Search...

Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 9.1 / current : xpdf (SSA:2009-302-01)

2009-10-29T00:00:00

ID SLACKWARE_SSA_2009-302-01.NASL
Type nessus
Reporter Tenable
Modified 2016-12-09T00:00:00

Description

New xpdf packages are available for Slackware 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix security issues.

                                        
                                            #
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Slackware Security Advisory 2009-302-01. The text 
# itself is copyright (C) Slackware Linux, Inc.
#

if (NASL_LEVEL &lt; 3000) exit(0);

include("compat.inc");

if (description)
{
  script_id(42293);
  script_version("$Revision: 1.13 $");
  script_cvs_date("$Date: 2016/12/09 20:54:58 $");

  script_cve_id("CVE-2009-3603", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-3606", "CVE-2009-3608", "CVE-2009-3609");
  script_bugtraq_id(36703);
  script_osvdb_id(59175, 59176, 59177, 59178, 59179, 59180, 59181, 59182, 59183, 59825);
  script_xref(name:"SSA", value:"2009-302-01");

  script_name(english:"Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 9.1 / current : xpdf (SSA:2009-302-01)");
  script_summary(english:"Checks for updated package in /var/log/packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Slackware host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"New xpdf packages are available for Slackware 9.1, 10.0, 10.1, 10.2,
11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix security issues."
  );
  # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.585854
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?e3495990"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected xpdf package.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_cwe_id(189, 399);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:slackware:slackware_linux:xpdf");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:10.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:10.1");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:10.2");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:11.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:12.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:12.1");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:12.2");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:13.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:9.1");

  script_set_attribute(attribute:"patch_publication_date", value:"2009/10/29");
  script_set_attribute(attribute:"plugin_publication_date", value:"2009/10/29");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.");
  script_family(english:"Slackware Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Slackware/release", "Host/Slackware/packages");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("slackware.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Slackware/release")) audit(AUDIT_OS_NOT, "Slackware");
if (!get_kb_item("Host/Slackware/packages")) audit(AUDIT_PACKAGE_LIST_MISSING);


cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" &gt;!&lt; cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Slackware", cpu);


flag = 0;
if (slackware_check(osver:"9.1", pkgname:"xpdf", pkgver:"3.02pl4", pkgarch:"i486", pkgnum:"1_slack9.1")) flag++;

if (slackware_check(osver:"10.0", pkgname:"xpdf", pkgver:"3.02pl4", pkgarch:"i486", pkgnum:"1_slack10.0")) flag++;

if (slackware_check(osver:"10.1", pkgname:"xpdf", pkgver:"3.02pl4", pkgarch:"i486", pkgnum:"1_slack10.1")) flag++;

if (slackware_check(osver:"10.2", pkgname:"xpdf", pkgver:"3.02pl4", pkgarch:"i486", pkgnum:"1_slack10.2")) flag++;

if (slackware_check(osver:"11.0", pkgname:"xpdf", pkgver:"3.02pl4", pkgarch:"i486", pkgnum:"1_slack11.0")) flag++;

if (slackware_check(osver:"12.0", pkgname:"xpdf", pkgver:"3.02pl4", pkgarch:"i486", pkgnum:"1_slack12.0")) flag++;

if (slackware_check(osver:"12.1", pkgname:"xpdf", pkgver:"3.02pl4", pkgarch:"i486", pkgnum:"1_slack12.1")) flag++;

if (slackware_check(osver:"12.2", pkgname:"xpdf", pkgver:"3.02pl4", pkgarch:"i486", pkgnum:"1_slack12.2")) flag++;

if (slackware_check(osver:"13.0", pkgname:"xpdf", pkgver:"3.02pl4", pkgarch:"i486", pkgnum:"1_slack13.0")) flag++;
if (slackware_check(osver:"13.0", arch:"x86_64", pkgname:"xpdf", pkgver:"3.02pl4", pkgarch:"x86_64", pkgnum:"1_slack13.0")) flag++;

if (slackware_check(osver:"current", pkgname:"xpdf", pkgver:"3.02pl4", pkgarch:"i486", pkgnum:"1")) flag++;
if (slackware_check(osver:"current", arch:"x86_64", pkgname:"xpdf", pkgver:"3.02pl4", pkgarch:"x86_64", pkgnum:"1")) flag++;


if (flag)
{
  if (report_verbosity &gt; 0) security_hole(port:0, extra:slackware_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");

JSON Vulners Source

Initial Source

{"hash": "9d885e3476c7caa87da6c83dd4abd33769321bc3bd125816e14ac97c6ba5cdbb", "naslFamily": "Slackware Local Security Checks", "id": "SLACKWARE_SSA_2009-302-01.NASL", "lastseen": "2017-10-29T13:36:50", "viewCount": 3, "hashmap": [{"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "50f77a5fc8b1360499ad211f22545dc8", "key": "cpe"}, {"hash": "3e11a47e08439232f42a209efa61912e", "key": "cvelist"}, {"hash": "2076413bdcb42307d016f5286cbae795", "key": "cvss"}, {"hash": "3cc2d181271797b9e089ddb7263e0987", "key": "description"}, {"hash": "d6f385a9dfc88031692c12fd466b9e10", "key": "href"}, {"hash": "3f29908c6bb6f5efaf3e67cda47b94f7", "key": "modified"}, {"hash": "43a3ec56ec636b53af6d97a47899295c", "key": "naslFamily"}, {"hash": "72e81de94dfc0373b006ca75e9c851a1", "key": "pluginID"}, {"hash": "9241135ad5589209cfecf47d77e8289f", "key": "published"}, {"hash": "dbe8490a2306a688b8e7274f6c4be51c", "key": "references"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "4a82993e5bae24a8de850ec42ad6df26", "key": "sourceData"}, {"hash": "6f1bbf42385776271e2f36360eaf155a", "key": "title"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}], "bulletinFamily": "scanner", "cpe": ["cpe:/o:slackware:slackware_linux:12.0", "cpe:/o:slackware:slackware_linux:12.2", "cpe:/o:slackware:slackware_linux:9.1", "cpe:/o:slackware:slackware_linux:13.0", "cpe:/o:slackware:slackware_linux:10.1", "cpe:/o:slackware:slackware_linux:10.0", "p-cpe:/a:slackware:slackware_linux:xpdf", "cpe:/o:slackware:slackware_linux:11.0", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:10.2", "cpe:/o:slackware:slackware_linux:12.1"], "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "edition": 3, "enchantments": {"vulnersScore": 5.0}, "type": "nessus", "description": "New xpdf packages are available for Slackware 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix security issues.", "title": "Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 9.1 / current : xpdf (SSA:2009-302-01)", "history": [{"bulletin": {"hash": "881feb458cf91ccb90b247d1e6ad2fc4e68149b3fbd526c0055884b523319a73", "naslFamily": "Slackware Local Security Checks", "edition": 1, "lastseen": "2016-09-26T17:24:13", "viewCount": 1, "hashmap": [{"hash": "3e11a47e08439232f42a209efa61912e", "key": "cvelist"}, {"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "3cc2d181271797b9e089ddb7263e0987", "key": "description"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "dab2c88dbe46e37b3606fac8b73c9715", "key": "sourceData"}, {"hash": "a33e65a768b0cca01f769a54f9f4ed8b", "key": "cvss"}, {"hash": "6f1bbf42385776271e2f36360eaf155a", "key": "title"}, {"hash": "dbe8490a2306a688b8e7274f6c4be51c", "key": "references"}, {"hash": "d6f385a9dfc88031692c12fd466b9e10", "key": "href"}, {"hash": "9241135ad5589209cfecf47d77e8289f", "key": "published"}, {"hash": "7ffda9669264dbb8d98fe2f4177b79f6", "key": "modified"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "72e81de94dfc0373b006ca75e9c851a1", "key": "pluginID"}, {"hash": "43a3ec56ec636b53af6d97a47899295c", "key": "naslFamily"}], "bulletinFamily": "exploit", "history": [], "id": "SLACKWARE_SSA_2009-302-01.NASL", "type": "nessus", "description": "New xpdf packages are available for Slackware 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix security issues.", "title": "Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 9.1 / current : xpdf (SSA:2009-302-01)", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "objectVersion": "1.2", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-3609"], "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2009-302-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(42293);\n script_version(\"$Revision: 1.12 $\");\n script_cvs_date(\"$Date: 2013/10/25 10:43:06 $\");\n\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3605\", \"CVE-2009-3606\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_bugtraq_id(36703);\n script_osvdb_id(59175, 59176, 59177, 59178, 59179, 59180, 59181, 59182, 59183, 59825);\n script_xref(name:\"SSA\", value:\"2009-302-01\");\n\n script_name(english:\"Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 9.1 / current : xpdf (SSA:2009-302-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New xpdf packages are available for Slackware 9.1, 10.0, 10.1, 10.2,\n11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.585854\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e3495990\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected xpdf package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:xpdf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:11.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:9.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2013 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"9.1\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack9.1\")) flag++;\n\nif (slackware_check(osver:\"10.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack10.0\")) flag++;\n\nif (slackware_check(osver:\"10.1\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack10.1\")) flag++;\n\nif (slackware_check(osver:\"10.2\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack10.2\")) flag++;\n\nif (slackware_check(osver:\"11.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack11.0\")) flag++;\n\nif (slackware_check(osver:\"12.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack12.0\")) flag++;\n\nif (slackware_check(osver:\"12.1\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack12.1\")) flag++;\n\nif (slackware_check(osver:\"12.2\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack12.2\")) flag++;\n\nif (slackware_check(osver:\"13.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack13.0\")) flag++;\nif (slackware_check(osver:\"13.0\", arch:\"x86_64\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.0\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "published": "2009-10-29T00:00:00", "pluginID": "42293", "references": ["http://www.nessus.org/u?e3495990"], "reporter": "Tenable", "modified": "2013-10-25T00:00:00", "href": "https://www.tenable.com/plugins/index.php?view=single&id=42293"}, "lastseen": "2016-09-26T17:24:13", "edition": 1, "differentElements": ["modified", "sourceData"]}, {"bulletin": {"hash": "5ca10e347aa1ebcd3c13653da1b6faf1e9a92da42eb7faff4767d2bf829382ab", "naslFamily": "Slackware Local Security Checks", "edition": 2, "lastseen": "2016-12-10T05:35:04", "enchantments": {}, "hashmap": [{"hash": "3e11a47e08439232f42a209efa61912e", "key": "cvelist"}, {"hash": "3cc2d181271797b9e089ddb7263e0987", "key": "description"}, {"hash": "2076413bdcb42307d016f5286cbae795", "key": "cvss"}, {"hash": "4a82993e5bae24a8de850ec42ad6df26", "key": "sourceData"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "6f1bbf42385776271e2f36360eaf155a", "key": "title"}, {"hash": "dbe8490a2306a688b8e7274f6c4be51c", "key": "references"}, {"hash": "3f29908c6bb6f5efaf3e67cda47b94f7", "key": "modified"}, {"hash": "d6f385a9dfc88031692c12fd466b9e10", "key": "href"}, {"hash": "9241135ad5589209cfecf47d77e8289f", "key": "published"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "72e81de94dfc0373b006ca75e9c851a1", "key": "pluginID"}, {"hash": "43a3ec56ec636b53af6d97a47899295c", "key": "naslFamily"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "bulletinFamily": "scanner", "cpe": [], "history": [], "id": "SLACKWARE_SSA_2009-302-01.NASL", "type": "nessus", "description": "New xpdf packages are available for Slackware 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix security issues.", "viewCount": 3, "title": "Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 9.1 / current : xpdf (SSA:2009-302-01)", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "objectVersion": "1.2", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-3609"], "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2009-302-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(42293);\n script_version(\"$Revision: 1.13 $\");\n script_cvs_date(\"$Date: 2016/12/09 20:54:58 $\");\n\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3605\", \"CVE-2009-3606\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_bugtraq_id(36703);\n script_osvdb_id(59175, 59176, 59177, 59178, 59179, 59180, 59181, 59182, 59183, 59825);\n script_xref(name:\"SSA\", value:\"2009-302-01\");\n\n script_name(english:\"Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 9.1 / current : xpdf (SSA:2009-302-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New xpdf packages are available for Slackware 9.1, 10.0, 10.1, 10.2,\n11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.585854\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e3495990\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected xpdf package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:xpdf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:11.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:9.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"9.1\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack9.1\")) flag++;\n\nif (slackware_check(osver:\"10.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack10.0\")) flag++;\n\nif (slackware_check(osver:\"10.1\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack10.1\")) flag++;\n\nif (slackware_check(osver:\"10.2\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack10.2\")) flag++;\n\nif (slackware_check(osver:\"11.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack11.0\")) flag++;\n\nif (slackware_check(osver:\"12.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack12.0\")) flag++;\n\nif (slackware_check(osver:\"12.1\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack12.1\")) flag++;\n\nif (slackware_check(osver:\"12.2\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack12.2\")) flag++;\n\nif (slackware_check(osver:\"13.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack13.0\")) flag++;\nif (slackware_check(osver:\"13.0\", arch:\"x86_64\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.0\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "published": "2009-10-29T00:00:00", "pluginID": "42293", "references": ["http://www.nessus.org/u?e3495990"], "reporter": "Tenable", "modified": "2016-12-09T00:00:00", "href": "https://www.tenable.com/plugins/index.php?view=single&id=42293"}, "lastseen": "2016-12-10T05:35:04", "edition": 2, "differentElements": ["cpe"]}], "objectVersion": "1.3", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-3609"], "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2009-302-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(42293);\n script_version(\"$Revision: 1.13 $\");\n script_cvs_date(\"$Date: 2016/12/09 20:54:58 $\");\n\n script_cve_id(\"CVE-2009-3603\", \"CVE-2009-3604\", \"CVE-2009-3605\", \"CVE-2009-3606\", \"CVE-2009-3608\", \"CVE-2009-3609\");\n script_bugtraq_id(36703);\n script_osvdb_id(59175, 59176, 59177, 59178, 59179, 59180, 59181, 59182, 59183, 59825);\n script_xref(name:\"SSA\", value:\"2009-302-01\");\n\n script_name(english:\"Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 9.1 / current : xpdf (SSA:2009-302-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New xpdf packages are available for Slackware 9.1, 10.0, 10.1, 10.2,\n11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.585854\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e3495990\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected xpdf package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:xpdf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:11.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:9.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"9.1\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack9.1\")) flag++;\n\nif (slackware_check(osver:\"10.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack10.0\")) flag++;\n\nif (slackware_check(osver:\"10.1\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack10.1\")) flag++;\n\nif (slackware_check(osver:\"10.2\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack10.2\")) flag++;\n\nif (slackware_check(osver:\"11.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack11.0\")) flag++;\n\nif (slackware_check(osver:\"12.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack12.0\")) flag++;\n\nif (slackware_check(osver:\"12.1\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack12.1\")) flag++;\n\nif (slackware_check(osver:\"12.2\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack12.2\")) flag++;\n\nif (slackware_check(osver:\"13.0\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1_slack13.0\")) flag++;\nif (slackware_check(osver:\"13.0\", arch:\"x86_64\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.0\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"xpdf\", pkgver:\"3.02pl4\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "published": "2009-10-29T00:00:00", "pluginID": "42293", "references": ["http://www.nessus.org/u?e3495990"], "reporter": "Tenable", "modified": "2016-12-09T00:00:00", "href": "https://www.tenable.com/plugins/index.php?view=single&id=42293"}

{"result": {"cve": [{"id": "CVE-2009-3608", "type": "cve", "title": "CVE-2009-3608", "description": "Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow.", "published": "2009-10-21T13:30:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3608", "cvelist": ["CVE-2009-3608"], "lastseen": "2017-09-19T13:36:40"}, {"id": "CVE-2009-3603", "type": "cve", "title": "CVE-2009-3603", "description": "Integer overflow in the SplashBitmap::SplashBitmap function in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1 might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2009-1188.", "published": "2009-10-21T13:30:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3603", "cvelist": ["CVE-2009-3603"], "lastseen": "2017-09-19T13:36:40"}, {"id": "CVE-2009-3606", "type": "cve", "title": "CVE-2009-3606", "description": "Integer overflow in the PSOutputDev::doImageL1Sep function in Xpdf before 3.02pl4, and Poppler 0.x, as used in kdegraphics KPDF, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow.", "published": "2009-10-21T13:30:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3606", "cvelist": ["CVE-2009-3606"], "lastseen": "2017-09-19T13:36:40"}, {"id": "CVE-2009-3604", "type": "cve", "title": "CVE-2009-3604", "description": "The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before 3.02pl4, and Poppler 0.x, as used in GPdf and kdegraphics KPDF, does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document that triggers a NULL pointer dereference or a heap-based buffer overflow.", "published": "2009-10-21T13:30:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3604", "cvelist": ["CVE-2009-3604"], "lastseen": "2017-09-19T13:36:40"}, {"id": "CVE-2009-3605", "type": "cve", "title": "CVE-2009-3605", "description": "Multiple integer overflows in Poppler 0.10.5 and earlier allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file, related to (1) glib/poppler-page.cc; (2) ArthurOutputDev.cc, (3) CairoOutputDev.cc, (4) GfxState.cc, (5) JBIG2Stream.cc, (6) PSOutputDev.cc, and (7) SplashOutputDev.cc in poppler/; and (8) SplashBitmap.cc, (9) Splash.cc, and (10) SplashFTFont.cc in splash/. NOTE: this may overlap CVE-2009-0791.", "published": "2009-11-02T10:30:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3605", "cvelist": ["CVE-2009-3605"], "lastseen": "2017-09-19T13:36:40"}, {"id": "CVE-2009-3609", "type": "cve", "title": "CVE-2009-3609", "description": "Integer overflow in the ImageStream::ImageStream function in Stream.cc in Xpdf before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, and CUPS pdftops, allows remote attackers to cause a denial of service (application crash) via a crafted PDF document that triggers a NULL pointer dereference or buffer over-read.", "published": "2009-10-21T13:30:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3609", "cvelist": ["CVE-2009-3609"], "lastseen": "2017-09-19T13:36:40"}], "nessus": [{"id": "CENTOS_RHSA-2009-1513.NASL", "type": "nessus", "title": "CentOS 5 : cups (CESA-2009:1513)", "description": "Updated cups packages that fix two security issues are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nThe Common UNIX Printing System (CUPS) provides a portable printing layer for UNIX operating systems. The CUPS 'pdftops' filter converts Portable Document Format (PDF) files to PostScript.\n\nTwo integer overflow flaws were found in the CUPS 'pdftops' filter. An attacker could create a malicious PDF file that would cause 'pdftops' to crash or, potentially, execute arbitrary code as the 'lp' user if the file was printed. (CVE-2009-3608, CVE-2009-3609)\n\nRed Hat would like to thank Chris Rohlf for reporting the CVE-2009-3608 issue.\n\nUsers of cups are advised to upgrade to these updated packages, which contain a backported patch to correct these issues. After installing the update, the cupsd daemon will be restarted automatically.", "published": "2010-01-06T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=43806", "cvelist": ["CVE-2009-3608", "CVE-2009-3609"], "lastseen": "2017-10-29T13:33:34"}, {"id": "SUSE_CUPS-6565.NASL", "type": "nessus", "title": "openSUSE 10 Security Update : cups (cups-6565)", "description": "Specially crafted PDF files could cause buffer overflows in the pdftops filter when printing such a document (CVE-2009-3608, CVE-2009-3609)", "published": "2009-11-16T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=42815", "cvelist": ["CVE-2009-3608", "CVE-2009-3609"], "lastseen": "2017-10-29T13:35:46"}, {"id": "MANDRIVA_MDVSA-2009-280.NASL", "type": "nessus", "title": "Mandriva Linux Security Advisory : cups (MDVSA-2009:280)", "description": "Two integer overflow flaws were found in the CUPS pdftops filter. An attacker could create a malicious PDF file that would cause pdftops to crash or, potentially, execute arbitrary code as the lp user if the file was printed. (CVE-2009-3608, CVE-2009-3609)\n\nThis update corrects the problem.", "published": "2010-07-30T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=48156", "cvelist": ["CVE-2009-3608", "CVE-2009-3609"], "lastseen": "2017-10-29T13:35:42"}, {"id": "REDHAT-RHSA-2009-1513.NASL", "type": "nessus", "title": "RHEL 5 : cups (RHSA-2009:1513)", "description": "Updated cups packages that fix two security issues are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nThe Common UNIX Printing System (CUPS) provides a portable printing layer for UNIX operating systems. The CUPS 'pdftops' filter converts Portable Document Format (PDF) files to PostScript.\n\nTwo integer overflow flaws were found in the CUPS 'pdftops' filter. An attacker could create a malicious PDF file that would cause 'pdftops' to crash or, potentially, execute arbitrary code as the 'lp' user if the file was printed. (CVE-2009-3608, CVE-2009-3609)\n\nRed Hat would like to thank Chris Rohlf for reporting the CVE-2009-3608 issue.\n\nUsers of cups are advised to upgrade to these updated packages, which contain a backported patch to correct these issues. After installing the update, the cupsd daemon will be restarted automatically.", "published": "2009-10-16T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=42165", "cvelist": ["CVE-2009-3608", "CVE-2009-3609"], "lastseen": "2017-10-29T13:35:20"}, {"id": "ORACLELINUX_ELSA-2009-1513.NASL", "type": "nessus", "title": "Oracle Linux 5 : cups (ELSA-2009-1513)", "description": "From Red Hat Security Advisory 2009:1513 :\n\nUpdated cups packages that fix two security issues are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nThe Common UNIX Printing System (CUPS) provides a portable printing layer for UNIX operating systems. The CUPS 'pdftops' filter converts Portable Document Format (PDF) files to PostScript.\n\nTwo integer overflow flaws were found in the CUPS 'pdftops' filter. An attacker could create a malicious PDF file that would cause 'pdftops' to crash or, potentially, execute arbitrary code as the 'lp' user if the file was printed. (CVE-2009-3608, CVE-2009-3609)\n\nRed Hat would like to thank Chris Rohlf for reporting the CVE-2009-3608 issue.\n\nUsers of cups are advised to upgrade to these updated packages, which contain a backported patch to correct these issues. After installing the update, the cupsd daemon will be restarted automatically.", "published": "2013-07-12T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=67944", "cvelist": ["CVE-2009-3608", "CVE-2009-3609"], "lastseen": "2017-10-29T13:37:18"}, {"id": "SUSE_POPPLER-6751.NASL", "type": "nessus", "title": "SuSE 10 Security Update : poppler (ZYPP Patch Number 6751)", "description": "This update of poppler fixes two security issues :\n\n - Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow.\n (CVE-2009-3608)\n\n - A indexing error in FoFiType1::parse() was fixed that could be used by attackers to corrupt memory and potentially execute code. (CVE-2009-4035)", "published": "2010-01-03T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=43621", "cvelist": ["CVE-2009-3608", "CVE-2009-4035"], "lastseen": "2017-10-29T13:38:20"}, {"id": "SUSE_POPPLER-6743.NASL", "type": "nessus", "title": "SuSE 10 Security Update : poppler (ZYPP Patch Number 6743)", "description": "This update of poppler fixes two security issues :\n\n - Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow.\n (CVE-2009-3608)\n\n - A indexing error in FoFiType1::parse() was fixed that could be used by attackers to corrupt memory and potentially execute code. (CVE-2009-4035)", "published": "2010-10-11T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=49916", "cvelist": ["CVE-2009-3608", "CVE-2009-4035"], "lastseen": "2017-10-29T13:33:26"}, {"id": "SL_20091015_CUPS_ON_SL5_X.NASL", "type": "nessus", "title": "Scientific Linux Security Update : cups on SL5.x i386/x86_64", "description": "Two integer overflow flaws were found in the CUPS 'pdftops' filter. An attacker could create a malicious PDF file that would cause 'pdftops' to crash or, potentially, execute arbitrary code as the 'lp' user if the file was printed. (CVE-2009-3608, CVE-2009-3609)\n\nAfter installing the update, the cupsd daemon will be restarted automatically.\n\nNote: Some older versions of SL 5 needed a newer version of rpm for this update. The SL 5.4 version of rpm and popt is included with this update.\n\nNote: This update is already in SL 5.4", "published": "2012-08-01T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=60677", "cvelist": ["CVE-2009-3608", "CVE-2009-3609"], "lastseen": "2017-10-29T13:43:55"}, {"id": "SUSE_KDEGRAPHICS3-PDF-6652.NASL", "type": "nessus", "title": "SuSE 10 Security Update : kdegraphics3-pdf (ZYPP Patch Number 6652)", "description": "Specially crafted PDF files could cause buffer overflows in the pdftops filter when printing such a document. CVE-2009-3608: CVSS v2 Base Score: 9.3 CVE-2009-3609: CVSS v2 Base Score: 4.", "published": "2010-10-11T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=49865", "cvelist": ["CVE-2009-3608", "CVE-2009-3609"], "lastseen": "2017-10-29T13:37:05"}, {"id": "SUSE_KDEGRAPHICS3-PDF-6653.NASL", "type": "nessus", "title": "SuSE 10 Security Update : kdegraphics3-pdf (ZYPP Patch Number 6653)", "description": "Specially crafted PDF files could cause buffer overflows in the pdftops filter when printing such a document. CVE-2009-3608: CVSS v2 Base Score: 9.3 CVE-2009-3609: CVSS v2 Base Score: 4.", "published": "2009-11-16T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=42816", "cvelist": ["CVE-2009-3608", "CVE-2009-3609"], "lastseen": "2017-10-29T13:36:25"}], "openvas": [{"id": "OPENVAS:1361412562310830933", "type": "openvas", "title": "Mandriva Update for irqbalance MDVA-2010:086 (irqbalance)", "description": "Check for the Version of irqbalance", "published": "2010-03-12T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310830933", "cvelist": ["CVE-2009-3608", "CVE-2009-3609"], "lastseen": "2018-01-03T10:54:27"}, {"id": "OPENVAS:66085", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:280 (cups)", "description": "The remote host is missing an update to cups\nannounced via advisory MDVSA-2009:280.", "published": "2009-10-27T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=66085", "cvelist": ["CVE-2009-3608", "CVE-2009-3609"], "lastseen": "2017-07-24T12:56:26"}, {"id": "OPENVAS:66018", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1513", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:1513.\n\nThe Common UNIX Printing System (CUPS) provides a portable printing layer\nfor UNIX operating systems. The CUPS pdftops filter converts Portable\nDocument Format (PDF) files to PostScript.\n\nTwo integer overflow flaws were found in the CUPS pdftops filter. An\nattacker could create a malicious PDF file that would cause pdftops to\ncrash or, potentially, execute arbitrary code as the lp user if the file\nwas printed. (CVE-2009-3608, CVE-2009-3609)\n\nRed Hat would like to thank Chris Rohlf for reporting the CVE-2009-3608\nissue.\n\nUsers of cups are advised to upgrade to these updated packages, which\ncontain a backported patch to correct these issues. After installing the\nupdate, the cupsd daemon will be restarted automatically.", "published": "2009-10-19T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=66018", "cvelist": ["CVE-2009-3608", "CVE-2009-3609"], "lastseen": "2017-07-27T10:55:44"}, {"id": "OPENVAS:830933", "type": "openvas", "title": "Mandriva Update for irqbalance MDVA-2010:086 (irqbalance)", "description": "Check for the Version of irqbalance", "published": "2010-03-12T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=830933", "cvelist": ["CVE-2009-3608", "CVE-2009-3609"], "lastseen": "2017-12-15T11:57:51"}, {"id": "OPENVAS:136141256231066282", "type": "openvas", "title": "SLES10: Security update for kdegraphics3-pdf", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n kdegraphics3-pdf\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "published": "2009-11-17T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066282", "cvelist": ["CVE-2009-3608", "CVE-2009-3609"], "lastseen": "2018-04-06T11:38:09"}, {"id": "OPENVAS:136141256231066165", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:1513 (cups)", "description": "The remote host is missing updates to cups announced in\nadvisory CESA-2009:1513.", "published": "2009-11-11T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066165", "cvelist": ["CVE-2009-3608", "CVE-2009-3609"], "lastseen": "2018-04-06T11:37:48"}, {"id": "OPENVAS:136141256231066018", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1513", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:1513.\n\nThe Common UNIX Printing System (CUPS) provides a portable printing layer\nfor UNIX operating systems. The CUPS pdftops filter converts Portable\nDocument Format (PDF) files to PostScript.\n\nTwo integer overflow flaws were found in the CUPS pdftops filter. An\nattacker could create a malicious PDF file that would cause pdftops to\ncrash or, potentially, execute arbitrary code as the lp user if the file\nwas printed. (CVE-2009-3608, CVE-2009-3609)\n\nRed Hat would like to thank Chris Rohlf for reporting the CVE-2009-3608\nissue.\n\nUsers of cups are advised to upgrade to these updated packages, which\ncontain a backported patch to correct these issues. After installing the\nupdate, the cupsd daemon will be restarted automatically.", "published": "2009-10-19T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=136141256231066018", "cvelist": ["CVE-2009-3608", "CVE-2009-3609"], "lastseen": "2018-04-06T11:37:33"}, {"id": "OPENVAS:1361412562310122427", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2009-1513", "description": "Oracle Linux Local Security Checks ELSA-2009-1513", "published": "2015-10-08T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122427", "cvelist": ["CVE-2009-3608", "CVE-2009-3609"], "lastseen": "2017-07-24T12:52:23"}, {"id": "OPENVAS:1361412562310880874", "type": "openvas", "title": "CentOS Update for cups CESA-2009:1513 centos5 i386", "description": "Check for the Version of cups", "published": "2011-08-09T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880874", "cvelist": ["CVE-2009-3608", "CVE-2009-3609"], "lastseen": "2018-04-09T11:35:48"}, {"id": "OPENVAS:66282", "type": "openvas", "title": "SLES10: Security update for kdegraphics3-pdf", "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n kdegraphics3-pdf\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "published": "2009-11-17T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=66282", "cvelist": ["CVE-2009-3608", "CVE-2009-3609"], "lastseen": "2017-07-26T08:55:30"}], "oraclelinux": [{"id": "ELSA-2009-1513", "type": "oraclelinux", "title": "cups security update", "description": "[1:1.3.7-11:.3]\n- Include NULL pointer check in ObjectStream::getObject. Part of the\n fix for CVE-2009-3608 (bug #526637).\n[1:1.3.7-11:.2]\n- Applied patch to fix CVE-2009-3608 (bug #526637) and\n CVE-2009-3609 (bug #526893). ", "published": "2009-10-15T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2009-1513.html", "cvelist": ["CVE-2009-3608", "CVE-2009-3609"], "lastseen": "2016-09-04T11:16:54"}, {"id": "ELSA-2009-1504", "type": "oraclelinux", "title": "poppler security and bug fix update", "description": "[0.5.4-4.4.el5_4.11]\n- Fixes various flaws addressed in bugs #526637, #526893 and #526915\n which were tracked in #527403.\n- Resolves: #527403\n[0.5.4-4.4.el5_4.10]\n- Add poppler-0.5.4-JBIG2-segment-reading.patch to\n fix reading of arithmetically encoded JBIG2 images with\n unknown length.\n- Resolves: #528147", "published": "2009-10-15T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2009-1504.html", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3609"], "lastseen": "2016-09-04T11:16:25"}, {"id": "ELSA-2009-1512", "type": "oraclelinux", "title": "kdegraphics security update", "description": "[3.3.1-15.2]\n- Add missing NULL check to CVE-2009-3608 patch\n[3.3.1-15.1]\n- CVE-2009-0791", "published": "2009-10-15T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2009-1512.html", "cvelist": ["CVE-2009-3608", "CVE-2009-1188", "CVE-2009-0791", "CVE-2009-3604", "CVE-2009-3609"], "lastseen": "2016-09-04T11:16:12"}, {"id": "ELSA-2009-1503", "type": "oraclelinux", "title": "gpdf security update", "description": "[2.8.2-7.7.2.el4_8.5]\n- Fixes various flaws addressed in bugs #491840 (CVE-2009-0791),\n - Resolves: #527413", "published": "2009-10-15T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2009-1503.html", "cvelist": ["CVE-2009-3608", "CVE-2009-1188", "CVE-2009-0791", "CVE-2009-3604", "CVE-2009-3609"], "lastseen": "2016-09-04T11:16:08"}, {"id": "ELSA-2009-1501", "type": "oraclelinux", "title": "xpdf security update", "description": "[3.00-22.1]\n- Resolves: #527468, CVE-2009-0791\n[3.00-22.el4]\n- CVE-2009-0791\n[3.00-21.el4]\n- CVE-2009-0791", "published": "2009-10-15T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2009-1501.html", "cvelist": ["CVE-2009-3608", "CVE-2009-1188", "CVE-2009-0791", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3609"], "lastseen": "2016-09-04T11:16:42"}, {"id": "ELSA-2010-0400", "type": "oraclelinux", "title": "tetex security update", "description": "[3.0-33.8.el5.5]\n- unify patches for CVE-2010-0739 and CVE-2010-1440\n[3.0-33.8.el5.4]\n- fix CVE-2010-1440 (#586819)\n[3.0-33.8.el5.3]\n- initialize data in arithmetic coder elsewhere (CVE-2009-0146)\n[3.0-33.8.el5.2]\n- initialize dataLen to properly fix CVE-2009-0146\n[3.0-33.8.el5.1]\n- fix CVE-2010-0739 CVE-2010-0829 CVE-2007-5936 CVE-2007-5937\nCVE-2009-0146 CVE-2009-0195 CVE-2009-0147 CVE-2009-0166 CVE-2009-0799\nCVE-2009-0800 CVE-2009-1179 CVE-2009-1180 CVE-2009-1181 CVE-2009-1182\nCVE-2009-1183 CVE-2009-0791 CVE-2009-3608 CVE-2009-3609\nResolves: #577328 ", "published": "2010-05-06T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2010-0400.html", "cvelist": ["CVE-2009-3608", "CVE-2009-1181", "CVE-2009-0791", "CVE-2007-5936", "CVE-2009-1180", "CVE-2009-0195", "CVE-2010-0829", "CVE-2010-1440", "CVE-2009-0799", "CVE-2009-1182", "CVE-2009-0166", "CVE-2009-3609", "CVE-2009-0147", "CVE-2010-0739", "CVE-2009-1183", "CVE-2009-0800", "CVE-2009-0146", "CVE-2007-5937", "CVE-2009-1179"], "lastseen": "2016-09-04T11:16:59"}, {"id": "ELSA-2009-0458", "type": "oraclelinux", "title": "gpdf security update", "description": "[2.8.2-7.7.2.el4_7.4]\n- More memory allocation checks.\n- Resolves: #490716\n[2.8.2-7.7.2.el4_7.3]\n- A small change of specfile.\n- Resolves: #490716\n[2.8.2-7.7.2.el4_7.2]\n- Fixes problems with memory allocation.\n- Resolves: #490716\n[2.8.2-7.7.2.el4_7.1]\n- Add patch for CVE-2009-0146, CVE-2009-0147, CVE-2009-0166.\n- Resolves: #490716", "published": "2009-04-30T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2009-0458.html", "cvelist": ["CVE-2009-1181", "CVE-2009-1180", "CVE-2009-0195", "CVE-2009-3606", "CVE-2009-0799", "CVE-2009-1182", "CVE-2009-0166", "CVE-2009-0147", "CVE-2009-1183", "CVE-2009-0800", "CVE-2009-0146", "CVE-2009-1179"], "lastseen": "2016-09-04T11:17:10"}, {"id": "ELSA-2009-0480", "type": "oraclelinux", "title": "poppler security update", "description": "[0.5.4-4.4.el5_3.9]\n- Another fix of integer overflows.\n- Adds memory-allocation.patch.\n- Resolves: #490707\n[0.5.4-4.4.el5_3.8]\n- Change calling of exit() to _exit().\n- Adds exit-handling.patch.\n- Resolves: #490707\n[0.5.4-4.4.el5_3.7]\n- Improve handling of EOF at JBIG2Stream.cc.\n- Adds eof-handling.patch.\n- Resolves: #490707\n[0.5.4-4.4.el5_3.6]\n- Memory handling from upstream.\n- Removes CVE-2009-0146.CVE-2009-0147.CVE-2009-0166.allocation-size-check.patch.\n- Adds upstream-memory-handling.patch.\n- Resolves: #490707\n[0.5.4-4.4.el5_3.5]\n- Fix allocation of memory in several functions.\n- Adds CVE-2009-0146.CVE-2009-0147.CVE-2009-0166.allocation-size-check.patch.\n- Removes CVE-2009-0146.CVE-2009-0147.CVE-2009-0166.long-int.patch.\n- Resolves: #490707\n[0.5.4-4.4.el5_3.4]\n- Fix allocation of memory in several functions.\n- Add CVE-2009-0146.CVE-2009-0147.CVE-2009-0166.long-type.patch.\n- Resolves: #490707\n[0.5.4-4.4.el5_3.3]\n- Add CVE-2009-0146.CVE-2009-0147.CVE-2009-0166.mem.patch.\n- Resolves: #490707\n[0.5.4-4.4.el5_3.2]\n- A little change of spec file because to pass *RPM requires/provides* test.\n- Resolves: #490707\n[0.5.4-4.4.el5_3.1]\n- Add CVE-2009-0146.CVE-2009-0147.CVE-2009-0166.patch.\n- Resolves: #490707 ", "published": "2009-05-13T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2009-0480.html", "cvelist": ["CVE-2009-1181", "CVE-2009-1188", "CVE-2009-0791", "CVE-2009-1180", "CVE-2009-0195", "CVE-2009-3606", "CVE-2009-0799", "CVE-2009-1182", "CVE-2009-3604", "CVE-2009-0166", "CVE-2009-0147", "CVE-2009-1187", "CVE-2009-1183", "CVE-2009-0800", "CVE-2009-0146", "CVE-2009-1179"], "lastseen": "2016-09-04T11:17:08"}, {"id": "ELSA-2010-0755", "type": "oraclelinux", "title": "cups security update", "description": "[1:1.1.22-0.rc1.9.32:.10]\n- Applied small fix to CVE-2009-0791 change: allow objSize=0 in\n gmallocCn() if C > 0. As well as being correct, this aids with\n testing the fix for CVE-2009-3609.\n[1:1.1.22-0.rc1.9.32:.9]\n- Back-ported upstream patch to fix integer overflow in pdftops\n ImageStream (CVE-2009-3609, bug #526893).\n[1:1.1.22-0.rc1.9.32:.7]\n- Applied upstream patch to fix uninitialized Gfx::parser pointer\n dereference (CVE-2010-3702, bug #595245).", "published": "2010-10-07T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://linux.oracle.com/errata/ELSA-2010-0755.html", "cvelist": ["CVE-2009-0791", "CVE-2009-3609", "CVE-2010-3702"], "lastseen": "2016-09-04T11:16:42"}, {"id": "ELSA-2010-0401", "type": "oraclelinux", "title": "tetex security update", "description": "[1.0.7-67.19]\n- apply patch for CVE-2007-5935 in proper location\n[1.0.7-67.18]\n- add overflow check for CVE-2009-0791\n- unify pacthes for 2010-0739 and CVE-2010-1440\n[1.0.7-67.17]\n- fix version typos in the last changelog entries\n[1.0.7-67.16]\n- include limits.h for INT_MAX\n[1.0.7-67.15]\n- fix CVE-2009-0791 patch, xpdf in this old version doesn't know\n anything about GMEM_EXCEP\n[1.0.7-67.14]\n- add another hunk to CVE-2010-0827 patch to fix tfmload.c as well\n (https://bugzilla.redhat.com/show_bug.cgi?id=577322#c3)\n[1.0.7-67.13]\n- fix virtual fonts patch, CVE-2010-0827\n (https://bugzilla.redhat.com/show_bug.cgi?id=572914#c11)\n[1.0.7-67.12]\n- fix CVE-2007-5935 CVE-2007-5936 CVE-2007-5937 CVE-2009-0791 CVE-2009-3609\nCVE-2010-0739 CVE-2010-0827\nResolves: #577309", "published": "2010-05-06T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://linux.oracle.com/errata/ELSA-2010-0401.html", "cvelist": ["CVE-2009-0791", "CVE-2007-5936", "CVE-2010-1440", "CVE-2010-0827", "CVE-2009-3609", "CVE-2010-0739", "CVE-2007-5937", "CVE-2007-5935"], "lastseen": "2016-09-04T11:16:18"}], "redhat": [{"id": "RHSA-2009:1513", "type": "redhat", "title": "(RHSA-2009:1513) Moderate: cups security update", "description": "The Common UNIX Printing System (CUPS) provides a portable printing layer\nfor UNIX operating systems. The CUPS \"pdftops\" filter converts Portable\nDocument Format (PDF) files to PostScript.\n\nTwo integer overflow flaws were found in the CUPS \"pdftops\" filter. An\nattacker could create a malicious PDF file that would cause \"pdftops\" to\ncrash or, potentially, execute arbitrary code as the \"lp\" user if the file\nwas printed. (CVE-2009-3608, CVE-2009-3609)\n\nRed Hat would like to thank Chris Rohlf for reporting the CVE-2009-3608\nissue.\n\nUsers of cups are advised to upgrade to these updated packages, which\ncontain a backported patch to correct these issues. After installing the\nupdate, the cupsd daemon will be restarted automatically.", "published": "2009-10-15T04:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2009:1513", "cvelist": ["CVE-2009-3608", "CVE-2009-3609"], "lastseen": "2017-09-09T07:19:42"}, {"id": "RHSA-2009:1504", "type": "redhat", "title": "(RHSA-2009:1504) Important: poppler security and bug fix update", "description": "Poppler is a Portable Document Format (PDF) rendering library, used by\napplications such as Evince.\n\nMultiple integer overflow flaws were found in poppler. An attacker could\ncreate a malicious PDF file that would cause applications that use poppler\n(such as Evince) to crash or, potentially, execute arbitrary code when\nopened. (CVE-2009-3603, CVE-2009-3608, CVE-2009-3609)\n\nRed Hat would like to thank Chris Rohlf for reporting the CVE-2009-3608\nissue.\n\nThis update also corrects a regression introduced in the previous poppler\nsecurity update, RHSA-2009:0480, that prevented poppler from rendering\ncertain PDF documents correctly. (BZ#528147)\n\nUsers are advised to upgrade to these updated packages, which contain\nbackported patches to resolve these issues.", "published": "2009-10-15T04:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2009:1504", "cvelist": ["CVE-2009-3603", "CVE-2009-3608", "CVE-2009-3609"], "lastseen": "2017-09-09T07:19:26"}, {"id": "RHSA-2009:1503", "type": "redhat", "title": "(RHSA-2009:1503) Important: gpdf security update", "description": "GPdf is a viewer for Portable Document Format (PDF) files.\n\nMultiple integer overflow flaws were found in GPdf. An attacker could\ncreate a malicious PDF file that would cause GPdf to crash or, potentially,\nexecute arbitrary code when opened. (CVE-2009-0791, CVE-2009-1188,\nCVE-2009-3604, CVE-2009-3608, CVE-2009-3609)\n\nRed Hat would like to thank Adam Zabrocki for reporting the CVE-2009-3604\nissue, and Chris Rohlf for reporting the CVE-2009-3608 issue.\n\nUsers are advised to upgrade to this updated package, which contains a\nbackported patch to correct these issues.", "published": "2009-10-15T04:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2009:1503", "cvelist": ["CVE-2009-0791", "CVE-2009-1188", "CVE-2009-3604", "CVE-2009-3608", "CVE-2009-3609"], "lastseen": "2017-09-09T07:19:50"}, {"id": "RHSA-2009:1512", "type": "redhat", "title": "(RHSA-2009:1512) Important: kdegraphics security update", "description": "The kdegraphics packages contain applications for the K Desktop\nEnvironment, including KPDF, a viewer for Portable Document Format (PDF)\nfiles.\n\nMultiple integer overflow flaws were found in KPDF. An attacker could\ncreate a malicious PDF file that would cause KPDF to crash or, potentially,\nexecute arbitrary code when opened. (CVE-2009-0791, CVE-2009-1188,\nCVE-2009-3604, CVE-2009-3608, CVE-2009-3609)\n\nRed Hat would like to thank Adam Zabrocki for reporting the CVE-2009-3604\nissue, and Chris Rohlf for reporting the CVE-2009-3608 issue.\n\nUsers are advised to upgrade to these updated packages, which contain a\nbackported patch to resolve these issues.", "published": "2009-10-15T04:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2009:1512", "cvelist": ["CVE-2009-0791", "CVE-2009-1188", "CVE-2009-3604", "CVE-2009-3608", "CVE-2009-3609"], "lastseen": "2017-09-09T07:20:05"}, {"id": "RHSA-2009:1502", "type": "redhat", "title": "(RHSA-2009:1502) Important: kdegraphics security update", "description": "The kdegraphics packages contain applications for the K Desktop\nEnvironment, including KPDF, a viewer for Portable Document Format (PDF)\nfiles.\n\nMultiple integer overflow flaws were found in KPDF. An attacker could\ncreate a malicious PDF file that would cause KPDF to crash or, potentially,\nexecute arbitrary code when opened. (CVE-2009-0791, CVE-2009-1188,\nCVE-2009-3604, CVE-2009-3606, CVE-2009-3608, CVE-2009-3609)\n\nRed Hat would like to thank Adam Zabrocki for reporting the CVE-2009-3604\nissue, and Chris Rohlf for reporting the CVE-2009-3608 issue.\n\nUsers are advised to upgrade to these updated packages, which contain a\nbackported patch to resolve these issues.", "published": "2009-10-15T04:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2009:1502", "cvelist": ["CVE-2009-0791", "CVE-2009-1188", "CVE-2009-3604", "CVE-2009-3606", "CVE-2009-3608", "CVE-2009-3609"], "lastseen": "2017-09-09T07:19:24"}, {"id": "RHSA-2009:1501", "type": "redhat", "title": "(RHSA-2009:1501) Important: xpdf security update", "description": "Xpdf is an X Window System based viewer for Portable Document Format (PDF)\nfiles.\n\nMultiple integer overflow flaws were found in Xpdf. An attacker could\ncreate a malicious PDF file that would cause Xpdf to crash or, potentially,\nexecute arbitrary code when opened. (CVE-2009-0791, CVE-2009-1188,\nCVE-2009-3604, CVE-2009-3606, CVE-2009-3608, CVE-2009-3609)\n\nRed Hat would like to thank Adam Zabrocki for reporting the CVE-2009-3604\nissue, and Chris Rohlf for reporting the CVE-2009-3608 issue.\n\nUsers are advised to upgrade to this updated package, which contains a\nbackported patch to correct these issues.", "published": "2009-10-15T04:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2009:1501", "cvelist": ["CVE-2009-0791", "CVE-2009-1188", "CVE-2009-3604", "CVE-2009-3606", "CVE-2009-3608", "CVE-2009-3609"], "lastseen": "2017-09-09T07:19:16"}, {"id": "RHSA-2010:0400", "type": "redhat", "title": "(RHSA-2010:0400) Moderate: tetex security update", "description": "teTeX is an implementation of TeX. TeX takes a text file and a set of\nformatting commands as input, and creates a typesetter-independent DeVice\nIndependent (DVI) file as output.\n\nMultiple integer overflow flaws were found in the way teTeX processed\nspecial commands when converting DVI files into PostScript. An attacker\ncould create a malicious DVI file that would cause the dvips executable to\ncrash or, potentially, execute arbitrary code. (CVE-2010-0739,\nCVE-2010-1440)\n\nMultiple array index errors were found in the way teTeX converted DVI files\ninto the Portable Network Graphics (PNG) format. An attacker could create a\nmalicious DVI file that would cause the dvipng executable to crash.\n(CVE-2010-0829)\n\nteTeX embeds a copy of Xpdf, an open source Portable Document Format (PDF)\nfile viewer, to allow adding images in PDF format to the generated PDF\ndocuments. The following issues affect Xpdf code:\n\nMultiple integer overflow flaws were found in Xpdf's JBIG2 decoder. If a\nlocal user generated a PDF file from a TeX document, referencing a\nspecially-crafted PDF file, it would cause Xpdf to crash or, potentially,\nexecute arbitrary code with the privileges of the user running pdflatex.\n(CVE-2009-0147, CVE-2009-1179)\n\nMultiple integer overflow flaws were found in Xpdf. If a local user\ngenerated a PDF file from a TeX document, referencing a specially-crafted\nPDF file, it would cause Xpdf to crash or, potentially, execute arbitrary\ncode with the privileges of the user running pdflatex. (CVE-2009-0791,\nCVE-2009-3608, CVE-2009-3609)\n\nA heap-based buffer overflow flaw was found in Xpdf's JBIG2 decoder. If a\nlocal user generated a PDF file from a TeX document, referencing a\nspecially-crafted PDF file, it would cause Xpdf to crash or, potentially,\nexecute arbitrary code with the privileges of the user running pdflatex.\n(CVE-2009-0195)\n\nMultiple buffer overflow flaws were found in Xpdf's JBIG2 decoder. If a\nlocal user generated a PDF file from a TeX document, referencing a\nspecially-crafted PDF file, it would cause Xpdf to crash or, potentially,\nexecute arbitrary code with the privileges of the user running pdflatex.\n(CVE-2009-0146, CVE-2009-1182)\n\nMultiple flaws were found in Xpdf's JBIG2 decoder that could lead to the\nfreeing of arbitrary memory. If a local user generated a PDF file from a\nTeX document, referencing a specially-crafted PDF file, it would cause\nXpdf to crash or, potentially, execute arbitrary code with the privileges\nof the user running pdflatex. (CVE-2009-0166, CVE-2009-1180)\n\nMultiple input validation flaws were found in Xpdf's JBIG2 decoder. If a\nlocal user generated a PDF file from a TeX document, referencing a\nspecially-crafted PDF file, it would cause Xpdf to crash or, potentially,\nexecute arbitrary code with the privileges of the user running pdflatex.\n(CVE-2009-0800)\n\nMultiple denial of service flaws were found in Xpdf's JBIG2 decoder. If a\nlocal user generated a PDF file from a TeX document, referencing a\nspecially-crafted PDF file, it would cause Xpdf to crash. (CVE-2009-0799,\nCVE-2009-1181, CVE-2009-1183)\n\nRed Hat would like to thank Braden Thomas and Drew Yao of the Apple Product\nSecurity team, Will Dormann of the CERT/CC, Alin Rad Pop of Secunia\nResearch, and Chris Rohlf, for responsibly reporting the Xpdf flaws.\n\nAll users of tetex are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues.\n", "published": "2010-05-06T04:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2010:0400", "cvelist": ["CVE-2009-0146", "CVE-2009-0147", "CVE-2009-0166", "CVE-2009-0195", "CVE-2009-0791", "CVE-2009-0799", "CVE-2009-0800", "CVE-2009-1179", "CVE-2009-1180", "CVE-2009-1181", "CVE-2009-1182", "CVE-2009-1183", "CVE-2009-3608", "CVE-2009-3609", "CVE-2010-0739", "CVE-2010-0829", "CVE-2010-1440"], "lastseen": "2017-09-08T13:20:42"}, {"id": "RHSA-2009:1500", "type": "redhat", "title": "(RHSA-2009:1500) Important: xpdf security update", "description": "Xpdf is an X Window System based viewer for Portable Document Format (PDF)\nfiles.\n\nMultiple integer overflow flaws were found in Xpdf. An attacker could\ncreate a malicious PDF file that would cause Xpdf to crash or, potentially,\nexecute arbitrary code when opened. (CVE-2009-0791, CVE-2009-3604,\nCVE-2009-3606, CVE-2009-3609)\n\nRed Hat would like to thank Adam Zabrocki for reporting the CVE-2009-3604\nissue.\n\nUsers are advised to upgrade to this updated package, which contains a\nbackported patch to correct these issues.", "published": "2009-10-15T04:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2009:1500", "cvelist": ["CVE-2009-0791", "CVE-2009-3604", "CVE-2009-3606", "CVE-2009-3609"], "lastseen": "2017-08-01T08:57:11"}, {"id": "RHSA-2009:0458", "type": "redhat", "title": "(RHSA-2009:0458) Important: gpdf security update", "description": "GPdf is a viewer for Portable Document Format (PDF) files.\n\nMultiple integer overflow flaws were found in GPdf's JBIG2 decoder. An\nattacker could create a malicious PDF file that would cause GPdf to crash\nor, potentially, execute arbitrary code when opened. (CVE-2009-0147,\nCVE-2009-1179)\n\nMultiple buffer overflow flaws were found in GPdf's JBIG2 decoder. An\nattacker could create a malicious PDF file that would cause GPdf to crash\nor, potentially, execute arbitrary code when opened. (CVE-2009-0146,\nCVE-2009-1182)\n\nMultiple flaws were found in GPdf's JBIG2 decoder that could lead to the\nfreeing of arbitrary memory. An attacker could create a malicious PDF file\nthat would cause GPdf to crash or, potentially, execute arbitrary code when\nopened. (CVE-2009-0166, CVE-2009-1180)\n\nMultiple input validation flaws were found in GPdf's JBIG2 decoder. An\nattacker could create a malicious PDF file that would cause GPdf to crash\nor, potentially, execute arbitrary code when opened. (CVE-2009-0800)\n\nMultiple denial of service flaws were found in GPdf's JBIG2 decoder. An\nattacker could create a malicious PDF that would cause GPdf to crash when\nopened. (CVE-2009-0799, CVE-2009-1181, CVE-2009-1183)\n\nRed Hat would like to thank Braden Thomas and Drew Yao of the Apple Product\nSecurity team, and Will Dormann of the CERT/CC for responsibly reporting\nthese flaws.\n\nUsers are advised to upgrade to this updated package, which contains\nbackported patches to correct these issues.", "published": "2009-04-30T04:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2009:0458", "cvelist": ["CVE-2009-0146", "CVE-2009-0147", "CVE-2009-0166", "CVE-2009-0195", "CVE-2009-0799", "CVE-2009-0800", "CVE-2009-1179", "CVE-2009-1180", "CVE-2009-1181", "CVE-2009-1182", "CVE-2009-1183", "CVE-2009-3606"], "lastseen": "2017-09-09T07:19:31"}, {"id": "RHSA-2009:0480", "type": "redhat", "title": "(RHSA-2009:0480) Important: poppler security update", "description": "Poppler is a Portable Document Format (PDF) rendering library, used by\napplications such as Evince.\n\nMultiple integer overflow flaws were found in poppler. An attacker could\ncreate a malicious PDF file that would cause applications that use poppler\n(such as Evince) to crash or, potentially, execute arbitrary code when\nopened. (CVE-2009-0147, CVE-2009-1179, CVE-2009-1187, CVE-2009-1188)\n\nMultiple buffer overflow flaws were found in poppler's JBIG2 decoder. An\nattacker could create a malicious PDF file that would cause applications\nthat use poppler (such as Evince) to crash or, potentially, execute\narbitrary code when opened. (CVE-2009-0146, CVE-2009-1182)\n\nMultiple flaws were found in poppler's JBIG2 decoder that could lead to the\nfreeing of arbitrary memory. An attacker could create a malicious PDF file\nthat would cause applications that use poppler (such as Evince) to crash\nor, potentially, execute arbitrary code when opened. (CVE-2009-0166,\nCVE-2009-1180)\n\nMultiple input validation flaws were found in poppler's JBIG2 decoder. An\nattacker could create a malicious PDF file that would cause applications\nthat use poppler (such as Evince) to crash or, potentially, execute\narbitrary code when opened. (CVE-2009-0800)\n\nMultiple denial of service flaws were found in poppler's JBIG2 decoder. An\nattacker could create a malicious PDF file that would cause applications\nthat use poppler (such as Evince) to crash when opened. (CVE-2009-0799,\nCVE-2009-1181, CVE-2009-1183)\n\nRed Hat would like to thank Braden Thomas and Drew Yao of the Apple Product\nSecurity team, and Will Dormann of the CERT/CC for responsibly reporting\nthese flaws.\n\nUsers are advised to upgrade to these updated packages, which contain\nbackported patches to resolve these issues.", "published": "2009-05-13T04:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2009:0480", "cvelist": ["CVE-2009-0146", "CVE-2009-0147", "CVE-2009-0166", "CVE-2009-0195", "CVE-2009-0791", "CVE-2009-0799", "CVE-2009-0800", "CVE-2009-1179", "CVE-2009-1180", "CVE-2009-1181", "CVE-2009-1182", "CVE-2009-1183", "CVE-2009-1187", "CVE-2009-1188", "CVE-2009-3604", "CVE-2009-3606"], "lastseen": "2017-09-09T07:20:22"}], "centos": [{"id": "CESA-2009:1513", "type": "centos", "title": "cups security update", "description": "**CentOS Errata and Security Advisory** CESA-2009:1513\n\n\nThe Common UNIX Printing System (CUPS) provides a portable printing layer\nfor UNIX operating systems. The CUPS \"pdftops\" filter converts Portable\nDocument Format (PDF) files to PostScript.\n\nTwo integer overflow flaws were found in the CUPS \"pdftops\" filter. An\nattacker could create a malicious PDF file that would cause \"pdftops\" to\ncrash or, potentially, execute arbitrary code as the \"lp\" user if the file\nwas printed. (CVE-2009-3608, CVE-2009-3609)\n\nRed Hat would like to thank Chris Rohlf for reporting the CVE-2009-3608\nissue.\n\nUsers of cups are advised to upgrade to these updated packages, which\ncontain a backported patch to correct these issues. After installing the\nupdate, the cupsd daemon will be restarted automatically.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/016218.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/016219.html\n\n**Affected packages:**\ncups\ncups-devel\ncups-libs\ncups-lpd\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2009-1513.html", "published": "2009-10-30T15:43:47", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2009-October/016218.html", "cvelist": ["CVE-2009-3608", "CVE-2009-3609"], "lastseen": "2017-10-03T18:24:28"}, {"id": "CESA-2009:1504", "type": "centos", "title": "poppler security update", "description": "**CentOS Errata and Security Advisory** CESA-2009:1504\n\n\nPoppler is a Portable Document Format (PDF) rendering library, used by\napplications such as Evince.\n\nMultiple integer overflow flaws were found in poppler. An attacker could\ncreate a malicious PDF file that would cause applications that use poppler\n(such as Evince) to crash or, potentially, execute arbitrary code when\nopened. (CVE-2009-3603, CVE-2009-3608, CVE-2009-3609)\n\nRed Hat would like to thank Chris Rohlf for reporting the CVE-2009-3608\nissue.\n\nThis update also corrects a regression introduced in the previous poppler\nsecurity update, RHSA-2009:0480, that prevented poppler from rendering\ncertain PDF documents correctly. (BZ#528147)\n\nUsers are advised to upgrade to these updated packages, which contain\nbackported patches to resolve these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/016268.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/016271.html\n\n**Affected packages:**\npoppler\npoppler-devel\npoppler-utils\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2009-1504.html", "published": "2009-10-30T15:43:58", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2009-October/016268.html", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3609"], "lastseen": "2017-10-03T18:25:08"}, {"id": "CESA-2009:1503", "type": "centos", "title": "gpdf security update", "description": "**CentOS Errata and Security Advisory** CESA-2009:1503\n\n\nGPdf is a viewer for Portable Document Format (PDF) files.\n\nMultiple integer overflow flaws were found in GPdf. An attacker could\ncreate a malicious PDF file that would cause GPdf to crash or, potentially,\nexecute arbitrary code when opened. (CVE-2009-0791, CVE-2009-1188,\nCVE-2009-3604, CVE-2009-3608, CVE-2009-3609)\n\nRed Hat would like to thank Adam Zabrocki for reporting the CVE-2009-3604\nissue, and Chris Rohlf for reporting the CVE-2009-3608 issue.\n\nUsers are advised to upgrade to this updated package, which contains a\nbackported patch to correct these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/016191.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/016192.html\n\n**Affected packages:**\ngpdf\n\n**Upstream details at:**\n", "published": "2009-10-16T14:29:50", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2009-October/016191.html", "cvelist": ["CVE-2009-3608", "CVE-2009-1188", "CVE-2009-0791", "CVE-2009-3604", "CVE-2009-3609"], "lastseen": "2017-10-03T18:26:54"}, {"id": "CESA-2009:1512", "type": "centos", "title": "kdegraphics security update", "description": "**CentOS Errata and Security Advisory** CESA-2009:1512\n\n\nThe kdegraphics packages contain applications for the K Desktop\nEnvironment, including KPDF, a viewer for Portable Document Format (PDF)\nfiles.\n\nMultiple integer overflow flaws were found in KPDF. An attacker could\ncreate a malicious PDF file that would cause KPDF to crash or, potentially,\nexecute arbitrary code when opened. (CVE-2009-0791, CVE-2009-1188,\nCVE-2009-3604, CVE-2009-3608, CVE-2009-3609)\n\nRed Hat would like to thank Adam Zabrocki for reporting the CVE-2009-3604\nissue, and Chris Rohlf for reporting the CVE-2009-3608 issue.\n\nUsers are advised to upgrade to these updated packages, which contain a\nbackported patch to resolve these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/016193.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/016194.html\n\n**Affected packages:**\nkdegraphics\nkdegraphics-devel\n\n**Upstream details at:**\n", "published": "2009-10-16T14:29:57", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2009-October/016193.html", "cvelist": ["CVE-2009-3608", "CVE-2009-1188", "CVE-2009-0791", "CVE-2009-3604", "CVE-2009-3609"], "lastseen": "2017-10-03T18:24:48"}, {"id": "CESA-2009:1501", "type": "centos", "title": "xpdf security update", "description": "**CentOS Errata and Security Advisory** CESA-2009:1501\n\n\nXpdf is an X Window System based viewer for Portable Document Format (PDF)\nfiles.\n\nMultiple integer overflow flaws were found in Xpdf. An attacker could\ncreate a malicious PDF file that would cause Xpdf to crash or, potentially,\nexecute arbitrary code when opened. (CVE-2009-0791, CVE-2009-1188,\nCVE-2009-3604, CVE-2009-3606, CVE-2009-3608, CVE-2009-3609)\n\nRed Hat would like to thank Adam Zabrocki for reporting the CVE-2009-3604\nissue, and Chris Rohlf for reporting the CVE-2009-3608 issue.\n\nUsers are advised to upgrade to this updated package, which contains a\nbackported patch to correct these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/016189.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/016190.html\n\n**Affected packages:**\nxpdf\n\n**Upstream details at:**\n", "published": "2009-10-16T14:29:40", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2009-October/016189.html", "cvelist": ["CVE-2009-3608", "CVE-2009-1188", "CVE-2009-0791", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3609"], "lastseen": "2017-10-03T18:25:59"}, {"id": "CESA-2009:1502", "type": "centos", "title": "kdegraphics security update", "description": "**CentOS Errata and Security Advisory** CESA-2009:1502\n\n\nThe kdegraphics packages contain applications for the K Desktop\nEnvironment, including KPDF, a viewer for Portable Document Format (PDF)\nfiles.\n\nMultiple integer overflow flaws were found in KPDF. An attacker could\ncreate a malicious PDF file that would cause KPDF to crash or, potentially,\nexecute arbitrary code when opened. (CVE-2009-0791, CVE-2009-1188,\nCVE-2009-3604, CVE-2009-3606, CVE-2009-3608, CVE-2009-3609)\n\nRed Hat would like to thank Adam Zabrocki for reporting the CVE-2009-3604\nissue, and Chris Rohlf for reporting the CVE-2009-3608 issue.\n\nUsers are advised to upgrade to these updated packages, which contain a\nbackported patch to resolve these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/016232.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/016233.html\n\n**Affected packages:**\nkdegraphics\nkdegraphics-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2009-1502.html", "published": "2009-10-30T15:43:50", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2009-October/016232.html", "cvelist": ["CVE-2009-3608", "CVE-2009-1188", "CVE-2009-0791", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3609"], "lastseen": "2017-10-03T18:25:56"}, {"id": "CESA-2010:0400", "type": "centos", "title": "tetex security update", "description": "**CentOS Errata and Security Advisory** CESA-2010:0400\n\n\nteTeX is an implementation of TeX. TeX takes a text file and a set of\nformatting commands as input, and creates a typesetter-independent DeVice\nIndependent (DVI) file as output.\n\nMultiple integer overflow flaws were found in the way teTeX processed\nspecial commands when converting DVI files into PostScript. An attacker\ncould create a malicious DVI file that would cause the dvips executable to\ncrash or, potentially, execute arbitrary code. (CVE-2010-0739,\nCVE-2010-1440)\n\nMultiple array index errors were found in the way teTeX converted DVI files\ninto the Portable Network Graphics (PNG) format. An attacker could create a\nmalicious DVI file that would cause the dvipng executable to crash.\n(CVE-2010-0829)\n\nteTeX embeds a copy of Xpdf, an open source Portable Document Format (PDF)\nfile viewer, to allow adding images in PDF format to the generated PDF\ndocuments. The following issues affect Xpdf code:\n\nMultiple integer overflow flaws were found in Xpdf's JBIG2 decoder. If a\nlocal user generated a PDF file from a TeX document, referencing a\nspecially-crafted PDF file, it would cause Xpdf to crash or, potentially,\nexecute arbitrary code with the privileges of the user running pdflatex.\n(CVE-2009-0147, CVE-2009-1179)\n\nMultiple integer overflow flaws were found in Xpdf. If a local user\ngenerated a PDF file from a TeX document, referencing a specially-crafted\nPDF file, it would cause Xpdf to crash or, potentially, execute arbitrary\ncode with the privileges of the user running pdflatex. (CVE-2009-0791,\nCVE-2009-3608, CVE-2009-3609)\n\nA heap-based buffer overflow flaw was found in Xpdf's JBIG2 decoder. If a\nlocal user generated a PDF file from a TeX document, referencing a\nspecially-crafted PDF file, it would cause Xpdf to crash or, potentially,\nexecute arbitrary code with the privileges of the user running pdflatex.\n(CVE-2009-0195)\n\nMultiple buffer overflow flaws were found in Xpdf's JBIG2 decoder. If a\nlocal user generated a PDF file from a TeX document, referencing a\nspecially-crafted PDF file, it would cause Xpdf to crash or, potentially,\nexecute arbitrary code with the privileges of the user running pdflatex.\n(CVE-2009-0146, CVE-2009-1182)\n\nMultiple flaws were found in Xpdf's JBIG2 decoder that could lead to the\nfreeing of arbitrary memory. If a local user generated a PDF file from a\nTeX document, referencing a specially-crafted PDF file, it would cause\nXpdf to crash or, potentially, execute arbitrary code with the privileges\nof the user running pdflatex. (CVE-2009-0166, CVE-2009-1180)\n\nMultiple input validation flaws were found in Xpdf's JBIG2 decoder. If a\nlocal user generated a PDF file from a TeX document, referencing a\nspecially-crafted PDF file, it would cause Xpdf to crash or, potentially,\nexecute arbitrary code with the privileges of the user running pdflatex.\n(CVE-2009-0800)\n\nMultiple denial of service flaws were found in Xpdf's JBIG2 decoder. If a\nlocal user generated a PDF file from a TeX document, referencing a\nspecially-crafted PDF file, it would cause Xpdf to crash. (CVE-2009-0799,\nCVE-2009-1181, CVE-2009-1183)\n\nRed Hat would like to thank Braden Thomas and Drew Yao of the Apple Product\nSecurity team, Will Dormann of the CERT/CC, Alin Rad Pop of Secunia\nResearch, and Chris Rohlf, for responsibly reporting the Xpdf flaws.\n\nAll users of tetex are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2010-May/016661.html\nhttp://lists.centos.org/pipermail/centos-announce/2010-May/016662.html\n\n**Affected packages:**\ntetex\ntetex-afm\ntetex-doc\ntetex-dvips\ntetex-fonts\ntetex-latex\ntetex-xdvi\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2010-0400.html", "published": "2010-05-28T11:47:02", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2010-May/016661.html", "cvelist": ["CVE-2009-3608", "CVE-2009-1181", "CVE-2009-0791", "CVE-2009-1180", "CVE-2009-0195", "CVE-2010-0829", "CVE-2010-1440", "CVE-2009-0799", "CVE-2009-1182", "CVE-2009-0166", "CVE-2009-3609", "CVE-2009-0147", "CVE-2010-0739", "CVE-2009-1183", "CVE-2009-0800", "CVE-2009-0146", "CVE-2009-1179"], "lastseen": "2017-10-03T18:25:21"}, {"id": "CESA-2009:1500", "type": "centos", "title": "xpdf security update", "description": "**CentOS Errata and Security Advisory** CESA-2009:1500\n\n\nXpdf is an X Window System based viewer for Portable Document Format (PDF)\nfiles.\n\nMultiple integer overflow flaws were found in Xpdf. An attacker could\ncreate a malicious PDF file that would cause Xpdf to crash or, potentially,\nexecute arbitrary code when opened. (CVE-2009-0791, CVE-2009-3604,\nCVE-2009-3606, CVE-2009-3609)\n\nRed Hat would like to thank Adam Zabrocki for reporting the CVE-2009-3604\nissue.\n\nUsers are advised to upgrade to this updated package, which contains a\nbackported patch to correct these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/016187.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-October/016188.html\n\n**Affected packages:**\nxpdf\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2009-1500.html", "published": "2009-10-15T12:03:48", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2009-October/016187.html", "cvelist": ["CVE-2009-0791", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3609"], "lastseen": "2017-10-03T18:24:57"}, {"id": "CESA-2009:0458", "type": "centos", "title": "gpdf security update", "description": "**CentOS Errata and Security Advisory** CESA-2009:0458\n\n\nGPdf is a viewer for Portable Document Format (PDF) files.\n\nMultiple integer overflow flaws were found in GPdf's JBIG2 decoder. An\nattacker could create a malicious PDF file that would cause GPdf to crash\nor, potentially, execute arbitrary code when opened. (CVE-2009-0147,\nCVE-2009-1179)\n\nMultiple buffer overflow flaws were found in GPdf's JBIG2 decoder. An\nattacker could create a malicious PDF file that would cause GPdf to crash\nor, potentially, execute arbitrary code when opened. (CVE-2009-0146,\nCVE-2009-1182)\n\nMultiple flaws were found in GPdf's JBIG2 decoder that could lead to the\nfreeing of arbitrary memory. An attacker could create a malicious PDF file\nthat would cause GPdf to crash or, potentially, execute arbitrary code when\nopened. (CVE-2009-0166, CVE-2009-1180)\n\nMultiple input validation flaws were found in GPdf's JBIG2 decoder. An\nattacker could create a malicious PDF file that would cause GPdf to crash\nor, potentially, execute arbitrary code when opened. (CVE-2009-0800)\n\nMultiple denial of service flaws were found in GPdf's JBIG2 decoder. An\nattacker could create a malicious PDF that would cause GPdf to crash when\nopened. (CVE-2009-0799, CVE-2009-1181, CVE-2009-1183)\n\nRed Hat would like to thank Braden Thomas and Drew Yao of the Apple Product\nSecurity team, and Will Dormann of the CERT/CC for responsibly reporting\nthese flaws.\n\nUsers are advised to upgrade to this updated package, which contains\nbackported patches to correct these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-May/015840.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-May/015842.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-May/015924.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-May/015925.html\n\n**Affected packages:**\ngpdf\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2009-0458.html", "published": "2009-05-03T13:25:03", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2009-May/015840.html", "cvelist": ["CVE-2009-1181", "CVE-2009-1180", "CVE-2009-0195", "CVE-2009-3606", "CVE-2009-0799", "CVE-2009-1182", "CVE-2009-0166", "CVE-2009-0147", "CVE-2009-1183", "CVE-2009-0800", "CVE-2009-0146", "CVE-2009-1179"], "lastseen": "2017-10-12T14:45:38"}, {"id": "CESA-2009:0480", "type": "centos", "title": "poppler security update", "description": "**CentOS Errata and Security Advisory** CESA-2009:0480\n\n\nPoppler is a Portable Document Format (PDF) rendering library, used by\napplications such as Evince.\n\nMultiple integer overflow flaws were found in poppler. An attacker could\ncreate a malicious PDF file that would cause applications that use poppler\n(such as Evince) to crash or, potentially, execute arbitrary code when\nopened. (CVE-2009-0147, CVE-2009-1179, CVE-2009-1187, CVE-2009-1188)\n\nMultiple buffer overflow flaws were found in poppler's JBIG2 decoder. An\nattacker could create a malicious PDF file that would cause applications\nthat use poppler (such as Evince) to crash or, potentially, execute\narbitrary code when opened. (CVE-2009-0146, CVE-2009-1182)\n\nMultiple flaws were found in poppler's JBIG2 decoder that could lead to the\nfreeing of arbitrary memory. An attacker could create a malicious PDF file\nthat would cause applications that use poppler (such as Evince) to crash\nor, potentially, execute arbitrary code when opened. (CVE-2009-0166,\nCVE-2009-1180)\n\nMultiple input validation flaws were found in poppler's JBIG2 decoder. An\nattacker could create a malicious PDF file that would cause applications\nthat use poppler (such as Evince) to crash or, potentially, execute\narbitrary code when opened. (CVE-2009-0800)\n\nMultiple denial of service flaws were found in poppler's JBIG2 decoder. An\nattacker could create a malicious PDF file that would cause applications\nthat use poppler (such as Evince) to crash when opened. (CVE-2009-0799,\nCVE-2009-1181, CVE-2009-1183)\n\nRed Hat would like to thank Braden Thomas and Drew Yao of the Apple Product\nSecurity team, and Will Dormann of the CERT/CC for responsibly reporting\nthese flaws.\n\nUsers are advised to upgrade to these updated packages, which contain\nbackported patches to resolve these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-May/015865.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-May/015866.html\n\n**Affected packages:**\npoppler\npoppler-devel\npoppler-utils\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2009-0480.html", "published": "2009-05-15T14:28:58", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2009-May/015865.html", "cvelist": ["CVE-2009-1181", "CVE-2009-1188", "CVE-2009-0791", "CVE-2009-1180", "CVE-2009-0195", "CVE-2009-3606", "CVE-2009-0799", "CVE-2009-1182", "CVE-2009-3604", "CVE-2009-0166", "CVE-2009-0147", "CVE-2009-1187", "CVE-2009-1183", "CVE-2009-0800", "CVE-2009-0146", "CVE-2009-1179"], "lastseen": "2017-10-03T18:25:26"}], "ubuntu": [{"id": "USN-850-3", "type": "ubuntu", "title": "poppler vulnerabilities", "description": "USN-850-1 fixed vulnerabilities in poppler. This update provides the corresponding updates for Ubuntu 9.10.\n\nOriginal advisory details:\n\nIt was discovered that poppler contained multiple security issues when parsing malformed PDF documents. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program.", "published": "2009-11-02T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://usn.ubuntu.com/850-3/", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3607", "CVE-2009-3604", "CVE-2009-3609"], "lastseen": "2018-03-29T18:20:28"}, {"id": "USN-850-1", "type": "ubuntu", "title": "poppler vulnerabilities", "description": "It was discovered that poppler contained multiple security issues when parsing malformed PDF documents. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program.", "published": "2009-10-21T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://usn.ubuntu.com/850-1/", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3607", "CVE-2009-0755", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-3609"], "lastseen": "2018-03-29T18:21:15"}, {"id": "USN-973-1", "type": "ubuntu", "title": "KOffice vulnerabilities", "description": "Will Dormann, Alin Rad Pop, Braden Thomas, and Drew Yao discovered that the Xpdf used in KOffice contained multiple security issues in its JBIG2 decoder. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program. (CVE-2009-0146, CVE-2009-0147, CVE-2009-0166, CVE-2009-0799, CVE-2009-0800, CVE-2009-1179, CVE-2009-1180, CVE-2009-1181)\n\nIt was discovered that the Xpdf used in KOffice contained multiple security issues when parsing malformed PDF documents. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program. (CVE-2009-3606, CVE-2009-3608, CVE-2009-3609)\n\nKOffice in Ubuntu 9.04 uses a very old version of Xpdf to import PDFs into KWord. Upstream KDE no longer supports PDF import in KOffice and as a result it was dropped in Ubuntu 9.10. While an attempt was made to fix the above issues, the maintenance burden for supporting this very old version of Xpdf outweighed its utility, and PDF import is now also disabled in Ubuntu 9.04.", "published": "2010-08-17T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://usn.ubuntu.com/973-1/", "cvelist": ["CVE-2009-3608", "CVE-2009-1181", "CVE-2009-1180", "CVE-2009-0195", "CVE-2009-3606", "CVE-2009-0799", "CVE-2009-0165", "CVE-2009-0166", "CVE-2009-3609", "CVE-2009-0147", "CVE-2009-0800", "CVE-2009-0146", "CVE-2009-1179"], "lastseen": "2018-03-29T18:20:11"}, {"id": "USN-850-2", "type": "ubuntu", "title": "poppler regression", "description": "USN-850-1 fixed vulnerabilities in poppler. The security fix for CVE-2009-3605 introduced a regression that would cause certain applications, such as Okular, to segfault when opening certain PDF files.\n\nThis update fixes the problem. We apologize for the inconvenience.\n\nOriginal advisory details:\n\nIt was discovered that poppler contained multiple security issues when parsing malformed PDF documents. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program.", "published": "2009-10-22T00:00:00", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://usn.ubuntu.com/850-2/", "cvelist": ["CVE-2009-3605"], "lastseen": "2018-03-29T18:19:01"}], "slackware": [{"id": "SSA-2009-302-01", "type": "slackware", "title": "xpdf", "description": "New xpdf packages are available for Slackware 9.1, 10.0, 10.1, 10.2, 11.0,\n12.0, 12.1, 12.2, 13.0, and -current to fix security issues.\n\nMore details about the issues may be found in the Common\nVulnerabilities and Exposures (CVE) database:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3605\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609\n\n\nHere are the details from the Slackware 13.0 ChangeLog:\n\npatches/packages/xpdf-3.02pl4-i486-1_slack13.0.tgz: Upgraded.\n This update fixes several security issues that could lead to an\n application crash, or execution of arbitrary code.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3605\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609\n (* Security fix *)\n\nWhere to find the new packages:\n\nHINT: Getting slow download speeds from ftp.slackware.com?\nGive slackware.osuosl.org a try. This is another primary FTP site\nfor Slackware that can be considerably faster than downloading\ndirectly from ftp.slackware.com.\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating additional FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the "Get Slack" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 9.1:\nftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/xpdf-3.02pl4-i486-1_slack9.1.tgz\n\nUpdated package for Slackware 10.0:\nftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/xpdf-3.02pl4-i486-1_slack10.0.tgz\n\nUpdated package for Slackware 10.1:\nftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/xpdf-3.02pl4-i486-1_slack10.1.tgz\n\nUpdated package for Slackware 10.2:\nftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/xpdf-3.02pl4-i486-1_slack10.2.tgz\n\nUpdated package for Slackware 11.0:\nftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/xpdf-3.02pl4-i486-1_slack11.0.tgz\n\nUpdated package for Slackware 12.0:\nftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/xpdf-3.02pl4-i486-1_slack12.0.tgz\n\nUpdated package for Slackware 12.1:\nftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/xpdf-3.02pl4-i486-1_slack12.1.tgz\n\nUpdated package for Slackware 12.2:\nftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/xpdf-3.02pl4-i486-1_slack12.2.tgz\n\nUpdated package for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/xpdf-3.02pl4-i486-1_slack13.0.txz\n\nUpdated package for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/xpdf-3.02pl4-x86_64-1_slack13.0.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/xpdf-3.02pl4-i486-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/xap/xpdf-3.02pl4-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 9.1 package:\nfd58cae84772ed2c03ca720b0a71ef49 xpdf-3.02pl4-i486-1_slack9.1.tgz\n\nSlackware 10.0 package:\n37cf2a9f5c02b6585d622374cd9a8756 xpdf-3.02pl4-i486-1_slack10.0.tgz\n\nSlackware 10.1 package:\na3e2b22532f7a0190782590ee5310b4b xpdf-3.02pl4-i486-1_slack10.1.tgz\n\nSlackware 10.2 package:\n78d27cc6c8a33f21d7e5f21d90aa0c43 xpdf-3.02pl4-i486-1_slack10.2.tgz\n\nSlackware 11.0 package:\nda0134b674360e0509689ad68877a21c xpdf-3.02pl4-i486-1_slack11.0.tgz\n\nSlackware 12.0 package:\ne3a10ebf3f499882a8a364963d6287f9 xpdf-3.02pl4-i486-1_slack12.0.tgz\n\nSlackware 12.1 package:\n83b8a9b89877987c65f9c1bf3a01b321 xpdf-3.02pl4-i486-1_slack12.1.tgz\n\nSlackware 12.2 package:\nddfd41747e7f76e20a8a39911d0080ac xpdf-3.02pl4-i486-1_slack12.2.tgz\n\nSlackware 13.0 package:\n4e42d51c18a7e354e961857096e09140 xpdf-3.02pl4-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 package:\n977dfd83fdb4c1af3d68ffa12c882424 xpdf-3.02pl4-x86_64-1_slack13.0.txz\n\nSlackware -current package:\n3c756246f0db86bea9f9f127f1461e8f xpdf-3.02pl4-i486-1.txz\n\nSlackware x86_64 -current package:\nf8f257349bad0cdf7d0bada5654b0190 xpdf-3.02pl4-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg xpdf-3.02pl4-i486-1_slack13.0.txz", "published": "2009-10-28T23:28:02", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.585854", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-3609"], "lastseen": "2018-02-02T18:11:40"}, {"id": "SSA-2009-302-02", "type": "slackware", "title": "poppler", "description": "New poppler packages are available for Slackware 12.0, 12.1, 12.2, 13.0,\nand -current to fix security issues.\n\nMore details about this issue may be found in the Common\nVulnerabilities and Exposures (CVE) database:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3605\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609\n\n\nHere are the details from the Slackware 13.0 ChangeLog:\n\npatches/packages/poppler-0.10.7-i486-2_slack13.0.txz: Rebuilt.\n This updated package includes patches based on xpdf 3.02pl4.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3605\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609\n (* Security fix *)\n\nWhere to find the new packages:\n\nHINT: Getting slow download speeds from ftp.slackware.com?\nGive slackware.osuosl.org a try. This is another primary FTP site\nfor Slackware that can be considerably faster than downloading\ndirectly from ftp.slackware.com.\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating additional FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the "Get Slack" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 12.0:\nftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/poppler-0.6.2-i486-2_slack12.0.tgz\n\nUpdated package for Slackware 12.1:\nftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/poppler-0.6.4-i486-2_slack12.1.tgz\n\nUpdated package for Slackware 12.2:\nftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/poppler-0.8.5-i486-3_slack12.2.tgz\n\nUpdated package for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/poppler-0.10.7-i486-2_slack13.0.txz\n\nUpdated package for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/poppler-0.10.7-x86_64-2_slack13.0.txz\n\nUpdated packages for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/poppler-0.12.1-i486-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/poppler-data-0.3.0-noarch-1.txz\n\nUpdated packages for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/poppler-0.12.1-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/poppler-data-0.3.0-noarch-1.txz\n\n\nMD5 signatures:\n\nSlackware 12.0 package:\nb084a88ec1c9e5f1402fccb897040576 poppler-0.6.2-i486-2_slack12.0.tgz\n\nSlackware 12.1 package:\n090431253d54585f5aa4276521c4ba7e poppler-0.6.4-i486-2_slack12.1.tgz\n\nSlackware 12.2 package:\nf68a76fa4c24a6d2c201734a30d66008 poppler-0.8.5-i486-3_slack12.2.tgz\n\nSlackware 13.0 package:\nb107cf8a1b87cf068567a7523b2ed095 poppler-0.10.7-i486-2_slack13.0.txz\n\nSlackware x86_64 13.0 package:\n00db7f2b403b75c41e9845af9fb5acf9 poppler-0.10.7-x86_64-2_slack13.0.txz\n\nSlackware -current packages:\n44884e2ac09419ef8d3da49b2e754ee8 poppler-0.12.1-i486-1.txz\n6eb0574ab09269d8789c4b64a56d6692 poppler-data-0.3.0-noarch-1.txz\n\nSlackware x86_64 -current packages:\nc90a9e6dfa090c0098ca45e5e14f0892 poppler-0.12.1-x86_64-1.txz\n28ac087f83577b39cbed515e501ee447 poppler-data-0.3.0-noarch-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg poppler-0.10.7-i486-2_slack13.0.txz", "published": "2009-10-28T23:28:23", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.518348", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-3609"], "lastseen": "2018-02-02T18:11:37"}], "debian": [{"id": "DSA-2050", "type": "debian", "title": "kdegraphics -- several vulnerabilities", "description": "Several local vulnerabilities have been discovered in KPDF, a PDF viewer for KDE, which allow the execution of arbitrary code or denial of service if a user is tricked into opening a crafted PDF document.\n\nFor the stable distribution (lenny), these problems have been fixed in version 4:3.5.9-3+lenny3.\n\nThe unstable distribution (sid) no longer contains kpdf. It's replacement, Okular, links against the poppler PDF library.\n\nWe recommend that you upgrade your kdegraphics packages.", "published": "2010-05-24T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://www.debian.org/security/dsa-2050", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-1188", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3609"], "lastseen": "2016-09-02T18:25:25"}, {"id": "DSA-2028", "type": "debian", "title": "xpdf -- multiple vulnerabilities", "description": "Several vulnerabilities have been identified in xpdf, a suite of tools for viewing and converting Portable Document Format (PDF) files.\n\nThe Common Vulnerabilities and Exposures project identifies the following problems:\n\n * [CVE-2009-1188](<https://security-tracker.debian.org/tracker/CVE-2009-1188>) and [CVE-2009-3603](<https://security-tracker.debian.org/tracker/CVE-2009-3603>)\n\nInteger overflow in SplashBitmap::SplashBitmap which might allow remote attackers to execute arbitrary code or an application crash via a crafted PDF document.\n\n * [CVE-2009-3604](<https://security-tracker.debian.org/tracker/CVE-2009-3604>)\n\nNULL pointer dereference or heap-based buffer overflow in Splash::drawImage which might allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document.\n\n * [CVE-2009-3606](<https://security-tracker.debian.org/tracker/CVE-2009-3606>)\n\nInteger overflow in the PSOutputDev::doImageL1Sep which might allow remote attackers to execute arbitrary code via a crafted PDF document.\n\n * [CVE-2009-3608](<https://security-tracker.debian.org/tracker/CVE-2009-3608>)\n\nInteger overflow in the ObjectStream::ObjectStream which might allow remote attackers to execute arbitrary code via a crafted PDF document.\n\n * [CVE-2009-3609](<https://security-tracker.debian.org/tracker/CVE-2009-3609>)\n\nInteger overflow in the ImageStream::ImageStream which might allow remote attackers to cause a denial of service via a crafted PDF document.\n\nFor the stable distribution (lenny), this problem has been fixed in version 3.02-1.4+lenny2.\n\nFor the testing distribution (squeeze), this problem will be fixed soon.\n\nFor the unstable distribution (sid), this problem has been fixed in version 3.02-2.", "published": "2010-04-05T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://www.debian.org/security/dsa-2028", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-1188", "CVE-2009-3606", "CVE-2009-3604", "CVE-2009-3609"], "lastseen": "2016-09-02T18:36:53"}], "gentoo": [{"id": "GLSA-201310-03", "type": "gentoo", "title": "Poppler: Multiple vulnerabilities", "description": "### Background\n\nPoppler is a cross-platform PDF rendering library originally based on Xpdf. \n\n### Description\n\nMultiple vulnerabilities have been discovered in Poppler. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could entice a user to open a specially crafted PDF file, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Poppler users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-text/poppler-0.22.2-r1\"", "published": "2013-10-06T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://security.gentoo.org/glsa/201310-03", "cvelist": ["CVE-2009-3608", "CVE-2009-3603", "CVE-2009-1181", "CVE-2009-3607", "CVE-2009-1188", "CVE-2012-2142", "CVE-2009-1180", "CVE-2009-0195", "CVE-2010-4653", "CVE-2013-1788", "CVE-2009-3606", "CVE-2009-0799", "CVE-2009-1182", "CVE-2013-1790", "CVE-2009-0165", "CVE-2009-3604", "CVE-2009-3605", "CVE-2009-0166", "CVE-2013-1789", "CVE-2009-3609", "CVE-2009-3938", "CVE-2009-0147", "CVE-2009-1187", "CVE-2009-1183", "CVE-2010-3704", "CVE-2010-4654", "CVE-2009-0800", "CVE-2009-0146", "CVE-2010-3702", "CVE-2010-3703", "CVE-2009-1179"], "lastseen": "2016-09-06T19:46:29"}]}}