler:0.1", "cpe:/a:poppler:poppler:0.3.2", "cpe:/a:poppler:poppler:0.11.0", "cpe:/a:poppler:poppler:0.3.0", "cpe:/a:poppler:poppler:0.10.0", "cpe:/a:poppler:poppler:0.10.3", "cpe:/a:poppler:poppler:0.8.3", "cpe:/a:poppler:poppler:0.9.0", "cpe:/a:poppler:poppler:0.4.1", "cpe:/a:poppler:poppler:0.2.0", "cpe:/a:poppler:poppler:0.11.1", "cpe:/a:poppler:poppler:0.10.4", "cpe:/a:foolabs:xpdf:2.03", "cpe:/a:poppler:poppler:0.10.7", "cpe:/a:poppler:poppler:0.8.7", "cpe:/a:poppler:poppler:0.6.1", "cpe:/a:foolabs:xpdf:2.02", "cpe:/a:poppler:poppler:0.5.91", "cpe:/a:foolabs:xpdf:3.02pl2", "cpe:/a:poppler:poppler:0.6.4", "cpe:/a:poppler:poppler:0.1.1", "cpe:/a:poppler:poppler:0.9.2", "cpe:/a:poppler:poppler:0.6.3", "cpe:/a:poppler:poppler:0.7.0", "cpe:/a:poppler:poppler:0.8.2"], "id": "CVE-2009-3604", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3604", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "debian": [{"lastseen": "2018-10-16T22:14:36", "references": [], "affectedPackage": [{"OS": "Debian", "OSVersion": "5", "packageVersion": "3.02-1.4+lenny2", "arch": "all", "packageFilename": "xpdf_3.02-1.4+lenny2_all.deb", "packageName": "xpdf", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "3.02-1.4+lenny2", "arch": "all", "packageFilename": "xpdf-reader_3.02-1.4+lenny2_all.deb", "packageName": "xpdf-reader", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "3.02-1.4+lenny2", "arch": "all", "packageFilename": "xpdf-utils_3.02-1.4+lenny2_all.deb", "packageName": "xpdf-utils", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "3.02-1.4+lenny2", "arch": "all", "packageFilename": "xpdf-common_3.02-1.4+lenny2_all.deb", "packageName": "xpdf-common", "operator": "lt"}], "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA-2028-1 security@debian.org\nhttp://www.debian.org/security/ Luciano Bello\nApril 5th, 2010 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : xpdf\nVulnerability : multiple\nProblem type : local (remote)\nDebian-specific: no\nDebian bug : 551287\nCVE ID : CVE-2009-1188 CVE-2009-3603 CVE-2009-3604 CVE-2009-3606\n CVE-2009-3608 CVE-2009-3609\n\nSeveral vulnerabilities have been identified in xpdf, a suite of tools for\nviewing and converting Portable Document Format (PDF) files.\n\nThe Common Vulnerabilities and Exposures project identifies the following\nproblems:\n\nCVE-2009-1188 and CVE-2009-3603\n\n Integer overflow in SplashBitmap::SplashBitmap which might allow remote\n attackers to execute arbitrary code or an application crash via a crafted\n PDF document.\n\nCVE-2009-3604\n\n NULL pointer dereference or heap-based buffer overflow in\n Splash::drawImage which might allow remote attackers to cause a denial\n of service (application crash) or possibly execute arbitrary code via\n a crafted PDF document.\n\nCVE-2009-3606\n\n Integer overflow in the PSOutputDev::doImageL1Sep which might allow\n remote attackers to execute arbitrary code via a crafted PDF document.\n\nCVE-2009-3608\n\n Integer overflow in the ObjectStream::ObjectStream which might allow \n remote attackers to execute arbitrary code via a crafted PDF document.\n\nCVE-2009-3609\n\n Integer overflow in the ImageStream::ImageStream which might allow \n remote attackers to cause a denial of service via a crafted PDF\n document.\n\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 3.02-1.4+lenny2.\n\nFor the testing distribution (squeeze), this problem will be fixed soon.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 3.02-2.\n\n\nUpgrade instructions\n- ---------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nDebian (stable)\n- ---------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.02.orig.tar.gz\n Size/MD5 checksum: 674912 599dc4cc65a07ee868cf92a667a913d2\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.02-1.4+lenny2.diff.gz\n Size/MD5 checksum: 44597 d25be5fd97c9d9171db95025b7c32c5a\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.02-1.4+lenny2.dsc\n Size/MD5 checksum: 1274 6cffe3ed50825b5a2746b71c4bd073ac\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.02-1.4+lenny2_all.deb\n Size/MD5 checksum: 1270 6a4da9738ca93522b57cafadb598ca65\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-common_3.02-1.4+lenny2_all.deb\n Size/MD5 checksum: 66414 24f28ede9dcaeeb2b7aa24b9603496be\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny2_alpha.deb\n Size/MD5 checksum: 1019484 8d91cca64026c90667b2d29a94190892\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny2_alpha.deb\n Size/MD5 checksum: 1895246 cf7dc335f3e5987577ad3559a44f0666\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny2_amd64.deb\n Size/MD5 checksum: 922594 1ce29c4e15fe4600f557e8d055f5b203\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny2_amd64.deb\n Size/MD5 checksum: 1709600 989f4f4a09b07c4d08d4b69456e6e8bd\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny2_arm.deb\n Size/MD5 checksum: 907674 b058407dae72e49939662466b3e3d139\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny2_arm.deb\n Size/MD5 checksum: 1667592 ebd3ae168496645940066041e51c0e32\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny2_armel.deb\n Size/MD5 checksum: 1603124 4f79ec52afae68ee081ee2073180878e\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny2_armel.deb\n Size/MD5 checksum: 886136 38594fe36b0a657a3d91ba2ec7fd74ac\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny2_hppa.deb\n Size/MD5 checksum: 1076874 054d6b1dee7af918c16a4d30e6a8edf1\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny2_hppa.deb\n Size/MD5 checksum: 1986502 e895007daa18a3aecb13d84b832799e0\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny2_i386.deb\n Size/MD5 checksum: 1611516 c73e47d9c96298940bd458c7e8879209\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny2_i386.deb\n Size/MD5 checksum: 876446 c6e9ebb6d5873552e886e33d92aa4f49\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny2_ia64.deb\n Size/MD5 checksum: 1379452 9534f82bd859fe271a7013a9bc5a3502\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny2_ia64.deb\n Size/MD5 checksum: 2518368 a79b724d1f0624272cdd991ea24a5123\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny2_powerpc.deb\n Size/MD5 checksum: 969642 e30c3db71091c2e541bfd6d59716e83e\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny2_powerpc.deb\n Size/MD5 checksum: 1789344 a2211808b5cb72323794021645a86219\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny2_s390.deb\n Size/MD5 checksum: 1599976 4e80942805965de01fc5e55a80d56fdd\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny2_s390.deb\n Size/MD5 checksum: 872780 d0a544f22acb33fe4736722b57099200\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1.4+lenny2_sparc.deb\n Size/MD5 checksum: 1586464 6dfc41a2556f6b7f040fc0fd4e302906\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1.4+lenny2_sparc.deb\n Size/MD5 checksum: 864188 7e473a78134f7209dd729cf5471a5463\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show &lt;pkg&gt;&#x27; and http://packages.debian.org/&lt;pkg&gt;\n", "edition": 1, "reporter": "Debian", "published": "2010-04-05T15:24:30", "title": "[SECURITY] [DSA 2028-1] New xpdf packages fix several vulnerabilities", "type": "debian", "enchantments": {"score": {"modified": "2018-10-16T22:14:36", "vector": "NONE", "value": 6.8}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-1188", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3609"], "modified": "2010-04-05T15:24:30", "id": "DEBIAN:DSA-2028-1:2EE25", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2010/msg00068.html", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-10-16T22:14:07", "references": [], "affectedPackage": [{"OS": "Debian", "OSVersion": "5", "packageVersion": "4:3.5.9-3+lenny3", "arch": "all", "packageFilename": "kview_4:3.5.9-3+lenny3_all.deb", "packageName": "kview", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "4:3.5.9-3+lenny3", "arch": "all", "packageFilename": "libkscan1_4:3.5.9-3+lenny3_all.deb", "packageName": "libkscan1", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "4:3.5.9-3+lenny3", "arch": "all", "packageFilename": "kgamma_4:3.5.9-3+lenny3_all.deb", "packageName": "kgamma", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "4:3.5.9-3+lenny3", "arch": "all", "packageFilename": "kviewshell_4:3.5.9-3+lenny3_all.deb", "packageName": "kviewshell", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "4:3.5.9-3+lenny3", "arch": "all", "packageFilename": "kcoloredit_4:3.5.9-3+lenny3_all.deb", "packageName": "kcoloredit", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "4:3.5.9-3+lenny3", "arch": "all", "packageFilename": "kooka_4:3.5.9-3+lenny3_all.deb", "packageName": "kooka", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "4:3.5.9-3+lenny3", "arch": "all", "packageFilename": "kamera_4:3.5.9-3+lenny3_all.deb", "packageName": "kamera", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "4:3.5.9-3+lenny3", "arch": "all", "packageFilename": "kuickshow_4:3.5.9-3+lenny3_all.deb", "packageName": "kuickshow", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "4:3.5.9-3+lenny3", "arch": "all", "packageFilename": "kpdf_4:3.5.9-3+lenny3_all.deb", "packageName": "kpdf", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "4:3.5.9-3+lenny3", "arch": "all", "packageFilename": "kfaxview_4:3.5.9-3+lenny3_all.deb", "packageName": "kfaxview", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "4:3.5.9-3+lenny3", "arch": "all", "packageFilename": "libkscan-dev_4:3.5.9-3+lenny3_all.deb", "packageName": "libkscan-dev", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "4:3.5.9-3+lenny3", "arch": "all", "packageFilename": "kdegraphics-kfile-plugins_4:3.5.9-3+lenny3_all.deb", "packageName": "kdegraphics-kfile-plugins", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "4:3.5.9-3+lenny3", "arch": "all", "packageFilename": "kghostview_4:3.5.9-3+lenny3_all.deb", "packageName": "kghostview", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "4:3.5.9-3+lenny3", "arch": "all", "packageFilename": "kfax_4:3.5.9-3+lenny3_all.deb", "packageName": "kfax", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "4:3.5.9-3+lenny3", "arch": "all", "packageFilename": "kiconedit_4:3.5.9-3+lenny3_all.deb", "packageName": "kiconedit", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "4:3.5.9-3+lenny3", "arch": "all", "packageFilename": "kruler_4:3.5.9-3+lenny3_all.deb", "packageName": "kruler", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "4:3.5.9-3+lenny3", "arch": "all", "packageFilename": "kdegraphics-dbg_4:3.5.9-3+lenny3_all.deb", "packageName": "kdegraphics-dbg", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "4:3.5.9-3+lenny3", "arch": "all", "packageFilename": "kdegraphics-doc-html_4:3.5.9-3+lenny3_all.deb", "packageName": "kdegraphics-doc-html", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "4:3.5.9-3+lenny3", "arch": "all", "packageFilename": "kmrml_4:3.5.9-3+lenny3_all.deb", "packageName": "kmrml", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "4:3.5.9-3+lenny3", "arch": "all", "packageFilename": "kpovmodeler_4:3.5.9-3+lenny3_all.deb", "packageName": "kpovmodeler", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "4:3.5.9-3+lenny3", "arch": "all", "packageFilename": "kdegraphics_4:3.5.9-3+lenny3_all.deb", "packageName": "kdegraphics", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "4:3.5.9-3+lenny3", "arch": "all", "packageFilename": "kdvi_4:3.5.9-3+lenny3_all.deb", "packageName": "kdvi", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "4:3.5.9-3+lenny3", "arch": "all", "packageFilename": "kolourpaint_4:3.5.9-3+lenny3_all.deb", "packageName": "kolourpaint", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "4:3.5.9-3+lenny3", "arch": "all", "packageFilename": "kdegraphics-dev_4:3.5.9-3+lenny3_all.deb", "packageName": "kdegraphics-dev", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "4:3.5.9-3+lenny3", "arch": "all", "packageFilename": "ksvg_4:3.5.9-3+lenny3_all.deb", "packageName": "ksvg", "operator": "lt"}, {"OS": "Debian", "OSVersion": "5", "packageVersion": "4:3.5.9-3+lenny3", "arch": "all", "packageFilename": "ksnapshot_4:3.5.9-3+lenny3_all.deb", "packageName": "ksnapshot", "operator": "lt"}], "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-2050-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nMay 24, 2010 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : kdegraphics\nVulnerability : several\nProblem type : local(remote)\nDebian-specific: no\nCVE Id(s) : CVE-2009-1188 CVE-2009-3603 CVE-2009-3604 CVE-2009-3606 CVE-2009-3608 CVE-2009-3609\n\nSeveral local vulnerabilities have been discovered in KPDF, a PDF viewer\nfor KDE, which allow the execution of arbitrary code or denial of \nservice if a user is tricked into opening a crafted PDF document.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 4:3.5.9-3+lenny3.\n\nThe unstable distribution (sid) no longer contains kpdf. It&#x27;s replacement,\nOkular, links against the poppler PDF library.\n\nWe recommend that you upgrade your kdegraphics packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics_3.5.9-3+lenny3.diff.gz\n Size/MD5 checksum: 331735 eb19c67b63df9bea8113c6ce0570f99b\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics_3.5.9-3+lenny3.dsc\n Size/MD5 checksum: 2100 4332314f48c3583068f8a4144d4c1e4d\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics_3.5.9.orig.tar.gz\n Size/MD5 checksum: 9058343 d66472f22db2dc5b706ed4f52d9b16f5\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics_3.5.9-3+lenny3_all.deb\n Size/MD5 checksum: 14088 db2f2157980256b214726dd8d285cf9c\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-doc-html_3.5.9-3+lenny3_all.deb\n Size/MD5 checksum: 146838 f3b12df069df5e721bbae57fe4a0fb10\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny3_alpha.deb\n Size/MD5 checksum: 1426340 d87a0e5f0442b7fc64dc31d27be094b2\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny3_alpha.deb\n Size/MD5 checksum: 507416 f4b8e0f7d541a103209d9e78aad3019c\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny3_alpha.deb\n Size/MD5 checksum: 2414178 164a5f542ca883185f83b28ce96a8215\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny3_alpha.deb\n Size/MD5 checksum: 331616 495d561d9ad550890dbac900c114aa8d\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny3_alpha.deb\n Size/MD5 checksum: 62098 0147890917b354e67765f26f70515690\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny3_alpha.deb\n Size/MD5 checksum: 147112 b10356b326bd4b40ca61edbeac8a2367\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny3_alpha.deb\n Size/MD5 checksum: 1136886 6fb9148b54b3227df55204c5f278f6a7\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny3_alpha.deb\n Size/MD5 checksum: 252536 39ea86786322108507e7517595d5f315\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny3_alpha.deb\n Size/MD5 checksum: 110180 3051edb3012f0959eaa99356234ecefd\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny3_alpha.deb\n Size/MD5 checksum: 445578 fe3a6bce17c1aebc0d6b13ff18cc3e9e\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny3_alpha.deb\n Size/MD5 checksum: 547246 8a6cd8c49cfe527f3e7ab27294d8895d\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny3_alpha.deb\n Size/MD5 checksum: 113248 4cffc9361cd05d4bc35af2173a0bec36\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny3_alpha.deb\n Size/MD5 checksum: 772790 e8eff7f950f54450e2f0e6cbbdd8d34a\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny3_alpha.deb\n Size/MD5 checksum: 902622 42ab9a2b41f0288cfb9fef469b9a3194\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny3_alpha.deb\n Size/MD5 checksum: 13916 aade82b188cec70d7ad505291c73f258\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny3_alpha.deb\n Size/MD5 checksum: 77740 05db5a4ae080528ea3a07ccd1114e6d6\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny3_alpha.deb\n Size/MD5 checksum: 152308 495305953a72a3296eca760b562ccba8\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny3_alpha.deb\n Size/MD5 checksum: 173962 10a70f8016dba32e295e011ae6ccc4be\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny3_alpha.deb\n Size/MD5 checksum: 253144 25d936fb5b3045f89b4d5af9d92e286f\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny3_alpha.deb\n Size/MD5 checksum: 34270914 41a064d04087322673f37b6e3494c25b\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny3_alpha.deb\n Size/MD5 checksum: 191444 e4eb8865295b49a1cb7685e390a458d1\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny3_alpha.deb\n Size/MD5 checksum: 94560 ae359561ed746dff52f5cdbed7542a55\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny3_alpha.deb\n Size/MD5 checksum: 950404 dfd473f83b31221fd2e6cc7e3f15dc0b\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny3_alpha.deb\n Size/MD5 checksum: 94732 ea771eccd96a22da001c7afc3029694e\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny3_amd64.deb\n Size/MD5 checksum: 106804 6dc76fbea4a2777f2d6a1b4201dd36f7\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny3_amd64.deb\n Size/MD5 checksum: 547424 3b67512672959ef69614961ff3c799ce\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny3_amd64.deb\n Size/MD5 checksum: 143804 9ed1c36cb3af3ef47a2cf01b146f45e9\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny3_amd64.deb\n Size/MD5 checksum: 65120 e41678b500fd7c44b9a07e3d1de11876\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny3_amd64.deb\n Size/MD5 checksum: 430820 ba26f24a85da494507d4138647957e68\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny3_amd64.deb\n Size/MD5 checksum: 97346 4756890cb70b2b3cf7a88637567e1de8\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny3_amd64.deb\n Size/MD5 checksum: 242858 002b74650ae339cf5018d116bf89711e\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny3_amd64.deb\n Size/MD5 checksum: 291218 048c96dee800bf45aa572cb7fd750217\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny3_amd64.deb\n Size/MD5 checksum: 900856 fa42d6ec515e66f6f7b61901c008cc35\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny3_amd64.deb\n Size/MD5 checksum: 249424 9d08b1fc0a7bab9bec63d8cd8905f270\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny3_amd64.deb\n Size/MD5 checksum: 112844 6dfcc9dd87d256a027de232b46e06ca3\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny3_amd64.deb\n Size/MD5 checksum: 172410 6d6d3c1573740d33cd0d223c61b5948f\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny3_amd64.deb\n Size/MD5 checksum: 145934 9fcbea2c9809d9ec7f858232897aea40\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny3_amd64.deb\n Size/MD5 checksum: 77136 82f1a5939542be1fe346e9c1ae62cdbc\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny3_amd64.deb\n Size/MD5 checksum: 13914 18aad801ef60765b96a13458a2e4620e\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny3_amd64.deb\n Size/MD5 checksum: 866160 1847d9588c0f0f34bbf54c0d3ba409ce\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny3_amd64.deb\n Size/MD5 checksum: 2353108 ceff80335b6d2b3c65046de3de0ab816\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny3_amd64.deb\n Size/MD5 checksum: 775622 270ecedc148e04a2bbab35ad54c5b6f7\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny3_amd64.deb\n Size/MD5 checksum: 498616 85a183c7bb09c89c3d7609175bf5d441\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny3_amd64.deb\n Size/MD5 checksum: 91636 38ab3eedf1b9708ebd2c5c0bd7d7d851\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny3_amd64.deb\n Size/MD5 checksum: 1108444 36ad344421a7296169f681b3fceac04c\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny3_amd64.deb\n Size/MD5 checksum: 1259516 b2b4cd142ab0904b1907a42a61a75389\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny3_amd64.deb\n Size/MD5 checksum: 25784708 feefc05bded568ef7ba422014f140e02\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny3_amd64.deb\n Size/MD5 checksum: 183798 c8b5638afc58436d3266a67137d7b065\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny3_arm.deb\n Size/MD5 checksum: 228006 e6b2b583dd58c96fc3c6951212188ed9\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny3_arm.deb\n Size/MD5 checksum: 163570 8a531ab84e4b7983b5a9e1486ceba3cf\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny3_arm.deb\n Size/MD5 checksum: 124136 a326f6d76e7a039a80c714414f975b15\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny3_arm.deb\n Size/MD5 checksum: 137916 cf5e01c7cf65a7a1e051635e5b26d068\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny3_arm.deb\n Size/MD5 checksum: 1224806 b624c1277645f9b1d2a02215f299d45a\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny3_arm.deb\n Size/MD5 checksum: 218408 9b39055fc49190e95ba36c2b518340fe\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny3_arm.deb\n Size/MD5 checksum: 394228 62700492c67e49e4fa22a782d1264dc5\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny3_arm.deb\n Size/MD5 checksum: 97866 f9baa79080054ed57b02f25ecdce88cb\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny3_arm.deb\n Size/MD5 checksum: 746668 41a7dd17eaada953ab75a251f053d6ef\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny3_arm.deb\n Size/MD5 checksum: 2150916 af5c3a49a6f259b87f1714a66d4bf357\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny3_arm.deb\n Size/MD5 checksum: 1043808 61ca6bbc2630542a1fdda00b0eb66eb2\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny3_arm.deb\n Size/MD5 checksum: 754498 337c09c10421c1587c3dcb6200996bd9\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny3_arm.deb\n Size/MD5 checksum: 71072 8e3dceacf2cf3e118ec7a42b4d30a4c1\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny3_arm.deb\n Size/MD5 checksum: 103046 614a5d2001e6c5f245879b2469c0b0da\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny3_arm.deb\n Size/MD5 checksum: 13932 d95477f17c81a2e2556958de62a17e74\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny3_arm.deb\n Size/MD5 checksum: 33565280 b8a6d84a5b7a0205f5bf4e6f5bd6861b\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny3_arm.deb\n Size/MD5 checksum: 162716 67ffd6ff9363a91a4054357670728338\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny3_arm.deb\n Size/MD5 checksum: 94420 9ec2860c4c7389f3fd8e0599ff151c30\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny3_arm.deb\n Size/MD5 checksum: 58826 56b5ca31acb8abff4d546f5fe220b64c\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny3_arm.deb\n Size/MD5 checksum: 481148 3a7824da66d19036ef274218b60e1065\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny3_arm.deb\n Size/MD5 checksum: 252118 014aa67f4c10944d8c353972420179c4\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny3_arm.deb\n Size/MD5 checksum: 84214 03700b56fd39870412e69b8da76a2a31\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny3_arm.deb\n Size/MD5 checksum: 526358 4566b914a86de0f0321f3df4d848ac93\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny3_arm.deb\n Size/MD5 checksum: 773292 f14f206741bcc6320d33b09aa6563718\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny3_armel.deb\n Size/MD5 checksum: 756128 9935099bef70e2a87edc2e59518f3e1e\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny3_armel.deb\n Size/MD5 checksum: 483076 ca300a0a93792fafe221be3a7e271a9e\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny3_armel.deb\n Size/MD5 checksum: 33023016 e771626419b21cb8e07776ed4e9eabaa\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny3_armel.deb\n Size/MD5 checksum: 164082 35726114623ec484847e998f3ddd2886\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny3_armel.deb\n Size/MD5 checksum: 1047808 4119ac45523d2c532ced7dd0128b5548\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny3_armel.deb\n Size/MD5 checksum: 803896 378537e11ed7c125546419fe57013e47\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny3_armel.deb\n Size/MD5 checksum: 239992 7cf551c8c903642edf4f2433f2892563\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny3_armel.deb\n Size/MD5 checksum: 2170534 fcda8df47940f0f7bf03d77533f6a68d\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny3_armel.deb\n Size/MD5 checksum: 71562 4ed2196a13fd1e4827b1352ef18866d6\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny3_armel.deb\n Size/MD5 checksum: 83598 3d608aea9ba9d344e7504c1cda805635\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny3_armel.deb\n Size/MD5 checksum: 218108 6cd30a50ab8c60f29d7e2bdf59583f19\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny3_armel.deb\n Size/MD5 checksum: 59526 e91ddd42b6fbad3ac474890ef9c03f54\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny3_armel.deb\n Size/MD5 checksum: 98060 2082fff416b3bae15594a414d244d868\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny3_armel.deb\n Size/MD5 checksum: 228118 433ceba4d9ae414f6a7447b221f83352\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny3_armel.deb\n Size/MD5 checksum: 101880 24f0684ebec7eb88fae2a5afc274dd22\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny3_armel.deb\n Size/MD5 checksum: 748338 8e9c15c3ad9d68695ff1f6d99e24c77c\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny3_armel.deb\n Size/MD5 checksum: 125200 d2f3d96cac359767ab870033a1a31953\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny3_armel.deb\n Size/MD5 checksum: 136956 697254d1bfec365023f04e89fa6f74cb\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny3_armel.deb\n Size/MD5 checksum: 94700 af55970146138350b93642f52ab01529\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny3_armel.deb\n Size/MD5 checksum: 386450 15627611136b761ccd2f8853fba3ad6a\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny3_armel.deb\n Size/MD5 checksum: 1052510 9a8ee4fe03cfa177cb51c33edb43d957\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny3_armel.deb\n Size/MD5 checksum: 527914 39c57a9a1062a6dbcc84c5f9524c2230\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny3_armel.deb\n Size/MD5 checksum: 13928 b5335ef22f269e12dd0f08348369161e\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny3_armel.deb\n Size/MD5 checksum: 166608 fc67db197ae1a47f6652958fabce2b0a\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny3_hppa.deb\n Size/MD5 checksum: 80216 748d43b3c110ef67119097ba6784c359\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny3_hppa.deb\n Size/MD5 checksum: 508872 9facce46663a5687bc37d3b15ab7abcb\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny3_hppa.deb\n Size/MD5 checksum: 26293712 781f2d43eb31c2fdc631c3208816d42f\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny3_hppa.deb\n Size/MD5 checksum: 889278 1a5a5d246e0d87023bda8326194b15bd\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny3_hppa.deb\n Size/MD5 checksum: 947172 df8ae806dd44dd9297004e7799bbac4c\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny3_hppa.deb\n Size/MD5 checksum: 761122 231ea78722de96b4f76dd778eb0f44f3\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny3_hppa.deb\n Size/MD5 checksum: 1131740 670d904f985c538a1a669c6ca36c18dc\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny3_hppa.deb\n Size/MD5 checksum: 2470202 007739344f6728541e5928ce8089a3e9\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny3_hppa.deb\n Size/MD5 checksum: 177428 eff81bec7180718f62a0b96554842ddf\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny3_hppa.deb\n Size/MD5 checksum: 60602 5359c15604067dad9cb15e1a5a829cc0\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny3_hppa.deb\n Size/MD5 checksum: 450052 dd985ad62b3ef82181e41a3a30b1d078\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny3_hppa.deb\n Size/MD5 checksum: 101974 93d0224a60a8ed5befc1327582ffb22c\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny3_hppa.deb\n Size/MD5 checksum: 96266 840a68924f01f05be49c203b737e3fd7\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny3_hppa.deb\n Size/MD5 checksum: 258502 e3b47ad95f0f4ea91bdf7480dd5f805c\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny3_hppa.deb\n Size/MD5 checksum: 95732 a262d13eb15d210059180e4e4d4c1632\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny3_hppa.deb\n Size/MD5 checksum: 111118 efd649ab4a38915a916a042664a3d200\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny3_hppa.deb\n Size/MD5 checksum: 559210 5846e3340e515e41e6f8c3fc404ac796\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny3_hppa.deb\n Size/MD5 checksum: 151764 9ed6d19eb7f1a630b0bb8083c0cb9b62\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny3_hppa.deb\n Size/MD5 checksum: 1383406 5731831641d5be54ddeddb6a1d3e8f7b\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny3_hppa.deb\n Size/MD5 checksum: 13928 2452c67c9c4f14db0c598a0f00773274\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny3_hppa.deb\n Size/MD5 checksum: 170172 18c0af0579bdfff6b998c25b318e7611\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny3_hppa.deb\n Size/MD5 checksum: 253258 ee98f3dd01fde5bb3ea23b4b1098880a\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny3_hppa.deb\n Size/MD5 checksum: 301464 7a4ae24b6c0c422d8ccce5e3918e0760\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny3_hppa.deb\n Size/MD5 checksum: 141096 e799d3dde0b5c75d75bda8a84facd9b2\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny3_i386.deb\n Size/MD5 checksum: 25305468 d0afb18086fecb2c5dce919ef6965ba6\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny3_i386.deb\n Size/MD5 checksum: 1069616 a805cca067ffdf8e81153561a32b1dc0\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny3_i386.deb\n Size/MD5 checksum: 538470 073406d2b9cd37f068f86212a1e689e6\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny3_i386.deb\n Size/MD5 checksum: 844186 c6e83f1304c076620ae650de74479820\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny3_i386.deb\n Size/MD5 checksum: 168506 72d32fe91101d788f2d2e2b643a39a97\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny3_i386.deb\n Size/MD5 checksum: 395088 740a060f1c3061876efb10b8f254e238\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny3_i386.deb\n Size/MD5 checksum: 489798 5157878e5374a32625e6ce368bc9425c\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny3_i386.deb\n Size/MD5 checksum: 62464 a6e7bb72a818065bc41b34effd952911\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny3_i386.deb\n Size/MD5 checksum: 255652 706119a8b534fdfad8e7a690dae3a425\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny3_i386.deb\n Size/MD5 checksum: 74884 fcd67e55d37a2ac328b4de1f55171c8d\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny3_i386.deb\n Size/MD5 checksum: 223448 d9e2fa61cdd323ce166ac7fa24246900\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny3_i386.deb\n Size/MD5 checksum: 108504 3001afb3289162360e509d29e41df5b8\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny3_i386.deb\n Size/MD5 checksum: 760636 c77f14fb70cf2fbaa668682fd76d6257\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny3_i386.deb\n Size/MD5 checksum: 236188 7870f361d063a2db96a9d329de7ec2e2\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny3_i386.deb\n Size/MD5 checksum: 94730 18a03aac49374ee66eeafc30854ade20\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny3_i386.deb\n Size/MD5 checksum: 13922 cb6a2e0bbaefacd07c796c7f1c375fa2\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny3_i386.deb\n Size/MD5 checksum: 88812 e0863f6267fdb2deb1785bb3fed37188\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny3_i386.deb\n Size/MD5 checksum: 1233534 bd0518695dff2525ba875bcad2a0fdf7\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny3_i386.deb\n Size/MD5 checksum: 132804 cb42ed02760402a4dc18e2c9b2279077\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny3_i386.deb\n Size/MD5 checksum: 99534 142c360fad179aaa488dd0f2285f7ae7\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny3_i386.deb\n Size/MD5 checksum: 141612 93dfff2c058d4a689b4eed9c763f9628\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny3_i386.deb\n Size/MD5 checksum: 809444 2fd841c2f6e5ee7b4b924179d713e9a3\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny3_i386.deb\n Size/MD5 checksum: 172952 8fb5734ef86811c273a0df5313b1548b\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny3_i386.deb\n Size/MD5 checksum: 2255778 5f864f77d55e940021c4af96805e446b\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny3_ia64.deb\n Size/MD5 checksum: 300734 28572b5f25e429cade69601a76ff1af7\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny3_ia64.deb\n Size/MD5 checksum: 216154 52a76b3234a66b0ec4167c353fc18f7f\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny3_ia64.deb\n Size/MD5 checksum: 489262 6900076fa098cc4a3a473a39afdf356d\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny3_ia64.deb\n Size/MD5 checksum: 818896 c317b6591aa8b735b751b2b56de6b666\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny3_ia64.deb\n Size/MD5 checksum: 616778 96718d2fc084d85bba0ea676003a0561\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny3_ia64.deb\n Size/MD5 checksum: 1256712 99342a24712959cfc06e3614a5c110da\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny3_ia64.deb\n Size/MD5 checksum: 2751012 bbabd6a6fe07f829f821cc9adbf97ed8\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny3_ia64.deb\n Size/MD5 checksum: 13914 fb88c5497cb421ecaa82371e1e011aaf\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny3_ia64.deb\n Size/MD5 checksum: 25367580 8003a413174da9946d2b45cdff8cc2b9\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny3_ia64.deb\n Size/MD5 checksum: 1493524 f64f460a808dfb47828cdb3eed314174\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny3_ia64.deb\n Size/MD5 checksum: 159492 3e76cd4dda7a001d21b998336a4e5b72\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny3_ia64.deb\n Size/MD5 checksum: 124712 185a56028d05a218643527c25fc7ab05\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny3_ia64.deb\n Size/MD5 checksum: 532554 b54af5bd4f353df81e2cef561897b945\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny3_ia64.deb\n Size/MD5 checksum: 383596 ba1a7efafff3bcb57bb9bd3c5f362579\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny3_ia64.deb\n Size/MD5 checksum: 1210936 903d7375c01bd62e6d91f104dcb9cb27\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny3_ia64.deb\n Size/MD5 checksum: 67212 7470482b67b4679a1f02b374d8f39a43\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny3_ia64.deb\n Size/MD5 checksum: 90000 48e7852ea6055c88abc3fc68b905898b\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny3_ia64.deb\n Size/MD5 checksum: 182514 721658519b55391f789e0057a4f51aa5\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny3_ia64.deb\n Size/MD5 checksum: 1171260 388964d72829c1561ee9887219bc2a53\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny3_ia64.deb\n Size/MD5 checksum: 294698 ef4fdae8a7ce517abc72e3bc417623b5\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny3_ia64.deb\n Size/MD5 checksum: 124710 e7a30554d63fed42fcaa9570edf5e3de\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny3_ia64.deb\n Size/MD5 checksum: 94724 2031c6a209c1b82f3e28c1681c4df53f\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny3_ia64.deb\n Size/MD5 checksum: 178956 ad4ae800a1c463d396b333b3455e3a9e\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny3_ia64.deb\n Size/MD5 checksum: 112226 3429ba0494a3e135836f3047216ca51d\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny3_mips.deb\n Size/MD5 checksum: 205776 09a46f2b1a4696265925d96289d2c954\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny3_mips.deb\n Size/MD5 checksum: 2117250 98e129ed50e7281949e1ba948ce4ff2e\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny3_mips.deb\n Size/MD5 checksum: 828192 cf30f9dc8b4e609a78aa7276565d979c\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny3_mips.deb\n Size/MD5 checksum: 177358 800ec95a1f9727446ced1d62ebbb84fc\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny3_mips.deb\n Size/MD5 checksum: 58732 461888ae1b72cf500d676210685cccf1\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny3_mips.deb\n Size/MD5 checksum: 1110366 b1a05b819bc495b97054e15f2edb1559\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny3_mips.deb\n Size/MD5 checksum: 757664 a67e42c3de1b75330b51c253ffa4af11\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny3_mips.deb\n Size/MD5 checksum: 749642 be99a70083200d9b9e433fc88f127b97\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny3_mips.deb\n Size/MD5 checksum: 222920 5eb577b72cccbad24d386f2ae8abd751\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny3_mips.deb\n Size/MD5 checksum: 104356 a8484cd92d25f83fd018da03a9af2111\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny3_mips.deb\n Size/MD5 checksum: 96108 78bb36ba0b0959a7a47a8e4f8a1c1db7\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny3_mips.deb\n Size/MD5 checksum: 124162 df9b74240fbc5797cc8d358e765c6f96\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny3_mips.deb\n Size/MD5 checksum: 100896 844150a4b067c172f4208a2992fde366\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny3_mips.deb\n Size/MD5 checksum: 169228 aaab39bcb4bc593936d3e96a2da3dd0e\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny3_mips.deb\n Size/MD5 checksum: 391840 f8e576b38fe0edfa81e8f0f12c6c3c40\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny3_mips.deb\n Size/MD5 checksum: 13922 52613b650ea8f510a072389d1e6e2220\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny3_mips.deb\n Size/MD5 checksum: 519360 6cd3f3b8589467ff3bb9f648e5da1aa8\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny3_mips.deb\n Size/MD5 checksum: 83680 88d89a64940b4e70db9e2765ed396b87\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny3_mips.deb\n Size/MD5 checksum: 249938 142be89615e0311d75cc157bd6abe27e\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny3_mips.deb\n Size/MD5 checksum: 71352 c2be77da86c2ca24a2d1ce812c913519\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny3_mips.deb\n Size/MD5 checksum: 26712818 d4cf9db64a7dea043cccbdd7c2338d1c\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny3_mips.deb\n Size/MD5 checksum: 481564 d6f7072988b2e26f6e44f736dfb34cae\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny3_mips.deb\n Size/MD5 checksum: 1090892 674d351fbb74c4addb57efe0c4b1b50d\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny3_mips.deb\n Size/MD5 checksum: 139708 96df043f4cb00dc3385c5b2733eceb9c\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny3_mipsel.deb\n Size/MD5 checksum: 138988 deed7cd133c26da5fa0e8975a36f2a2c\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny3_mipsel.deb\n Size/MD5 checksum: 814156 7b59e58e6fcba2db91731d7424a5d2fe\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny3_mipsel.deb\n Size/MD5 checksum: 169024 251efa6334a9479e341210a63eb5a9d7\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny3_mipsel.deb\n Size/MD5 checksum: 391628 691e88c43cfa33648a150ba0f7b51318\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny3_mipsel.deb\n Size/MD5 checksum: 746272 901f4bb96254f028558061a8e6ae99d1\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny3_mipsel.deb\n Size/MD5 checksum: 242124 3f8dca1ad2d544cf0ab2b63cf00a5db8\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny3_mipsel.deb\n Size/MD5 checksum: 2100336 a8f21b235703e1e92d9bb83fac1dace6\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny3_mipsel.deb\n Size/MD5 checksum: 755876 f1e43e33b508a77b21c0d51e50a2b2ba\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny3_mipsel.deb\n Size/MD5 checksum: 479862 17992b21234ff40bf3e25ff91d10c0a7\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny3_mipsel.deb\n Size/MD5 checksum: 59034 6ad334aeffa4cbc9635c2912d7b7ee0b\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny3_mipsel.deb\n Size/MD5 checksum: 13922 c8dfe29856ed40bf2b57ccbc7ff08d98\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny3_mipsel.deb\n Size/MD5 checksum: 205010 6b34688e005428619dc0ceed6b6be703\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny3_mipsel.deb\n Size/MD5 checksum: 103284 f676581b6a6db54b24667fdb29a56454\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny3_mipsel.deb\n Size/MD5 checksum: 100296 f5cce08919fa5a94f603794eb0a36d53\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny3_mipsel.deb\n Size/MD5 checksum: 71362 38371caca25c52c091992f796da7b51d\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny3_mipsel.deb\n Size/MD5 checksum: 176302 910a27cde9019f095068766fc3296ca9\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny3_mipsel.deb\n Size/MD5 checksum: 97524 84aaf7ae11d3a1be931a99da495f28c3\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny3_mipsel.deb\n Size/MD5 checksum: 1107428 d346ffe2d0a303e20e8f16a5b73f70ef\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny3_mipsel.deb\n Size/MD5 checksum: 220448 e8146f56e60adfa8849f8329dfbab80b\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny3_mipsel.deb\n Size/MD5 checksum: 82704 48a228b6a59863b53e80ec825cb3d903\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny3_mipsel.deb\n Size/MD5 checksum: 1062550 59fcbdc2507945518c305a2d985e3334\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny3_mipsel.deb\n Size/MD5 checksum: 519062 9692d6e7b5d1a98827b6b81615ffe932\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny3_mipsel.deb\n Size/MD5 checksum: 122546 1151088c9f0c762a4dec0120520e8150\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny3_mipsel.deb\n Size/MD5 checksum: 25692790 c9b6109cdb94a6d90672a2e891ebf832\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny3_powerpc.deb\n Size/MD5 checksum: 1326840 2ec2c1bc990e9abb0beaa989bf9849a4\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny3_powerpc.deb\n Size/MD5 checksum: 109436 181b899bbe98330085eeced5a11633e1\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny3_powerpc.deb\n Size/MD5 checksum: 860656 582e17ddfe8d9647028fba69b945ec2e\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny3_powerpc.deb\n Size/MD5 checksum: 774376 4b53e3fa1b57c3966ab8ace673c268d1\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny3_powerpc.deb\n Size/MD5 checksum: 247376 3622102eeda4ee767f05fa4ee440d59e\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny3_powerpc.deb\n Size/MD5 checksum: 13936 0d81e4e73c0860a3877d3a55e9e308bb\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny3_powerpc.deb\n Size/MD5 checksum: 97582 f03575a8469d475023db47245ac50e7f\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny3_powerpc.deb\n Size/MD5 checksum: 116366 c94b0bef5fc28320865285672ea9a0a3\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny3_powerpc.deb\n Size/MD5 checksum: 245298 2a7df1900254fc78bb742a33562c5712\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny3_powerpc.deb\n Size/MD5 checksum: 148348 eb643db9dc6e17086664c67394243471\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny3_powerpc.deb\n Size/MD5 checksum: 890752 bb6cafe840e0022bbc5419221e8f8dd3\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny3_powerpc.deb\n Size/MD5 checksum: 499926 7413160bcf426330e9ac0bdf6223dcd9\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny3_powerpc.deb\n Size/MD5 checksum: 323888 43a4cd576987d24525fadd341534d053\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny3_powerpc.deb\n Size/MD5 checksum: 443654 6a3b824bf504721f9a462db5f36e62b0\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny3_powerpc.deb\n Size/MD5 checksum: 552440 fcedbf86323870aeccb2311432486284\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny3_powerpc.deb\n Size/MD5 checksum: 78502 bb5d15473e4bddc5c020f62266d6c223\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny3_powerpc.deb\n Size/MD5 checksum: 176116 95a98f65b4131520e321dd3be8eae84a\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny3_powerpc.deb\n Size/MD5 checksum: 93034 4da9b131a970874d879b2ea3cadd7c82\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny3_powerpc.deb\n Size/MD5 checksum: 66942 628e0162dc9951b812d28959169a97d4\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny3_powerpc.deb\n Size/MD5 checksum: 2377750 9363d4702e54dc7b1cc0eb98c23a9804\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny3_powerpc.deb\n Size/MD5 checksum: 184490 19bbca7e884974c51439ae1f0907478d\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny3_powerpc.deb\n Size/MD5 checksum: 1080540 4925b6a37016999440472e87b2d3af25\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny3_powerpc.deb\n Size/MD5 checksum: 26525076 ea014f1f8e624fbf0a63a284d2ded8d8\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny3_powerpc.deb\n Size/MD5 checksum: 139332 def9b6e887a7a5ab3492b985dfe2d300\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny3_s390.deb\n Size/MD5 checksum: 183988 f04cfbaaca7f4317150edffd71a795d4\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny3_s390.deb\n Size/MD5 checksum: 2316688 eb9f3a10aa750d176665ec64b7fb1975\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny3_s390.deb\n Size/MD5 checksum: 93972 16f29eed06a38662e8a0e5d35f94e6d1\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny3_s390.deb\n Size/MD5 checksum: 63676 c7ff6674bbdd0e19cfafddae89dcd76e\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny3_s390.deb\n Size/MD5 checksum: 776262 2f1f108a6dc99c57b9db080322173998\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny3_s390.deb\n Size/MD5 checksum: 877924 99207a423ccf38a16de2312c47efff56\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny3_s390.deb\n Size/MD5 checksum: 145326 d14d6ec17a5177fdb70ddf382406d25b\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny3_s390.deb\n Size/MD5 checksum: 113560 652e8c2382c6419651b532bb746d6f4c\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny3_s390.deb\n Size/MD5 checksum: 248288 68116fb1c73010b87c05a7fc729c46b2\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny3_s390.deb\n Size/MD5 checksum: 546010 a11225131898df3980569ce7d0ad6493\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny3_s390.deb\n Size/MD5 checksum: 271090 07fd7e322a0301d174e7e8cc74bb1ae9\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny3_s390.deb\n Size/MD5 checksum: 148066 cb59103e1a0c8894ba3b4e79e979a02a\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny3_s390.deb\n Size/MD5 checksum: 1107864 793edc1e18ff854fb72b0b54cba837dc\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny3_s390.deb\n Size/MD5 checksum: 75694 d460eb28b1da9f70727e1afa02f40130\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny3_s390.deb\n Size/MD5 checksum: 1202704 1b724a5bfb81efe390f8f32801334247\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny3_s390.deb\n Size/MD5 checksum: 425296 1ed8693d5850bbd5e718de471115e8b6\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny3_s390.deb\n Size/MD5 checksum: 251648 790623c5975aa371951a77abffc6c0af\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny3_s390.deb\n Size/MD5 checksum: 175008 ac480a8d523348402ed12b5a05e26a78\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny3_s390.deb\n Size/MD5 checksum: 901670 9f6bba612b930b803efc3b30205fa69a\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny3_s390.deb\n Size/MD5 checksum: 94710 f89101f200e02f41c975197015a62a62\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny3_s390.deb\n Size/MD5 checksum: 13908 87f5a8d4bc8f7fb2cfaede6a7fd7636c\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny3_s390.deb\n Size/MD5 checksum: 26230158 243106eb0ff6d5143e72a906f71f1e0d\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny3_s390.deb\n Size/MD5 checksum: 106678 903215e0f5961022d0274159c73ff781\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny3_s390.deb\n Size/MD5 checksum: 502252 c32a67de593ae40ef976e70d816b9db5\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.9-3+lenny3_sparc.deb\n Size/MD5 checksum: 73782 c3373e10c33cb6d8eb835d0ab2bd6168\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.9-3+lenny3_sparc.deb\n Size/MD5 checksum: 487858 4b188d0fd44e4ecb6d73a1d9a739df0c\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.9-3+lenny3_sparc.deb\n Size/MD5 checksum: 25143248 80e94dabb0bd55d853fb11f72ca3a26f\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.9-3+lenny3_sparc.deb\n Size/MD5 checksum: 173284 047191e44bf1c139478a13be439e8e48\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.9-3+lenny3_sparc.deb\n Size/MD5 checksum: 97534 90632cc999a0f1a7818e619526c62f80\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9-3+lenny3_sparc.deb\n Size/MD5 checksum: 761544 23517d232d0bc88c1fed39a7ead3a110\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9-3+lenny3_sparc.deb\n Size/MD5 checksum: 391918 d1bd48368c79584497016e1ea6e329a5\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.9-3+lenny3_sparc.deb\n Size/MD5 checksum: 105564 ffa5616368ebe6467c49afcc12541f03\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.9-3+lenny3_sparc.deb\n Size/MD5 checksum: 791268 b1522eccd589de130f73287680f16ee3\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9-3+lenny3_sparc.deb\n Size/MD5 checksum: 538886 406e86dae5b7b7bf2a591e9cf677370e\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9-3+lenny3_sparc.deb\n Size/MD5 checksum: 836104 45bfacb504372cf839c609aa6af188af\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.9-3+lenny3_sparc.deb\n Size/MD5 checksum: 251682 204e2da3dde0abef4ad8c14e48374e22\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.9-3+lenny3_sparc.deb\n Size/MD5 checksum: 129798 83eaf19c002d9ede83c22548bb1d566f\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.9-3+lenny3_sparc.deb\n Size/MD5 checksum: 83272 add6bc2a75f9459935fa41228f7bce5a\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.9-3+lenny3_sparc.deb\n Size/MD5 checksum: 1056214 66ee7780c5da923addfffdb057f5bdae\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.9-3+lenny3_sparc.deb\n Size/MD5 checksum: 231460 cb2d4fb77e59641cc04e8adca395764e\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.9-3+lenny3_sparc.deb\n Size/MD5 checksum: 2297940 33556e52b1771341d8f3ded7a19b0425\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9-3+lenny3_sparc.deb\n Size/MD5 checksum: 142754 40d4de6b757a6122d545071870140a74\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.9-3+lenny3_sparc.deb\n Size/MD5 checksum: 62848 46bf3794ee54db7d849006cf93b5038f\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.9-3+lenny3_sparc.deb\n Size/MD5 checksum: 13922 3b6176766ea4096ab88aa043887f3cdf\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9-3+lenny3_sparc.deb\n Size/MD5 checksum: 217532 15b4ab27963da68893cb1060b2af7b29\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.9-3+lenny3_sparc.deb\n Size/MD5 checksum: 169422 547a9d38543607bcca665f5066bf4e8c\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9-3+lenny3_sparc.deb\n Size/MD5 checksum: 1290452 e45c8ad225b31f327a64c5da05aed69a\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.9-3+lenny3_sparc.deb\n Size/MD5 checksum: 99542 2b8d74e5759e17161a54260997385ac2\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show &lt;pkg&gt;&#x27; and http://packages.debian.org/&lt;pkg&gt;\n", "edition": 1, "reporter": "Debian", "published": "2010-05-24T15:38:55", "title": "[SECURITY] [DSA 2050-1] New kdegraphics packages fix several vulnerabilities", "type": "debian", "enchantments": {"score": {"modified": "2018-10-16T22:14:07", "vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-1188", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3609"], "modified": "2010-05-24T15:38:55", "id": "DEBIAN:DSA-2050-1:A72F5", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2010/msg00092.html", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "ubuntu": [{"lastseen": "2018-08-31T00:10:20", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2009-3604", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-3603", "https://usn.ubuntu.com/usn/usn-850-1", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-3607", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-3609", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-3608"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "9.10", "packageVersion": "0.12.0-0ubuntu2.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libpoppler-glib4", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "9.10", "packageVersion": "0.12.0-0ubuntu2.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libpoppler5", "operator": "lt"}], "description": "USN-850-1 fixed vulnerabilities in poppler. This update provides the corresponding updates for Ubuntu 9.10.\n\nOriginal advisory details:\n\nIt was discovered that poppler contained multiple security issues when parsing malformed PDF documents. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program.", "edition": 3, "reporter": "Ubuntu", "published": "2009-11-02T00:00:00", "title": "poppler vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3607", "CVE-2009-3604", "CVE-2009-3609"], "modified": "2009-11-02T00:00:00", "id": "USN-850-3", "href": "https://usn.ubuntu.com/850-3/", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:08:50", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2009-0755", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-3605", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-3604", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-3603", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-3607", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-3609", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-3608"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "8.04", "packageVersion": "0.6.4-1ubuntu3.3", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libpoppler-glib2", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.10", "packageVersion": "0.8.7-1ubuntu0.4", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libpoppler-glib3", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "9.04", "packageVersion": "0.10.5-1ubuntu2.4", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libpoppler4", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.10", "packageVersion": "0.8.7-1ubuntu0.4", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libpoppler3", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "6.06", "packageVersion": "0.5.1-0ubuntu7.6", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libpoppler1", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "6.06", "packageVersion": "0.5.1-0ubuntu7.6", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libpoppler1-glib", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "9.04", "packageVersion": "0.10.5-1ubuntu2.4", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libpoppler-glib4", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.04", "packageVersion": "0.6.4-1ubuntu3.3", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libpoppler2", "operator": "lt"}], "description": "It was discovered that poppler contained multiple security issues when parsing malformed PDF documents. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program.", "edition": 3, "reporter": "Ubuntu", "published": "2009-10-21T00:00:00", "title": "poppler vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3607", "CVE-2009-0755", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-3609"], "modified": "2009-10-21T00:00:00", "id": "USN-850-1", "href": "https://usn.ubuntu.com/850-1/", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:08:11", "references": ["https://usn.ubuntu.com/usn/usn-850-1", "https://launchpad.net/bugs/457985"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "6.06", "packageVersion": "0.5.1-0ubuntu7.7", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libpoppler1-glib", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "9.04", "packageVersion": "0.10.5-1ubuntu2.5", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libpoppler4", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.04", "packageVersion": "0.6.4-1ubuntu3.4", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libpoppler-glib2", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.10", "packageVersion": "0.8.7-1ubuntu0.5", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libpoppler-glib3", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.04", "packageVersion": "0.6.4-1ubuntu3.4", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libpoppler2", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "8.10", "packageVersion": "0.8.7-1ubuntu0.5", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libpoppler3", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "9.04", "packageVersion": "0.10.5-1ubuntu2.5", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libpoppler-glib4", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "6.06", "packageVersion": "0.5.1-0ubuntu7.7", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "libpoppler1", "operator": "lt"}], "description": "USN-850-1 fixed vulnerabilities in poppler. The security fix for CVE-2009-3605 introduced a regression that would cause certain applications, such as Okular, to segfault when opening certain PDF files.\n\nThis update fixes the problem. We apologize for the inconvenience.\n\nOriginal advisory details:\n\nIt was discovered that poppler contained multiple security issues when parsing malformed PDF documents. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program.", "edition": 3, "reporter": "Ubuntu", "published": "2009-10-22T00:00:00", "title": "poppler regression", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-3605"], "modified": "2009-10-22T00:00:00", "id": "USN-850-2", "href": "https://usn.ubuntu.com/850-2/", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T00:09:03", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2009-0800", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-0166", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-0799", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-0147", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-3606", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-1179", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-3609", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-1180", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-0146", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-0195", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-1181", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-0165", "https://people.canonical.com/~ubuntu-security/cve/CVE-2009-3608"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "9.04", "packageVersion": "1:1.6.3-7ubuntu6.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "kword", "operator": "lt"}], "description": "Will Dormann, Alin Rad Pop, Braden Thomas, and Drew Yao discovered that the Xpdf used in KOffice contained multiple security issues in its JBIG2 decoder. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program. (CVE-2009-0146, CVE-2009-0147, CVE-2009-0166, CVE-2009-0799, CVE-2009-0800, CVE-2009-1179, CVE-2009-1180, CVE-2009-1181)\n\nIt was discovered that the Xpdf used in KOffice contained multiple security issues when parsing malformed PDF documents. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program. (CVE-2009-3606, CVE-2009-3608, CVE-2009-3609)\n\nKOffice in Ubuntu 9.04 uses a very old version of Xpdf to import PDFs into KWord. Upstream KDE no longer supports PDF import in KOffice and as a result it was dropped in Ubuntu 9.10. While an attempt was made to fix the above issues, the maintenance burden for supporting this very old version of Xpdf outweighed its utility, and PDF import is now also disabled in Ubuntu 9.04.", "edition": 3, "reporter": "Ubuntu", "published": "2010-08-17T00:00:00", "title": "KOffice vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-3608", "CVE-2009-1181", "CVE-2009-1180", "CVE-2009-0195", "CVE-2009-3606", "CVE-2009-0799", "CVE-2009-0165", "CVE-2009-0166", "CVE-2009-3609", "CVE-2009-0147", "CVE-2009-0800", "CVE-2009-0146", "CVE-2009-1179"], "modified": "2010-08-17T00:00:00", "id": "USN-973-1", "href": "https://usn.ubuntu.com/973-1/", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "oraclelinux": [{"lastseen": "2018-08-31T01:42:29", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "i386", "packageFilename": "poppler-utils-0.5.4-4.4.el5_4.11.i386.rpm", "packageName": "poppler-utils", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "i386", "packageFilename": "poppler-devel-0.5.4-4.4.el5_4.11.i386.rpm", "packageName": "poppler-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "i386", "packageFilename": "poppler-devel-0.5.4-4.4.el5_4.11.i386.rpm", "packageName": "poppler-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "x86_64", "packageFilename": "poppler-0.5.4-4.4.el5_4.11.x86_64.rpm", "packageName": "poppler", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "ia64", "packageFilename": "poppler-0.5.4-4.4.el5_4.11.ia64.rpm", "packageName": "poppler", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "i386", "packageFilename": "poppler-0.5.4-4.4.el5_4.11.i386.rpm", "packageName": "poppler", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "i386", "packageFilename": "poppler-0.5.4-4.4.el5_4.11.i386.rpm", "packageName": "poppler", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "ia64", "packageFilename": "poppler-utils-0.5.4-4.4.el5_4.11.ia64.rpm", "packageName": "poppler-utils", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "ia64", "packageFilename": "poppler-devel-0.5.4-4.4.el5_4.11.ia64.rpm", "packageName": "poppler-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "x86_64", "packageFilename": "poppler-utils-0.5.4-4.4.el5_4.11.x86_64.rpm", "packageName": "poppler-utils", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "src", "packageFilename": "poppler-0.5.4-4.4.el5_4.11.src.rpm", "packageName": "poppler", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "src", "packageFilename": "poppler-0.5.4-4.4.el5_4.11.src.rpm", "packageName": "poppler", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "src", "packageFilename": "poppler-0.5.4-4.4.el5_4.11.src.rpm", "packageName": "poppler", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "x86_64", "packageFilename": "poppler-devel-0.5.4-4.4.el5_4.11.x86_64.rpm", "packageName": "poppler-devel", "operator": "lt"}], "description": "[0.5.4-4.4.el5_4.11]\n- Fixes various flaws addressed in bugs #526637, #526893 and #526915\n which were tracked in #527403.\n- Resolves: #527403\n[0.5.4-4.4.el5_4.10]\n- Add poppler-0.5.4-JBIG2-segment-reading.patch to\n fix reading of arithmetically encoded JBIG2 images with\n unknown length.\n- Resolves: #528147", "edition": 3, "reporter": "Oracle", "published": "2009-10-15T00:00:00", "title": "poppler security and bug fix update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3609"], "modified": "2009-10-15T00:00:00", "id": "ELSA-2009-1504", "href": "http://linux.oracle.com/errata/ELSA-2009-1504.html", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:40:39", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.00-22.el4_8.1", "arch": "ia64", "packageFilename": "xpdf-3.00-22.el4_8.1.ia64.rpm", "packageName": "xpdf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.00-22.el4_8.1", "arch": "src", "packageFilename": "xpdf-3.00-22.el4_8.1.src.rpm", "packageName": "xpdf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.00-22.el4_8.1", "arch": "src", "packageFilename": "xpdf-3.00-22.el4_8.1.src.rpm", "packageName": "xpdf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.00-22.el4_8.1", "arch": "src", "packageFilename": "xpdf-3.00-22.el4_8.1.src.rpm", "packageName": "xpdf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.00-22.el4_8.1", "arch": "i386", "packageFilename": "xpdf-3.00-22.el4_8.1.i386.rpm", "packageName": "xpdf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.00-22.el4_8.1", "arch": "x86_64", "packageFilename": "xpdf-3.00-22.el4_8.1.x86_64.rpm", "packageName": "xpdf", "operator": "lt"}], "description": "[3.00-22.1]\n- Resolves: #527468, CVE-2009-0791\n[3.00-22.el4]\n- CVE-2009-0791\n[3.00-21.el4]\n- CVE-2009-0791", "edition": 3, "reporter": "Oracle", "published": "2009-10-15T00:00:00", "title": "xpdf security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-3608", "CVE-2009-1188", "CVE-2009-0791", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3609"], "modified": "2009-10-15T00:00:00", "id": "ELSA-2009-1501", "href": "http://linux.oracle.com/errata/ELSA-2009-1501.html", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:40:44", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.3.1-15.el4_8.2", "arch": "src", "packageFilename": "kdegraphics-3.3.1-15.el4_8.2.src.rpm", "packageName": "kdegraphics", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.3.1-15.el4_8.2", "arch": "src", "packageFilename": "kdegraphics-3.3.1-15.el4_8.2.src.rpm", "packageName": "kdegraphics", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.3.1-15.el4_8.2", "arch": "src", "packageFilename": "kdegraphics-3.3.1-15.el4_8.2.src.rpm", "packageName": "kdegraphics", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.3.1-15.el4_8.2", "arch": "ia64", "packageFilename": "kdegraphics-3.3.1-15.el4_8.2.ia64.rpm", "packageName": "kdegraphics", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.3.1-15.el4_8.2", "arch": "i386", "packageFilename": "kdegraphics-3.3.1-15.el4_8.2.i386.rpm", "packageName": "kdegraphics", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.3.1-15.el4_8.2", "arch": "x86_64", "packageFilename": "kdegraphics-3.3.1-15.el4_8.2.x86_64.rpm", "packageName": "kdegraphics", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.3.1-15.el4_8.2", "arch": "x86_64", "packageFilename": "kdegraphics-devel-3.3.1-15.el4_8.2.x86_64.rpm", "packageName": "kdegraphics-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.3.1-15.el4_8.2", "arch": "ia64", "packageFilename": "kdegraphics-devel-3.3.1-15.el4_8.2.ia64.rpm", "packageName": "kdegraphics-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "3.3.1-15.el4_8.2", "arch": "i386", "packageFilename": "kdegraphics-devel-3.3.1-15.el4_8.2.i386.rpm", "packageName": "kdegraphics-devel", "operator": "lt"}], "description": "[3.3.1-15.2]\n- Add missing NULL check to CVE-2009-3608 patch\n[3.3.1-15.1]\n- CVE-2009-0791", "edition": 3, "reporter": "Oracle", "published": "2009-10-15T00:00:00", "title": "kdegraphics security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-3608", "CVE-2009-1188", "CVE-2009-0791", "CVE-2009-3604", "CVE-2009-3609"], "modified": "2009-10-15T00:00:00", "id": "ELSA-2009-1512", "href": "http://linux.oracle.com/errata/ELSA-2009-1512.html", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:45:25", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "arch": "i386", "packageFilename": "cups-devel-1.3.7-11.el5_4.3.i386.rpm", "packageName": "cups-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "arch": "i386", "packageFilename": "cups-devel-1.3.7-11.el5_4.3.i386.rpm", "packageName": "cups-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "arch": "ia64", "packageFilename": "cups-1.3.7-11.el5_4.3.ia64.rpm", "packageName": "cups", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "arch": "i386", "packageFilename": "cups-1.3.7-11.el5_4.3.i386.rpm", "packageName": "cups", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "arch": "ia64", "packageFilename": "cups-lpd-1.3.7-11.el5_4.3.ia64.rpm", "packageName": "cups-lpd", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "arch": "x86_64", "packageFilename": "cups-1.3.7-11.el5_4.3.x86_64.rpm", "packageName": "cups", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "arch": "x86_64", "packageFilename": "cups-libs-1.3.7-11.el5_4.3.x86_64.rpm", "packageName": "cups-libs", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "arch": "i386", "packageFilename": "cups-libs-1.3.7-11.el5_4.3.i386.rpm", "packageName": "cups-libs", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "arch": "i386", "packageFilename": "cups-libs-1.3.7-11.el5_4.3.i386.rpm", "packageName": "cups-libs", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "arch": "i386", "packageFilename": "cups-libs-1.3.7-11.el5_4.3.i386.rpm", "packageName": "cups-libs", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "arch": "ia64", "packageFilename": "cups-libs-1.3.7-11.el5_4.3.ia64.rpm", "packageName": "cups-libs", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "arch": "src", "packageFilename": "cups-1.3.7-11.el5_4.3.src.rpm", "packageName": "cups", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "arch": "src", "packageFilename": "cups-1.3.7-11.el5_4.3.src.rpm", "packageName": "cups", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "arch": "src", "packageFilename": "cups-1.3.7-11.el5_4.3.src.rpm", "packageName": "cups", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "arch": "i386", "packageFilename": "cups-lpd-1.3.7-11.el5_4.3.i386.rpm", "packageName": "cups-lpd", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "arch": "ia64", "packageFilename": "cups-devel-1.3.7-11.el5_4.3.ia64.rpm", "packageName": "cups-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "arch": "x86_64", "packageFilename": "cups-devel-1.3.7-11.el5_4.3.x86_64.rpm", "packageName": "cups-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "arch": "x86_64", "packageFilename": "cups-lpd-1.3.7-11.el5_4.3.x86_64.rpm", "packageName": "cups-lpd", "operator": "lt"}], "description": "[1:1.3.7-11:.3]\n- Include NULL pointer check in ObjectStream::getObject. Part of the\n fix for CVE-2009-3608 (bug #526637).\n[1:1.3.7-11:.2]\n- Applied patch to fix CVE-2009-3608 (bug #526637) and\n CVE-2009-3609 (bug #526893). ", "edition": 3, "reporter": "Oracle", "published": "2009-10-15T00:00:00", "title": "cups security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-3608", "CVE-2009-3609"], "modified": "2009-10-15T00:00:00", "id": "ELSA-2009-1513", "href": "http://linux.oracle.com/errata/ELSA-2009-1513.html", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:40:21", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.8.2-7.7.2.el4_8.5", "arch": "x86_64", "packageFilename": "gpdf-2.8.2-7.7.2.el4_8.5.x86_64.rpm", "packageName": "gpdf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.8.2-7.7.2.el4_8.5", "arch": "i386", "packageFilename": "gpdf-2.8.2-7.7.2.el4_8.5.i386.rpm", "packageName": "gpdf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.8.2-7.7.2.el4_8.5", "arch": "src", "packageFilename": "gpdf-2.8.2-7.7.2.el4_8.5.src.rpm", "packageName": "gpdf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.8.2-7.7.2.el4_8.5", "arch": "src", "packageFilename": "gpdf-2.8.2-7.7.2.el4_8.5.src.rpm", "packageName": "gpdf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.8.2-7.7.2.el4_8.5", "arch": "src", "packageFilename": "gpdf-2.8.2-7.7.2.el4_8.5.src.rpm", "packageName": "gpdf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "4", "packageVersion": "2.8.2-7.7.2.el4_8.5", "arch": "ia64", "packageFilename": "gpdf-2.8.2-7.7.2.el4_8.5.ia64.rpm", "packageName": "gpdf", "operator": "lt"}], "description": "[2.8.2-7.7.2.el4_8.5]\n- Fixes various flaws addressed in bugs #491840 (CVE-2009-0791),\n - Resolves: #527413", "edition": 3, "reporter": "Oracle", "published": "2009-10-15T00:00:00", "title": "gpdf security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-3608", "CVE-2009-1188", "CVE-2009-0791", "CVE-2009-3604", "CVE-2009-3609"], "modified": "2009-10-15T00:00:00", "id": "ELSA-2009-1503", "href": "http://linux.oracle.com/errata/ELSA-2009-1503.html", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "centos": [{"lastseen": "2017-10-03T18:25:08", "references": ["https://rhn.redhat.com/errata/RHSA-2009-1504.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "any", "packageName": "poppler", "packageFilename": "poppler-0.5.4-4.4.el5_4.11.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "any", "packageName": "poppler", "packageFilename": "poppler-0.5.4-4.4.el5_4.11.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "i386", "packageName": "poppler-devel", "packageFilename": "poppler-devel-0.5.4-4.4.el5_4.11.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "i386", "packageName": "poppler-devel", "packageFilename": "poppler-devel-0.5.4-4.4.el5_4.11.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "x86_64", "packageName": "poppler-devel", "packageFilename": "poppler-devel-0.5.4-4.4.el5_4.11.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "x86_64", "packageName": "poppler-utils", "packageFilename": "poppler-utils-0.5.4-4.4.el5_4.11.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "i386", "packageName": "poppler", "packageFilename": "poppler-0.5.4-4.4.el5_4.11.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "i386", "packageName": "poppler", "packageFilename": "poppler-0.5.4-4.4.el5_4.11.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "x86_64", "packageName": "poppler", "packageFilename": "poppler-0.5.4-4.4.el5_4.11.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "i386", "packageName": "poppler-utils", "packageFilename": "poppler-utils-0.5.4-4.4.el5_4.11.i386.rpm", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2009:1504\n\n\nPoppler is a Portable Document Format (PDF) rendering library, used by\napplications such as Evince.\n\nMultiple integer overflow flaws were found in poppler. An attacker could\ncreate a malicious PDF file that would cause applications that use poppler\n(such as Evince) to crash or, potentially, execute arbitrary code when\nopened. (CVE-2009-3603, CVE-2009-3608, CVE-2009-3609)\n\nRed Hat would like to thank Chris Rohlf for reporting the CVE-2009-3608\nissue.\n\nThis update also corrects a regression introduced in the previous poppler\nsecurity update, RHSA-2009:0480, that prevented poppler from rendering\ncertain PDF documents correctly. (BZ#528147)\n\nUsers are advised to upgrade to these updated packages, which contain\nbackported patches to resolve these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/016268.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/016271.html\n\n**Affected packages:**\npoppler\npoppler-devel\npoppler-utils\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2009-1504.html", "edition": 1, "reporter": "CentOS Project", "published": "2009-10-30T15:43:58", "title": "poppler security update", "type": "centos", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3609"], "modified": "2009-10-30T15:43:58", "href": "http://lists.centos.org/pipermail/centos-announce/2009-October/016268.html", "id": "CESA-2009:1504", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-03T18:25:59", "references": ["http://rhn.redhat.com/errata/RHSA-2009-1501.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.00-22.el4_8.1", "packageFilename": "xpdf-3.00-22.el4_8.1.i386.rpm", "packageName": "xpdf", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.00-22.el4_8.1", "packageFilename": "xpdf-3.00-22.el4_8.1.x86_64.rpm", "packageName": "xpdf", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.00-22.el4_8.1", "packageFilename": "xpdf-3.00-22.el4_8.1.src.rpm", "packageName": "xpdf", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.00-22.el4_8.1", "packageFilename": "xpdf-3.00-22.el4_8.1.src.rpm", "packageName": "xpdf", "arch": "any", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2009:1501\n\n\nXpdf is an X Window System based viewer for Portable Document Format (PDF)\nfiles.\n\nMultiple integer overflow flaws were found in Xpdf. An attacker could\ncreate a malicious PDF file that would cause Xpdf to crash or, potentially,\nexecute arbitrary code when opened. (CVE-2009-0791, CVE-2009-1188,\nCVE-2009-3604, CVE-2009-3606, CVE-2009-3608, CVE-2009-3609)\n\nRed Hat would like to thank Adam Zabrocki for reporting the CVE-2009-3604\nissue, and Chris Rohlf for reporting the CVE-2009-3608 issue.\n\nUsers are advised to upgrade to this updated package, which contains a\nbackported patch to correct these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/016189.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/016190.html\n\n**Affected packages:**\nxpdf\n\n**Upstream details at:**\n", "edition": 1, "reporter": "CentOS Project", "published": "2009-10-16T14:29:40", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "title": "xpdf security update", "type": "centos", "bulletinFamily": "unix", "cvelist": ["CVE-2009-3608", "CVE-2009-1188", "CVE-2009-0791", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3609"], "modified": "2009-10-16T14:29:46", "href": "http://lists.centos.org/pipermail/centos-announce/2009-October/016189.html", "id": "CESA-2009:1501", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-03T18:25:56", "references": ["https://rhn.redhat.com/errata/RHSA-2009-1502.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "5", "packageVersion": "3.5.4-15.el5_4.2", "packageFilename": "kdegraphics-3.5.4-15.el5_4.2.i386.rpm", "packageName": "kdegraphics", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "3.5.4-15.el5_4.2", "packageFilename": "kdegraphics-devel-3.5.4-15.el5_4.2.i386.rpm", "packageName": "kdegraphics-devel", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "3.5.4-15.el5_4.2", "packageFilename": "kdegraphics-devel-3.5.4-15.el5_4.2.i386.rpm", "packageName": "kdegraphics-devel", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "3.5.4-15.el5_4.2", "packageFilename": "kdegraphics-3.5.4-15.el5_4.2.x86_64.rpm", "packageName": "kdegraphics", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "3.5.4-15.el5_4.2", "packageFilename": "kdegraphics-3.5.4-15.el5_4.2.src.rpm", "packageName": "kdegraphics", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "3.5.4-15.el5_4.2", "packageFilename": "kdegraphics-3.5.4-15.el5_4.2.src.rpm", "packageName": "kdegraphics", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "3.5.4-15.el5_4.2", "packageFilename": "kdegraphics-devel-3.5.4-15.el5_4.2.x86_64.rpm", "packageName": "kdegraphics-devel", "arch": "x86_64", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2009:1502\n\n\nThe kdegraphics packages contain applications for the K Desktop\nEnvironment, including KPDF, a viewer for Portable Document Format (PDF)\nfiles.\n\nMultiple integer overflow flaws were found in KPDF. An attacker could\ncreate a malicious PDF file that would cause KPDF to crash or, potentially,\nexecute arbitrary code when opened. (CVE-2009-0791, CVE-2009-1188,\nCVE-2009-3604, CVE-2009-3606, CVE-2009-3608, CVE-2009-3609)\n\nRed Hat would like to thank Adam Zabrocki for reporting the CVE-2009-3604\nissue, and Chris Rohlf for reporting the CVE-2009-3608 issue.\n\nUsers are advised to upgrade to these updated packages, which contain a\nbackported patch to resolve these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/016232.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/016233.html\n\n**Affected packages:**\nkdegraphics\nkdegraphics-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2009-1502.html", "edition": 1, "reporter": "CentOS Project", "published": "2009-10-30T15:43:50", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "title": "kdegraphics security update", "type": "centos", "bulletinFamily": "unix", "cvelist": ["CVE-2009-3608", "CVE-2009-1188", "CVE-2009-0791", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3609"], "modified": "2009-10-30T15:43:51", "href": "http://lists.centos.org/pipermail/centos-announce/2009-October/016232.html", "id": "CESA-2009:1502", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-03T18:24:48", "references": ["http://rhn.redhat.com/errata/RHSA-2009-1512.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.3.1-15.el4_8.2", "arch": "x86_64", "packageName": "kdegraphics", "packageFilename": "kdegraphics-3.3.1-15.el4_8.2.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.3.1-15.el4_8.2", "arch": "x86_64", "packageName": "kdegraphics-devel", "packageFilename": "kdegraphics-devel-3.3.1-15.el4_8.2.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.3.1-15.el4_8.2", "arch": "i386", "packageName": "kdegraphics-devel", "packageFilename": "kdegraphics-devel-3.3.1-15.el4_8.2.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.3.1-15.el4_8.2", "arch": "any", "packageName": "kdegraphics", "packageFilename": "kdegraphics-3.3.1-15.el4_8.2.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.3.1-15.el4_8.2", "arch": "any", "packageName": "kdegraphics", "packageFilename": "kdegraphics-3.3.1-15.el4_8.2.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "3.3.1-15.el4_8.2", "arch": "i386", "packageName": "kdegraphics", "packageFilename": "kdegraphics-3.3.1-15.el4_8.2.i386.rpm", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2009:1512\n\n\nThe kdegraphics packages contain applications for the K Desktop\nEnvironment, including KPDF, a viewer for Portable Document Format (PDF)\nfiles.\n\nMultiple integer overflow flaws were found in KPDF. An attacker could\ncreate a malicious PDF file that would cause KPDF to crash or, potentially,\nexecute arbitrary code when opened. (CVE-2009-0791, CVE-2009-1188,\nCVE-2009-3604, CVE-2009-3608, CVE-2009-3609)\n\nRed Hat would like to thank Adam Zabrocki for reporting the CVE-2009-3604\nissue, and Chris Rohlf for reporting the CVE-2009-3608 issue.\n\nUsers are advised to upgrade to these updated packages, which contain a\nbackported patch to resolve these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/016193.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/016194.html\n\n**Affected packages:**\nkdegraphics\nkdegraphics-devel\n\n**Upstream details at:**\n", "edition": 1, "reporter": "CentOS Project", "published": "2009-10-16T14:29:57", "title": "kdegraphics security update", "type": "centos", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-3608", "CVE-2009-1188", "CVE-2009-0791", "CVE-2009-3604", "CVE-2009-3609"], "modified": "2009-10-16T14:30:00", "href": "http://lists.centos.org/pipermail/centos-announce/2009-October/016193.html", "id": "CESA-2009:1512", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-03T18:26:54", "references": ["http://rhn.redhat.com/errata/RHSA-2009-1503.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "4", "packageVersion": "2.8.2-7.7.2.el4_8.5", "arch": "i386", "packageName": "gpdf", "packageFilename": "gpdf-2.8.2-7.7.2.el4_8.5.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "2.8.2-7.7.2.el4_8.5", "arch": "x86_64", "packageName": "gpdf", "packageFilename": "gpdf-2.8.2-7.7.2.el4_8.5.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "2.8.2-7.7.2.el4_8.5", "arch": "any", "packageName": "gpdf", "packageFilename": "gpdf-2.8.2-7.7.2.el4_8.5.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "2.8.2-7.7.2.el4_8.5", "arch": "any", "packageName": "gpdf", "packageFilename": "gpdf-2.8.2-7.7.2.el4_8.5.src.rpm", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2009:1503\n\n\nGPdf is a viewer for Portable Document Format (PDF) files.\n\nMultiple integer overflow flaws were found in GPdf. An attacker could\ncreate a malicious PDF file that would cause GPdf to crash or, potentially,\nexecute arbitrary code when opened. (CVE-2009-0791, CVE-2009-1188,\nCVE-2009-3604, CVE-2009-3608, CVE-2009-3609)\n\nRed Hat would like to thank Adam Zabrocki for reporting the CVE-2009-3604\nissue, and Chris Rohlf for reporting the CVE-2009-3608 issue.\n\nUsers are advised to upgrade to this updated package, which contains a\nbackported patch to correct these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/016191.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/016192.html\n\n**Affected packages:**\ngpdf\n\n**Upstream details at:**\n", "edition": 1, "reporter": "CentOS Project", "published": "2009-10-16T14:29:50", "title": "gpdf security update", "type": "centos", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-3608", "CVE-2009-1188", "CVE-2009-0791", "CVE-2009-3604", "CVE-2009-3609"], "modified": "2009-10-16T14:29:54", "href": "http://lists.centos.org/pipermail/centos-announce/2009-October/016191.html", "id": "CESA-2009:1503", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-03T18:24:57", "references": ["https://rhn.redhat.com/errata/RHSA-2009-1500.html", "http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xBEFA581B"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "3", "packageVersion": "2.02-17.el3", "arch": "i386", "packageName": "xpdf", "packageFilename": "xpdf-2.02-17.el3.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "2.02-17.el3", "arch": "x86_64", "packageName": "xpdf", "packageFilename": "xpdf-2.02-17.el3.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "2.02-17.el3", "arch": "any", "packageName": "xpdf", "packageFilename": "xpdf-2.02-17.el3.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "2.02-17.el3", "arch": "any", "packageName": "xpdf", "packageFilename": "xpdf-2.02-17.el3.src.rpm", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2009:1500\n\n\nXpdf is an X Window System based viewer for Portable Document Format (PDF)\nfiles.\n\nMultiple integer overflow flaws were found in Xpdf. An attacker could\ncreate a malicious PDF file that would cause Xpdf to crash or, potentially,\nexecute arbitrary code when opened. (CVE-2009-0791, CVE-2009-3604,\nCVE-2009-3606, CVE-2009-3609)\n\nRed Hat would like to thank Adam Zabrocki for reporting the CVE-2009-3604\nissue.\n\nUsers are advised to upgrade to this updated package, which contains a\nbackported patch to correct these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/016187.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/016188.html\n\n**Affected packages:**\nxpdf\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2009-1500.html", "edition": 1, "reporter": "CentOS Project", "published": "2009-10-15T12:03:48", "title": "xpdf security update", "type": "centos", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-0791", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3609"], "modified": "2009-10-15T12:03:59", "href": "http://lists.centos.org/pipermail/centos-announce/2009-October/016187.html", "id": "CESA-2009:1500", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-03T18:24:28", "references": ["https://rhn.redhat.com/errata/RHSA-2009-1513.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "packageFilename": "cups-1.3.7-11.el5_4.3.x86_64.rpm", "packageName": "cups", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "packageFilename": "cups-lpd-1.3.7-11.el5_4.3.x86_64.rpm", "packageName": "cups-lpd", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "packageFilename": "cups-1.3.7-11.el5_4.3.src.rpm", "packageName": "cups", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "packageFilename": "cups-1.3.7-11.el5_4.3.src.rpm", "packageName": "cups", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "packageFilename": "cups-devel-1.3.7-11.el5_4.3.x86_64.rpm", "packageName": "cups-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "packageFilename": "cups-lpd-1.3.7-11.el5_4.3.i386.rpm", "packageName": "cups-lpd", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "packageFilename": "cups-libs-1.3.7-11.el5_4.3.x86_64.rpm", "packageName": "cups-libs", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "packageFilename": "cups-1.3.7-11.el5_4.3.i386.rpm", "packageName": "cups", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "packageFilename": "cups-libs-1.3.7-11.el5_4.3.i386.rpm", "packageName": "cups-libs", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "packageFilename": "cups-libs-1.3.7-11.el5_4.3.i386.rpm", "packageName": "cups-libs", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "packageFilename": "cups-devel-1.3.7-11.el5_4.3.i386.rpm", "packageName": "cups-devel", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "packageFilename": "cups-devel-1.3.7-11.el5_4.3.i386.rpm", "packageName": "cups-devel", "arch": "i386", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2009:1513\n\n\nThe Common UNIX Printing System (CUPS) provides a portable printing layer\nfor UNIX operating systems. The CUPS \"pdftops\" filter converts Portable\nDocument Format (PDF) files to PostScript.\n\nTwo integer overflow flaws were found in the CUPS \"pdftops\" filter. An\nattacker could create a malicious PDF file that would cause \"pdftops\" to\ncrash or, potentially, execute arbitrary code as the \"lp\" user if the file\nwas printed. (CVE-2009-3608, CVE-2009-3609)\n\nRed Hat would like to thank Chris Rohlf for reporting the CVE-2009-3608\nissue.\n\nUsers of cups are advised to upgrade to these updated packages, which\ncontain a backported patch to correct these issues. After installing the\nupdate, the cupsd daemon will be restarted automatically.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/016218.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/016219.html\n\n**Affected packages:**\ncups\ncups-devel\ncups-libs\ncups-lpd\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2009-1513.html", "edition": 1, "reporter": "CentOS Project", "published": "2009-10-30T15:43:47", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "title": "cups security update", "type": "centos", "bulletinFamily": "unix", "cvelist": ["CVE-2009-3608", "CVE-2009-3609"], "modified": "2009-10-30T15:43:47", "href": "http://lists.centos.org/pipermail/centos-announce/2009-October/016218.html", "id": "CESA-2009:1513", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-03T18:26:20", "references": ["https://rhn.redhat.com/errata/RHSA-2010-0755.html", "http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xBEFA581B"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.1.22-0.rc1.9.32.el4.10", "packageFilename": "cups-libs-1.1.22-0.rc1.9.32.el4.10.x86_64.rpm", "packageName": "cups-libs", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.1.22-0.rc1.9.32.el4.10", "packageFilename": "cups-1.1.22-0.rc1.9.32.el4.10.src.rpm", "packageName": "cups", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.1.22-0.rc1.9.32.el4.10", "packageFilename": "cups-1.1.22-0.rc1.9.32.el4.10.src.rpm", "packageName": "cups", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.1.22-0.rc1.9.32.el4.10", "packageFilename": "cups-devel-1.1.22-0.rc1.9.32.el4.10.x86_64.rpm", "packageName": "cups-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.1.22-0.rc1.9.32.el4.10", "packageFilename": "cups-1.1.22-0.rc1.9.32.el4.10.x86_64.rpm", "packageName": "cups", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.1.22-0.rc1.9.32.el4.10", "packageFilename": "cups-1.1.22-0.rc1.9.32.el4.10.i386.rpm", "packageName": "cups", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.1.22-0.rc1.9.32.el4.10", "packageFilename": "cups-libs-1.1.22-0.rc1.9.32.el4.10.i386.rpm", "packageName": "cups-libs", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.1.22-0.rc1.9.32.el4.10", "packageFilename": "cups-libs-1.1.22-0.rc1.9.32.el4.10.i386.rpm", "packageName": "cups-libs", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.1.22-0.rc1.9.32.el4.10", "packageFilename": "cups-devel-1.1.22-0.rc1.9.32.el4.10.i386.rpm", "packageName": "cups-devel", "arch": "i386", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2010:0755\n\n\nThe Common UNIX Printing System (CUPS) provides a portable printing layer\nfor UNIX operating systems. The CUPS \"pdftops\" filter converts Portable\nDocument Format (PDF) files to PostScript.\n\nMultiple flaws were discovered in the CUPS \"pdftops\" filter. An attacker\ncould create a malicious PDF file that, when printed, would cause \"pdftops\"\nto crash or, potentially, execute arbitrary code as the \"lp\" user.\n(CVE-2010-3702, CVE-2009-3609)\n\nUsers of cups are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing this\nupdate, the cupsd daemon will be restarted automatically.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2010-October/017051.html\nhttp://lists.centos.org/pipermail/centos-announce/2010-October/017052.html\n\n**Affected packages:**\ncups\ncups-devel\ncups-libs\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2010-0755.html", "edition": 1, "reporter": "CentOS Project", "published": "2010-10-09T18:14:48", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "title": "cups security update", "type": "centos", "bulletinFamily": "unix", "cvelist": ["CVE-2009-3609", "CVE-2010-3702"], "modified": "2010-10-09T18:15:37", "href": "http://lists.centos.org/pipermail/centos-announce/2010-October/017051.html", "id": "CESA-2010:0755", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "redhat": [{"lastseen": "2018-12-11T17:45:28", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "5", "packageVersion": "0.5.4-4.4.el5_4.11", "arch": "i386", "packageName": "poppler", "packageFilename": "poppler-0.5.4-4.4.el5_4.11.i386.rpm", "operator": "lt"}], "description": "Poppler is a Portable Document Format (PDF) rendering library, used by\napplications such as Evince.\n\nMultiple integer overflow flaws were found in poppler. An attacker could\ncreate a malicious PDF file that would cause applications that use poppler\n(such as Evince) to crash or, potentially, execute arbitrary code when\nopened. (CVE-2009-3603, CVE-2009-3608, CVE-2009-3609)\n\nRed Hat would like to thank Chris Rohlf for reporting the CVE-2009-3608\nissue.\n\nThis update also corrects a regression introduced in the previous poppler\nsecurity update, RHSA-2009:0480, that prevented poppler from rendering\ncertain PDF documents correctly. (BZ#528147)\n\nUsers are advised to upgrade to these updated packages, which contain\nbackported patches to resolve these issues.", "reporter": "RedHat", "published": "2009-10-15T04:00:00", "type": "redhat", "title": "(RHSA-2009:1504) Important: poppler security and bug fix update", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-3603", "CVE-2009-3608", "CVE-2009-3609"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2017-09-08T11:58:29", "id": "RHSA-2009:1504", "href": "https://access.redhat.com/errata/RHSA-2009:1504", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T17:44:56", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.00-22.el4_8.1", "arch": "i386", "packageName": "xpdf", "packageFilename": "xpdf-3.00-22.el4_8.1.i386.rpm", "operator": "lt"}], "description": "Xpdf is an X Window System based viewer for Portable Document Format (PDF)\nfiles.\n\nMultiple integer overflow flaws were found in Xpdf. An attacker could\ncreate a malicious PDF file that would cause Xpdf to crash or, potentially,\nexecute arbitrary code when opened. (CVE-2009-0791, CVE-2009-1188,\nCVE-2009-3604, CVE-2009-3606, CVE-2009-3608, CVE-2009-3609)\n\nRed Hat would like to thank Adam Zabrocki for reporting the CVE-2009-3604\nissue, and Chris Rohlf for reporting the CVE-2009-3608 issue.\n\nUsers are advised to upgrade to this updated package, which contains a\nbackported patch to correct these issues.", "reporter": "RedHat", "published": "2009-10-15T04:00:00", "type": "redhat", "title": "(RHSA-2009:1501) Important: xpdf security update", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-0791", "CVE-2009-1188", "CVE-2009-3604", "CVE-2009-3606", "CVE-2009-3608", "CVE-2009-3609"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2017-09-08T12:20:16", "id": "RHSA-2009:1501", "href": "https://access.redhat.com/errata/RHSA-2009:1501", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T17:43:55", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "5", "packageVersion": "3.5.4-15.el5_4.2", "arch": "i386", "packageName": "kdegraphics", "packageFilename": "kdegraphics-3.5.4-15.el5_4.2.i386.rpm", "operator": "lt"}], "description": "The kdegraphics packages contain applications for the K Desktop\nEnvironment, including KPDF, a viewer for Portable Document Format (PDF)\nfiles.\n\nMultiple integer overflow flaws were found in KPDF. An attacker could\ncreate a malicious PDF file that would cause KPDF to crash or, potentially,\nexecute arbitrary code when opened. (CVE-2009-0791, CVE-2009-1188,\nCVE-2009-3604, CVE-2009-3606, CVE-2009-3608, CVE-2009-3609)\n\nRed Hat would like to thank Adam Zabrocki for reporting the CVE-2009-3604\nissue, and Chris Rohlf for reporting the CVE-2009-3608 issue.\n\nUsers are advised to upgrade to these updated packages, which contain a\nbackported patch to resolve these issues.", "reporter": "RedHat", "published": "2009-10-15T04:00:00", "type": "redhat", "title": "(RHSA-2009:1502) Important: kdegraphics security update", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-0791", "CVE-2009-1188", "CVE-2009-3604", "CVE-2009-3606", "CVE-2009-3608", "CVE-2009-3609"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2017-09-08T12:13:54", "id": "RHSA-2009:1502", "href": "https://access.redhat.com/errata/RHSA-2009:1502", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T17:41:38", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "4", "packageVersion": "2.8.2-7.7.2.el4_8.5", "arch": "i386", "packageName": "gpdf", "packageFilename": "gpdf-2.8.2-7.7.2.el4_8.5.i386.rpm", "operator": "lt"}], "description": "GPdf is a viewer for Portable Document Format (PDF) files.\n\nMultiple integer overflow flaws were found in GPdf. An attacker could\ncreate a malicious PDF file that would cause GPdf to crash or, potentially,\nexecute arbitrary code when opened. (CVE-2009-0791, CVE-2009-1188,\nCVE-2009-3604, CVE-2009-3608, CVE-2009-3609)\n\nRed Hat would like to thank Adam Zabrocki for reporting the CVE-2009-3604\nissue, and Chris Rohlf for reporting the CVE-2009-3608 issue.\n\nUsers are advised to upgrade to this updated package, which contains a\nbackported patch to correct these issues.", "reporter": "RedHat", "published": "2009-10-15T04:00:00", "type": "redhat", "title": "(RHSA-2009:1503) Important: gpdf security update", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-0791", "CVE-2009-1188", "CVE-2009-3604", "CVE-2009-3608", "CVE-2009-3609"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2017-09-08T11:55:25", "id": "RHSA-2009:1503", "href": "https://access.redhat.com/errata/RHSA-2009:1503", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T17:43:44", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "4", "packageVersion": "3.3.1-15.el4_8.2", "arch": "i386", "packageName": "kdegraphics", "packageFilename": "kdegraphics-3.3.1-15.el4_8.2.i386.rpm", "operator": "lt"}], "description": "The kdegraphics packages contain applications for the K Desktop\nEnvironment, including KPDF, a viewer for Portable Document Format (PDF)\nfiles.\n\nMultiple integer overflow flaws were found in KPDF. An attacker could\ncreate a malicious PDF file that would cause KPDF to crash or, potentially,\nexecute arbitrary code when opened. (CVE-2009-0791, CVE-2009-1188,\nCVE-2009-3604, CVE-2009-3608, CVE-2009-3609)\n\nRed Hat would like to thank Adam Zabrocki for reporting the CVE-2009-3604\nissue, and Chris Rohlf for reporting the CVE-2009-3608 issue.\n\nUsers are advised to upgrade to these updated packages, which contain a\nbackported patch to resolve these issues.", "reporter": "RedHat", "published": "2009-10-15T04:00:00", "type": "redhat", "title": "(RHSA-2009:1512) Important: kdegraphics security update", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-0791", "CVE-2009-1188", "CVE-2009-3604", "CVE-2009-3608", "CVE-2009-3609"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2017-09-08T12:17:50", "id": "RHSA-2009:1512", "href": "https://access.redhat.com/errata/RHSA-2009:1512", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-05-27T21:42:40", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "3", "packageVersion": "2.02-17.el3", "arch": "ppc", "packageName": "xpdf", "packageFilename": "xpdf-2.02-17.el3.ppc.rpm", "operator": "lt"}], "description": "Xpdf is an X Window System based viewer for Portable Document Format (PDF)\nfiles.\n\nMultiple integer overflow flaws were found in Xpdf. An attacker could\ncreate a malicious PDF file that would cause Xpdf to crash or, potentially,\nexecute arbitrary code when opened. (CVE-2009-0791, CVE-2009-3604,\nCVE-2009-3606, CVE-2009-3609)\n\nRed Hat would like to thank Adam Zabrocki for reporting the CVE-2009-3604\nissue.\n\nUsers are advised to upgrade to this updated package, which contains a\nbackported patch to correct these issues.", "reporter": "RedHat", "published": "2009-10-15T04:00:00", "type": "redhat", "title": "(RHSA-2009:1500) Important: xpdf security update", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-0791", "CVE-2009-3604", "CVE-2009-3606", "CVE-2009-3609"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-05-26T04:26:18", "id": "RHSA-2009:1500", "href": "https://access.redhat.com/errata/RHSA-2009:1500", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T17:42:30", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "5", "packageVersion": "1.3.7-11.el5_4.3", "arch": "i386", "packageName": "cups-libs", "packageFilename": "cups-libs-1.3.7-11.el5_4.3.i386.rpm", "operator": "lt"}], "description": "The Common UNIX Printing System (CUPS) provides a portable printing layer\nfor UNIX operating systems. The CUPS \"pdftops\" filter converts Portable\nDocument Format (PDF) files to PostScript.\n\nTwo integer overflow flaws were found in the CUPS \"pdftops\" filter. An\nattacker could create a malicious PDF file that would cause \"pdftops\" to\ncrash or, potentially, execute arbitrary code as the \"lp\" user if the file\nwas printed. (CVE-2009-3608, CVE-2009-3609)\n\nRed Hat would like to thank Chris Rohlf for reporting the CVE-2009-3608\nissue.\n\nUsers of cups are advised to upgrade to these updated packages, which\ncontain a backported patch to correct these issues. After installing the\nupdate, the cupsd daemon will be restarted automatically.", "reporter": "RedHat", "published": "2009-10-15T04:00:00", "type": "redhat", "title": "(RHSA-2009:1513) Moderate: cups security update", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-3608", "CVE-2009-3609"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2017-09-08T12:05:19", "id": "RHSA-2009:1513", "href": "https://access.redhat.com/errata/RHSA-2009:1513", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T17:43:26", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.1.22-0.rc1.9.32.el4_8.10", "arch": "i386", "packageName": "cups", "packageFilename": "cups-1.1.22-0.rc1.9.32.el4_8.10.i386.rpm", "operator": "lt"}], "description": "The Common UNIX Printing System (CUPS) provides a portable printing layer\nfor UNIX operating systems. The CUPS \"pdftops\" filter converts Portable\nDocument Format (PDF) files to PostScript.\n\nMultiple flaws were discovered in the CUPS \"pdftops\" filter. An attacker\ncould create a malicious PDF file that, when printed, would cause \"pdftops\"\nto crash or, potentially, execute arbitrary code as the \"lp\" user.\n(CVE-2010-3702, CVE-2009-3609)\n\nUsers of cups are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing this\nupdate, the cupsd daemon will be restarted automatically.\n", "reporter": "RedHat", "published": "2010-10-07T04:00:00", "type": "redhat", "title": "(RHSA-2010:0755) Important: cups security update", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2009-3609", "CVE-2010-3702"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2017-09-08T12:17:06", "id": "RHSA-2010:0755", "href": "https://access.redhat.com/errata/RHSA-2010:0755", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:29", "references": ["http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3604", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3607", "https://bugs.gentoo.org/show_bug.cgi?id=263028", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0799", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1183", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1789", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0146", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0166", "https://bugs.gentoo.org/show_bug.cgi?id=352581", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3603", "https://bugs.gentoo.org/show_bug.cgi?id=480366", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0165", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1188", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3608", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3605", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1788", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1790", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4654", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3609", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3702", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3938", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3703", "https://bugs.gentoo.org/show_bug.cgi?id=290430", "https://bugs.gentoo.org/show_bug.cgi?id=290464", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1179", "https://bugs.gentoo.org/show_bug.cgi?id=459866", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2142", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0195", "https://bugs.gentoo.org/show_bug.cgi?id=338878", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1182", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1180", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3704", "https://bugs.gentoo.org/show_bug.cgi?id=308017", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0147", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1187", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4653", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0800", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1181", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3606"], "affectedPackage": [{"OS": "Gentoo", "OSVersion": "any", "packageVersion": "0.22.2-r1", "arch": "all", "packageFilename": "UNKNOWN", "packageName": "app-text/poppler", "operator": "lt"}], "edition": 1, "description": "### Background\n\nPoppler is a cross-platform PDF rendering library originally based on Xpdf. \n\n### Description\n\nMultiple vulnerabilities have been discovered in Poppler. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could entice a user to open a specially crafted PDF file, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Poppler users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-text/poppler-0.22.2-r1\"", "reporter": "Gentoo Foundation", "published": "2013-10-06T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "type": "gentoo", "title": "Poppler: Multiple vulnerabilities", "bulletinFamily": "unix", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-1181", "CVE-2009-3607", "CVE-2009-1188", "CVE-2012-2142", "CVE-2009-1180", "CVE-2009-0195", "CVE-2010-4653", "CVE-2013-1788", "CVE-2009-3606", "CVE-2009-0799", "CVE-2009-1182", "CVE-2013-1790", "CVE-2009-0165", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-0166", "CVE-2013-1789", "CVE-2009-3609", "CVE-2009-3938", "CVE-2009-0147", "CVE-2009-1187", "CVE-2009-1183", "CVE-2010-3704", "CVE-2010-4654", "CVE-2009-0800", "CVE-2009-0146", "CVE-2010-3702", "CVE-2010-3703", "CVE-2009-1179"], "modified": "2013-10-06T00:00:00", "id": "GLSA-201310-03", "href": "https://security.gentoo.org/glsa/201310-03", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}