Adobe Reader Multiple Vulnerabilities - Aug07 (Mac OS X)
2014-04-16T00:00:00
ID OPENVAS:1361412562310804265 Type openvas Reporter Copyright (C) 2014 Greenbone Networks GmbH Modified 2020-04-20T00:00:00
Description
This host is installed with Adobe Reader and is prone to multiple
vulnerabilities.
###############################################################################
# OpenVAS Vulnerability Test
#
# Adobe Reader Multiple Vulnerabilities - Aug07 (Mac OS X)
#
# Authors:
# Shakeel <bshakeel@secpod.com>
#
# Copyright:
# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
CPE = "cpe:/a:adobe:acrobat_reader";
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.804265");
script_version("2020-04-20T13:31:49+0000");
script_cve_id("CVE-2007-0103");
script_bugtraq_id(21910);
script_tag(name:"cvss_base", value:"6.8");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_tag(name:"last_modification", value:"2020-04-20 13:31:49 +0000 (Mon, 20 Apr 2020)");
script_tag(name:"creation_date", value:"2014-04-16 12:59:20 +0530 (Wed, 16 Apr 2014)");
script_name("Adobe Reader Multiple Vulnerabilities - Aug07 (Mac OS X)");
script_tag(name:"summary", value:"This host is installed with Adobe Reader and is prone to multiple
vulnerabilities.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");
script_tag(name:"insight", value:"Flaw exist due to unspecified error within Adobe PDF specification.");
script_tag(name:"impact", value:"Successful exploitation will allow attacker to conduct denial of service,
memory corruption and execution of arbitrary code.");
script_tag(name:"affected", value:"Adobe Reader before version 8.0 on Mac OS X.");
script_tag(name:"solution", value:"Upgrade to Adobe Reader 8.0 or later.");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
script_xref(name:"URL", value:"http://xforce.iss.net/xforce/xfdb/31364");
script_xref(name:"URL", value:"http://projects.info-pull.com/moab/MOAB-06-01-2007.html");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
script_family("General");
script_dependencies("secpod_adobe_prdts_detect_macosx.nasl");
script_mandatory_keys("Adobe/Reader/MacOSX/Version");
script_xref(name:"URL", value:"http://get.adobe.com/reader");
exit(0);
}
include("host_details.inc");
include("version_func.inc");
if(!readerVer = get_app_version(cpe:CPE)){
exit(0);
}
if(readerVer)
{
if(version_is_less(version:readerVer, test_version:"8.0"))
{
report = report_fixed_ver(installed_version:readerVer, fixed_version:"8.0");
security_message(port:0, data:report);
exit(0);
}
}
{"id": "OPENVAS:1361412562310804265", "type": "openvas", "bulletinFamily": "scanner", "title": "Adobe Reader Multiple Vulnerabilities - Aug07 (Mac OS X)", "description": "This host is installed with Adobe Reader and is prone to multiple\nvulnerabilities.", "published": "2014-04-16T00:00:00", "modified": "2020-04-20T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310804265", "reporter": "Copyright (C) 2014 Greenbone Networks GmbH", "references": ["http://xforce.iss.net/xforce/xfdb/31364", "http://projects.info-pull.com/moab/MOAB-06-01-2007.html", "http://get.adobe.com/reader"], "cvelist": ["CVE-2007-0103"], "lastseen": "2020-04-22T17:02:54", "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2007-0103"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310804264", "OPENVAS:1361412562310804266"]}, {"type": "exploitdb", "idList": ["EDB-ID:29399"]}, {"type": "osvdb", "idList": ["OSVDB:32870", "OSVDB:32871"]}, {"type": "nessus", "idList": ["MANDRAKE_MDKSA-2007-024.NASL", "UBUNTU_USN-410-1.NASL", "MANDRAKE_MDKSA-2007-022.NASL", "MANDRAKE_MDKSA-2007-018.NASL", "MANDRAKE_MDKSA-2007-020.NASL"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:7067"]}], "modified": "2020-04-22T17:02:54", "rev": 2}, "score": {"value": 8.0, "vector": "NONE", "modified": "2020-04-22T17:02:54", "rev": 2}, "vulnersScore": 8.0}, "pluginID": "1361412562310804265", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Adobe Reader Multiple Vulnerabilities - Aug07 (Mac OS X)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:acrobat_reader\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.804265\");\n script_version(\"2020-04-20T13:31:49+0000\");\n script_cve_id(\"CVE-2007-0103\");\n script_bugtraq_id(21910);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-04-20 13:31:49 +0000 (Mon, 20 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2014-04-16 12:59:20 +0530 (Wed, 16 Apr 2014)\");\n script_name(\"Adobe Reader Multiple Vulnerabilities - Aug07 (Mac OS X)\");\n\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Reader and is prone to multiple\nvulnerabilities.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Flaw exist due to unspecified error within Adobe PDF specification.\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attacker to conduct denial of service,\nmemory corruption and execution of arbitrary code.\");\n script_tag(name:\"affected\", value:\"Adobe Reader before version 8.0 on Mac OS X.\");\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Reader 8.0 or later.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://xforce.iss.net/xforce/xfdb/31364\");\n script_xref(name:\"URL\", value:\"http://projects.info-pull.com/moab/MOAB-06-01-2007.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_adobe_prdts_detect_macosx.nasl\");\n script_mandatory_keys(\"Adobe/Reader/MacOSX/Version\");\n script_xref(name:\"URL\", value:\"http://get.adobe.com/reader\");\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!readerVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(readerVer)\n{\n if(version_is_less(version:readerVer, test_version:\"8.0\"))\n {\n report = report_fixed_ver(installed_version:readerVer, fixed_version:\"8.0\");\n security_message(port:0, data:report);\n exit(0);\n }\n}\n", "naslFamily": "General"}
{"cve": [{"lastseen": "2020-12-09T19:26:03", "description": "The Adobe PDF specification 1.3, as implemented by Adobe Acrobat before 8.0.0, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node.", "edition": 5, "cvss3": {}, "published": "2007-01-09T00:28:00", "title": "CVE-2007-0103", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-0103"], "modified": "2017-07-29T01:29:00", "cpe": ["cpe:/a:adobe:acrobat_reader:7.0.8"], "id": "CVE-2007-0103", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-0103", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:adobe:acrobat_reader:7.0.8:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2020-04-22T17:03:34", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-0103"], "description": "This host is installed with Adobe Reader and is prone to multiple\nvulnerabilities.", "modified": "2020-04-20T00:00:00", "published": "2014-04-16T00:00:00", "id": "OPENVAS:1361412562310804264", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310804264", "type": "openvas", "title": "Adobe Reader Multiple Vulnerabilities - Aug07 (Windows)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Adobe Reader Multiple Vulnerabilities - Aug07 (Windows)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:acrobat_reader\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.804264\");\n script_version(\"2020-04-20T13:31:49+0000\");\n script_cve_id(\"CVE-2007-0103\");\n script_bugtraq_id(21910);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-04-20 13:31:49 +0000 (Mon, 20 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2014-04-16 12:27:12 +0530 (Wed, 16 Apr 2014)\");\n script_name(\"Adobe Reader Multiple Vulnerabilities - Aug07 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Reader and is prone to multiple\nvulnerabilities.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Flaw exist due to unspecified error within Adobe PDF specification.\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attacker to conduct denial of service,\nmemory corruption and execution of arbitrary code.\");\n script_tag(name:\"affected\", value:\"Adobe Reader before version 8.0 on Windows.\");\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Reader 8.0 or later.\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://xforce.iss.net/xforce/xfdb/31364\");\n script_xref(name:\"URL\", value:\"http://projects.info-pull.com/moab/MOAB-06-01-2007.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_adobe_prdts_detect_win.nasl\");\n script_mandatory_keys(\"Adobe/Reader/Win/Installed\");\n script_xref(name:\"URL\", value:\"http://get.adobe.com/reader\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!readerVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(readerVer)\n{\n if(version_is_less(version:readerVer, test_version:\"8.0\"))\n {\n report = report_fixed_ver(installed_version:readerVer, fixed_version:\"8.0\");\n security_message(port:0, data:report);\n exit(0);\n }\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-04-22T17:03:24", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-0103"], "description": "This host is installed with Adobe Reader and is prone to multiple\nvulnerabilities.", "modified": "2020-04-20T00:00:00", "published": "2014-04-16T00:00:00", "id": "OPENVAS:1361412562310804266", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310804266", "type": "openvas", "title": "Adobe Reader Multiple Vulnerabilities - Aug07 (Linux)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Adobe Reader Multiple Vulnerabilities - Aug07 (Linux)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:adobe:acrobat_reader\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.804266\");\n script_version(\"2020-04-20T13:31:49+0000\");\n script_cve_id(\"CVE-2007-0103\");\n script_bugtraq_id(21910);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-04-20 13:31:49 +0000 (Mon, 20 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2014-04-16 12:59:20 +0530 (Wed, 16 Apr 2014)\");\n script_name(\"Adobe Reader Multiple Vulnerabilities - Aug07 (Linux)\");\n\n\n script_tag(name:\"summary\", value:\"This host is installed with Adobe Reader and is prone to multiple\nvulnerabilities.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Flaw exist due to unspecified error within Adobe PDF specification.\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attacker to conduct denial of service,\nmemory corruption and execution of arbitrary code.\");\n script_tag(name:\"affected\", value:\"Adobe Reader before version 8.0 on Linux.\");\n script_tag(name:\"solution\", value:\"Upgrade to Adobe Reader 8.0 or later.\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://xforce.iss.net/xforce/xfdb/31364\");\n script_xref(name:\"URL\", value:\"http://projects.info-pull.com/moab/MOAB-06-01-2007.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_adobe_prdts_detect_lin.nasl\");\n script_mandatory_keys(\"Adobe/Reader/Linux/Version\");\n script_xref(name:\"URL\", value:\"http://get.adobe.com/reader\");\n exit(0);\n}\n\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!readerVer = get_app_version(cpe:CPE)){\n exit(0);\n}\n\nif(readerVer)\n{\n if(version_is_less(version:readerVer, test_version:\"8.0\"))\n {\n report = report_fixed_ver(installed_version:readerVer, fixed_version:\"8.0\");\n security_message(port:0, data:report);\n exit(0);\n }\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "exploitdb": [{"lastseen": "2016-02-03T10:12:57", "description": "Multiple PDF Readers Multiple Remote Buffer Overflow Vulnerability. CVE-2007-0103. Dos exploit for linux platform", "published": "2007-01-06T00:00:00", "type": "exploitdb", "title": "Multiple PDF Readers - Multiple Remote Buffer Overflow Vulnerability", "bulletinFamily": "exploit", "cvelist": ["CVE-2007-0103"], "modified": "2007-01-06T00:00:00", "id": "EDB-ID:29399", "href": "https://www.exploit-db.com/exploits/29399/", "sourceData": "source: http://www.securityfocus.com/bid/21910/info\r\n\r\nMultiple PDF readers are prone to multiple remote buffer-overflow vulnerabilities because the applications fail to bounds-check user-supplied data before copying it into an insufficiently sized buffer. \r\n\r\nAn attacker may be able exploit this issue to execute arbitrary code within the context of the affected application. In some circumstances, the vulnerability can be exploited only to cause a denial of service.\r\n\r\nhttps://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/29399.pdf", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/29399/"}], "osvdb": [{"lastseen": "2017-04-28T13:20:29", "bulletinFamily": "software", "cvelist": ["CVE-2007-0103", "CVE-2007-0104"], "description": "# No description provided by the source\n\n## References:\n[Secunia Advisory ID:23799](https://secuniaresearch.flexerasoftware.com/advisories/23799/)\n[Secunia Advisory ID:23876](https://secuniaresearch.flexerasoftware.com/advisories/23876/)\n[Secunia Advisory ID:23791](https://secuniaresearch.flexerasoftware.com/advisories/23791/)\n[Secunia Advisory ID:23815](https://secuniaresearch.flexerasoftware.com/advisories/23815/)\n[Secunia Advisory ID:23839](https://secuniaresearch.flexerasoftware.com/advisories/23839/)\n[Secunia Advisory ID:24148](https://secuniaresearch.flexerasoftware.com/advisories/24148/)\n[Secunia Advisory ID:23808](https://secuniaresearch.flexerasoftware.com/advisories/23808/)\n[Secunia Advisory ID:23813](https://secuniaresearch.flexerasoftware.com/advisories/23813/)\n[Secunia Advisory ID:23844](https://secuniaresearch.flexerasoftware.com/advisories/23844/)\n[Secunia Advisory ID:24204](https://secuniaresearch.flexerasoftware.com/advisories/24204/)\n[Related OSVDB ID: 32870](https://vulners.com/osvdb/OSVDB:32870)\nOther Advisory URL: http://projects.info-pull.com/moab/MOAB-06-01-2007.html\nOther Advisory URL: https://issues.rpath.com/browse/RPL-964\nOther Advisory URL: http://www.kde.org/info/security/advisory-20070115-1.txt\nOther Advisory URL: http://www.ubuntu.com/usn/usn-410-1\nOther Advisory URL: http://support.novell.com/techcenter/psdb/44d7cb9b669d58e0ce5aa5d7ab2c7c53.html\nOther Advisory URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:024\nOther Advisory URL: http://lists.suse.com/archive/suse-security-announce/2007-Feb/0003.html\nOther Advisory URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:018\nOther Advisory URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:020\nOther Advisory URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:022\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-01/0389.html\nISS X-Force ID: 31364\nFrSIRT Advisory: ADV-2007-0203\nFrSIRT Advisory: ADV-2007-0212\nFrSIRT Advisory: ADV-2007-0244\nFrSIRT Advisory: ADV-2007-0930\n[CVE-2007-0104](https://vulners.com/cve/CVE-2007-0104)\n[CVE-2007-0103](https://vulners.com/cve/CVE-2007-0103)\nBugtraq ID: 21910\n", "edition": 1, "modified": "2007-01-17T09:18:43", "published": "2007-01-17T09:18:43", "href": "https://vulners.com/osvdb/OSVDB:32871", "id": "OSVDB:32871", "title": "Multiple Product Adobe PDF Specification Invalid Tree Node DoS", "type": "osvdb", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:29", "bulletinFamily": "software", "cvelist": ["CVE-2007-0103", "CVE-2007-0104"], "description": "# No description provided by the source\n\n## References:\n[Secunia Advisory ID:23799](https://secuniaresearch.flexerasoftware.com/advisories/23799/)\n[Secunia Advisory ID:23876](https://secuniaresearch.flexerasoftware.com/advisories/23876/)\n[Secunia Advisory ID:23815](https://secuniaresearch.flexerasoftware.com/advisories/23815/)\n[Secunia Advisory ID:23791](https://secuniaresearch.flexerasoftware.com/advisories/23791/)\n[Secunia Advisory ID:23839](https://secuniaresearch.flexerasoftware.com/advisories/23839/)\n[Secunia Advisory ID:24148](https://secuniaresearch.flexerasoftware.com/advisories/24148/)\n[Secunia Advisory ID:23808](https://secuniaresearch.flexerasoftware.com/advisories/23808/)\n[Secunia Advisory ID:23813](https://secuniaresearch.flexerasoftware.com/advisories/23813/)\n[Secunia Advisory ID:23844](https://secuniaresearch.flexerasoftware.com/advisories/23844/)\n[Secunia Advisory ID:24204](https://secuniaresearch.flexerasoftware.com/advisories/24204/)\n[Related OSVDB ID: 32871](https://vulners.com/osvdb/OSVDB:32871)\nOther Advisory URL: https://issues.rpath.com/browse/RPL-964\nOther Advisory URL: http://projects.info-pull.com/moab/MOAB-06-01-2007.html\nOther Advisory URL: http://www.kde.org/info/security/advisory-20070115-1.txt\nOther Advisory URL: http://www.ubuntu.com/usn/usn-410-1\nOther Advisory URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:024\nOther Advisory URL: http://support.novell.com/techcenter/psdb/44d7cb9b669d58e0ce5aa5d7ab2c7c53.html\nOther Advisory URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:018\nOther Advisory URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:022\nOther Advisory URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:020\nOther Advisory URL: http://lists.suse.com/archive/suse-security-announce/2007-Feb/0003.html\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-01/0389.html\nISS X-Force ID: 31364\nFrSIRT Advisory: ADV-2007-0203\nFrSIRT Advisory: ADV-2007-0212\nFrSIRT Advisory: ADV-2007-0244\nFrSIRT Advisory: ADV-2007-0930\n[CVE-2007-0104](https://vulners.com/cve/CVE-2007-0104)\n[CVE-2007-0103](https://vulners.com/cve/CVE-2007-0103)\nBugtraq ID: 21910\n", "edition": 1, "modified": "2007-01-17T09:18:43", "published": "2007-01-17T09:18:43", "href": "https://vulners.com/osvdb/OSVDB:32870", "id": "OSVDB:32870", "title": "Multiple Product Adobe PDF Specification Malformed Catalog Dictionary DoS", "type": "osvdb", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2021-01-07T11:51:40", "description": "The Adobe PDF specification 1.3, as implemented by xpdf 3.0.1 patch 2,\nkpdf in KDE before 3.5.5, and other products, allows remote attackers\nto have an unknown impact, possibly including denial of service\n(infinite loop), arbitrary code execution, or memory corruption, via a\nPDF file with a (1) crafted catalog dictionary or (2) a crafted Pages\nattribute that references an invalid page tree node.\n\nThe updated packages have been patched to correct this problem.", "edition": 24, "published": "2007-02-18T00:00:00", "title": "Mandrake Linux Security Advisory : kdegraphics (MDKSA-2007:024)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-0103", "CVE-2007-0104"], "modified": "2007-02-18T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:lib64kdegraphics0-common", "p-cpe:/a:mandriva:linux:libkdegraphics0-common", "p-cpe:/a:mandriva:linux:lib64kdegraphics0-common-devel", "cpe:/o:mandriva:linux:2007", "p-cpe:/a:mandriva:linux:lib64kdegraphics0-kpovmodeler", "p-cpe:/a:mandriva:linux:lib64kdegraphics0-kooka", "p-cpe:/a:mandriva:linux:kdegraphics-kuickshow", "p-cpe:/a:mandriva:linux:lib64kdegraphics0-kview-devel", "p-cpe:/a:mandriva:linux:kdegraphics-kpdf", "p-cpe:/a:mandriva:linux:libkdegraphics0-kview-devel", "p-cpe:/a:mandriva:linux:libkdegraphics0-kghostview-devel", "p-cpe:/a:mandriva:linux:lib64kdegraphics0-kooka-devel", "p-cpe:/a:mandriva:linux:lib64kdegraphics0-kview", "p-cpe:/a:mandriva:linux:kdegraphics-kcoloredit", "p-cpe:/a:mandriva:linux:kdegraphics-mrmlsearch", "p-cpe:/a:mandriva:linux:libkdegraphics0-kview", "p-cpe:/a:mandriva:linux:libkdegraphics0-ksvg", "p-cpe:/a:mandriva:linux:lib64kdegraphics0-kpovmodeler-devel", "p-cpe:/a:mandriva:linux:kdegraphics-kiconedit", "p-cpe:/a:mandriva:linux:kdegraphics-kcolorchooser", "p-cpe:/a:mandriva:linux:kdegraphics-kghostview", "p-cpe:/a:mandriva:linux:kdegraphics-common", "p-cpe:/a:mandriva:linux:libkdegraphics0-kpovmodeler", "p-cpe:/a:mandriva:linux:kdegraphics-kooka", "p-cpe:/a:mandriva:linux:kdegraphics", "p-cpe:/a:mandriva:linux:kdegraphics-ksvg", "p-cpe:/a:mandriva:linux:kdegraphics-kolourpaint", "p-cpe:/a:mandriva:linux:libkdegraphics0-ksvg-devel", "p-cpe:/a:mandriva:linux:libkdegraphics0-common-devel", "p-cpe:/a:mandriva:linux:kdegraphics-kpovmodeler", "p-cpe:/a:mandriva:linux:lib64kdegraphics0-kghostview", "p-cpe:/a:mandriva:linux:kdegraphics-kruler", "p-cpe:/a:mandriva:linux:libkdegraphics0-kooka-devel", "p-cpe:/a:mandriva:linux:lib64kdegraphics0-ksvg", "p-cpe:/a:mandriva:linux:libkdegraphics0-kghostview", "p-cpe:/a:mandriva:linux:libkdegraphics0-kooka", "p-cpe:/a:mandriva:linux:lib64kdegraphics0-kghostview-devel", "p-cpe:/a:mandriva:linux:libkdegraphics0-kpovmodeler-devel", "p-cpe:/a:mandriva:linux:kdegraphics-ksnapshot", "p-cpe:/a:mandriva:linux:kdegraphics-kfax", "p-cpe:/a:mandriva:linux:lib64kdegraphics0-ksvg-devel", "p-cpe:/a:mandriva:linux:kdegraphics-kdvi", "p-cpe:/a:mandriva:linux:kdegraphics-kview"], "id": "MANDRAKE_MDKSA-2007-024.NASL", "href": "https://www.tenable.com/plugins/nessus/24639", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2007:024. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(24639);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2007-0103\", \"CVE-2007-0104\");\n script_xref(name:\"MDKSA\", value:\"2007:024\");\n\n script_name(english:\"Mandrake Linux Security Advisory : kdegraphics (MDKSA-2007:024)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandrake Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Adobe PDF specification 1.3, as implemented by xpdf 3.0.1 patch 2,\nkpdf in KDE before 3.5.5, and other products, allows remote attackers\nto have an unknown impact, possibly including denial of service\n(infinite loop), arbitrary code execution, or memory corruption, via a\nPDF file with a (1) crafted catalog dictionary or (2) a crafted Pages\nattribute that references an invalid page tree node.\n\nThe updated packages have been patched to correct this problem.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-kcolorchooser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-kcoloredit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-kdvi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-kfax\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-kghostview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-kiconedit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-kolourpaint\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-kooka\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-kpdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-kpovmodeler\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-kruler\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-ksnapshot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-ksvg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-kuickshow\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-kview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdegraphics-mrmlsearch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdegraphics0-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdegraphics0-common-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdegraphics0-kghostview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdegraphics0-kghostview-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdegraphics0-kooka\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdegraphics0-kooka-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdegraphics0-kpovmodeler\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdegraphics0-kpovmodeler-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdegraphics0-ksvg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdegraphics0-ksvg-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdegraphics0-kview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdegraphics0-kview-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdegraphics0-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdegraphics0-common-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdegraphics0-kghostview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdegraphics0-kghostview-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdegraphics0-kooka\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdegraphics0-kooka-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdegraphics0-kpovmodeler\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdegraphics0-kpovmodeler-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdegraphics0-ksvg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdegraphics0-ksvg-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdegraphics0-kview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdegraphics0-kview-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2007\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/01/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/02/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2007.0\", reference:\"kdegraphics-3.5.4-7.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"kdegraphics-common-3.5.4-7.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"kdegraphics-kcolorchooser-3.5.4-7.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"kdegraphics-kcoloredit-3.5.4-7.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"kdegraphics-kdvi-3.5.4-7.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"kdegraphics-kfax-3.5.4-7.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"kdegraphics-kghostview-3.5.4-7.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"kdegraphics-kiconedit-3.5.4-7.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"kdegraphics-kolourpaint-3.5.4-7.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"kdegraphics-kooka-3.5.4-7.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"kdegraphics-kpdf-3.5.4-7.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"kdegraphics-kpovmodeler-3.5.4-7.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"kdegraphics-kruler-3.5.4-7.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"kdegraphics-ksnapshot-3.5.4-7.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"kdegraphics-ksvg-3.5.4-7.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"kdegraphics-kuickshow-3.5.4-7.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"kdegraphics-kview-3.5.4-7.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"kdegraphics-mrmlsearch-3.5.4-7.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64kdegraphics0-common-3.5.4-7.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64kdegraphics0-common-devel-3.5.4-7.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64kdegraphics0-kghostview-3.5.4-7.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64kdegraphics0-kghostview-devel-3.5.4-7.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64kdegraphics0-kooka-3.5.4-7.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64kdegraphics0-kooka-devel-3.5.4-7.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64kdegraphics0-kpovmodeler-3.5.4-7.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64kdegraphics0-kpovmodeler-devel-3.5.4-7.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64kdegraphics0-ksvg-3.5.4-7.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64kdegraphics0-ksvg-devel-3.5.4-7.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64kdegraphics0-kview-3.5.4-7.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64kdegraphics0-kview-devel-3.5.4-7.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libkdegraphics0-common-3.5.4-7.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libkdegraphics0-common-devel-3.5.4-7.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libkdegraphics0-kghostview-3.5.4-7.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libkdegraphics0-kghostview-devel-3.5.4-7.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libkdegraphics0-kooka-3.5.4-7.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libkdegraphics0-kooka-devel-3.5.4-7.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libkdegraphics0-kpovmodeler-3.5.4-7.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libkdegraphics0-kpovmodeler-devel-3.5.4-7.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libkdegraphics0-ksvg-3.5.4-7.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libkdegraphics0-ksvg-devel-3.5.4-7.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libkdegraphics0-kview-3.5.4-7.2mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libkdegraphics0-kview-devel-3.5.4-7.2mdv2007.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T11:51:40", "description": "The Adobe PDF specification 1.3, as implemented by xpdf 3.0.1 patch 2,\nkpdf in KDE before 3.5.5, and other products, allows remote attackers\nto have an unknown impact, possibly including denial of service\n(infinite loop), arbitrary code execution, or memory corruption, via a\nPDF file with a (1) crafted catalog dictionary or (2) a crafted Pages\nattribute that references an invalid page tree node.\n\nThe updated packages have been patched to correct this problem.", "edition": 24, "published": "2007-02-18T00:00:00", "title": "Mandrake Linux Security Advisory : koffice (MDKSA-2007:018)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-0103", "CVE-2007-0104"], "modified": "2007-02-18T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:koffice-kformula", "p-cpe:/a:mandriva:linux:lib64koffice2-kformula", "p-cpe:/a:mandriva:linux:koffice-kexi", "p-cpe:/a:mandriva:linux:libkoffice2-progs", "p-cpe:/a:mandriva:linux:libkoffice2-kspread-devel", "p-cpe:/a:mandriva:linux:koffice", "p-cpe:/a:mandriva:linux:koffice-progs", "p-cpe:/a:mandriva:linux:lib64koffice2-kexi-devel", "cpe:/o:mandriva:linux:2007", "p-cpe:/a:mandriva:linux:libkoffice2-kword-devel", "p-cpe:/a:mandriva:linux:lib64koffice2-krita", "p-cpe:/a:mandriva:linux:libkoffice2-kivio-devel", "p-cpe:/a:mandriva:linux:lib64koffice2-progs", "p-cpe:/a:mandriva:linux:libkoffice2-kplato", "p-cpe:/a:mandriva:linux:koffice-kivio", "p-cpe:/a:mandriva:linux:lib64koffice2-kpresenter-devel", "p-cpe:/a:mandriva:linux:koffice-kugar", "p-cpe:/a:mandriva:linux:lib64koffice2-kword", "p-cpe:/a:mandriva:linux:lib64koffice2-kivio-devel", "p-cpe:/a:mandriva:linux:libkoffice2-koshell", "p-cpe:/a:mandriva:linux:koffice-karbon", "p-cpe:/a:mandriva:linux:lib64koffice2-kword-devel", "p-cpe:/a:mandriva:linux:libkoffice2-krita-devel", "p-cpe:/a:mandriva:linux:libkoffice2-kugar", "p-cpe:/a:mandriva:linux:koffice-kword", "p-cpe:/a:mandriva:linux:koffice-koshell", "p-cpe:/a:mandriva:linux:libkoffice2-kpresenter-devel", "p-cpe:/a:mandriva:linux:libkoffice2-kformula-devel", "p-cpe:/a:mandriva:linux:lib64koffice2-kplato", "p-cpe:/a:mandriva:linux:lib64koffice2-karbon", "p-cpe:/a:mandriva:linux:libkoffice2-progs-devel", "p-cpe:/a:mandriva:linux:lib64koffice2-progs-devel", "p-cpe:/a:mandriva:linux:libkoffice2-kexi-devel", "p-cpe:/a:mandriva:linux:lib64koffice2-kugar-devel", "p-cpe:/a:mandriva:linux:libkoffice2-kspread", "p-cpe:/a:mandriva:linux:lib64koffice2-kspread-devel", "p-cpe:/a:mandriva:linux:lib64koffice2-krita-devel", "p-cpe:/a:mandriva:linux:lib64koffice2-kspread", "p-cpe:/a:mandriva:linux:libkoffice2-kword", "p-cpe:/a:mandriva:linux:libkoffice2-kexi", "p-cpe:/a:mandriva:linux:lib64koffice2-kexi", "p-cpe:/a:mandriva:linux:libkoffice2-krita", "p-cpe:/a:mandriva:linux:lib64koffice2-koshell", "p-cpe:/a:mandriva:linux:lib64koffice2-kugar", "p-cpe:/a:mandriva:linux:libkoffice2-kivio", "p-cpe:/a:mandriva:linux:libkoffice2-karbon", "p-cpe:/a:mandriva:linux:lib64koffice2-kivio", "p-cpe:/a:mandriva:linux:koffice-kspread", "p-cpe:/a:mandriva:linux:libkoffice2-kpresenter", "p-cpe:/a:mandriva:linux:libkoffice2-kformula", "p-cpe:/a:mandriva:linux:koffice-krita", "p-cpe:/a:mandriva:linux:koffice-kplato", "p-cpe:/a:mandriva:linux:lib64koffice2-kpresenter", "p-cpe:/a:mandriva:linux:libkoffice2-karbon-devel", "p-cpe:/a:mandriva:linux:lib64koffice2-kformula-devel", "p-cpe:/a:mandriva:linux:libkoffice2-kugar-devel", "p-cpe:/a:mandriva:linux:lib64koffice2-karbon-devel", "p-cpe:/a:mandriva:linux:koffice-kpresenter"], "id": "MANDRAKE_MDKSA-2007-018.NASL", "href": "https://www.tenable.com/plugins/nessus/24633", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2007:018. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(24633);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2007-0103\", \"CVE-2007-0104\");\n script_xref(name:\"MDKSA\", value:\"2007:018\");\n\n script_name(english:\"Mandrake Linux Security Advisory : koffice (MDKSA-2007:018)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandrake Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Adobe PDF specification 1.3, as implemented by xpdf 3.0.1 patch 2,\nkpdf in KDE before 3.5.5, and other products, allows remote attackers\nto have an unknown impact, possibly including denial of service\n(infinite loop), arbitrary code execution, or memory corruption, via a\nPDF file with a (1) crafted catalog dictionary or (2) a crafted Pages\nattribute that references an invalid page tree node.\n\nThe updated packages have been patched to correct this problem.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:koffice\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:koffice-karbon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:koffice-kexi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:koffice-kformula\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:koffice-kivio\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:koffice-koshell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:koffice-kplato\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:koffice-kpresenter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:koffice-krita\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:koffice-kspread\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:koffice-kugar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:koffice-kword\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:koffice-progs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64koffice2-karbon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64koffice2-karbon-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64koffice2-kexi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64koffice2-kexi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64koffice2-kformula\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64koffice2-kformula-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64koffice2-kivio\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64koffice2-kivio-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64koffice2-koshell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64koffice2-kplato\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64koffice2-kpresenter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64koffice2-kpresenter-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64koffice2-krita\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64koffice2-krita-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64koffice2-kspread\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64koffice2-kspread-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64koffice2-kugar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64koffice2-kugar-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64koffice2-kword\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64koffice2-kword-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64koffice2-progs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64koffice2-progs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkoffice2-karbon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkoffice2-karbon-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkoffice2-kexi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkoffice2-kexi-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkoffice2-kformula\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkoffice2-kformula-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkoffice2-kivio\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkoffice2-kivio-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkoffice2-koshell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkoffice2-kplato\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkoffice2-kpresenter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkoffice2-kpresenter-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkoffice2-krita\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkoffice2-krita-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkoffice2-kspread\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkoffice2-kspread-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkoffice2-kugar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkoffice2-kugar-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkoffice2-kword\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkoffice2-kword-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkoffice2-progs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkoffice2-progs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2007\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/01/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/02/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2007.0\", reference:\"koffice-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"koffice-karbon-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"koffice-kexi-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"koffice-kformula-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"koffice-kivio-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"koffice-koshell-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"koffice-kplato-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"koffice-kpresenter-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"koffice-krita-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"koffice-kspread-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"koffice-kugar-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"koffice-kword-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"koffice-progs-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64koffice2-karbon-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64koffice2-karbon-devel-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64koffice2-kexi-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64koffice2-kexi-devel-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64koffice2-kformula-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64koffice2-kformula-devel-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64koffice2-kivio-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64koffice2-kivio-devel-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64koffice2-koshell-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64koffice2-kplato-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64koffice2-kpresenter-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64koffice2-kpresenter-devel-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64koffice2-krita-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64koffice2-krita-devel-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64koffice2-kspread-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64koffice2-kspread-devel-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64koffice2-kugar-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64koffice2-kugar-devel-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64koffice2-kword-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64koffice2-kword-devel-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64koffice2-progs-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64koffice2-progs-devel-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libkoffice2-karbon-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libkoffice2-karbon-devel-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libkoffice2-kexi-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libkoffice2-kexi-devel-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libkoffice2-kformula-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libkoffice2-kformula-devel-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libkoffice2-kivio-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libkoffice2-kivio-devel-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libkoffice2-koshell-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libkoffice2-kplato-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libkoffice2-kpresenter-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libkoffice2-kpresenter-devel-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libkoffice2-krita-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libkoffice2-krita-devel-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libkoffice2-kspread-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libkoffice2-kspread-devel-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libkoffice2-kugar-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libkoffice2-kugar-devel-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libkoffice2-kword-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libkoffice2-kword-devel-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libkoffice2-progs-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libkoffice2-progs-devel-1.5.91-3.3mdv2007.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T11:51:40", "description": "The Adobe PDF specification 1.3, as implemented by xpdf 3.0.1 patch 2,\nkpdf in KDE before 3.5.5, and other products, allows remote attackers\nto have an unknown impact, possibly including denial of service\n(infinite loop), arbitrary code execution, or memory corruption, via a\nPDF file with a (1) crafted catalog dictionary or (2) a crafted Pages\nattribute that references an invalid page tree node.\n\nThe updated packages have been patched to correct this problem.", "edition": 24, "published": "2007-02-18T00:00:00", "title": "Mandrake Linux Security Advisory : tetex (MDKSA-2007:022)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-0103", "CVE-2007-0104"], "modified": "2007-02-18T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:tetex-dvips", "p-cpe:/a:mandriva:linux:jadetex", "p-cpe:/a:mandriva:linux:tetex-afm", "p-cpe:/a:mandriva:linux:xmltex", "cpe:/o:mandriva:linux:2007", "p-cpe:/a:mandriva:linux:tetex", "p-cpe:/a:mandriva:linux:tetex-context", "p-cpe:/a:mandriva:linux:tetex-texi2html", "p-cpe:/a:mandriva:linux:tetex-xdvi", "p-cpe:/a:mandriva:linux:tetex-mfwin", "p-cpe:/a:mandriva:linux:tetex-devel", "cpe:/o:mandriva:linux:2006", "p-cpe:/a:mandriva:linux:tetex-dvilj", "p-cpe:/a:mandriva:linux:tetex-dvipdfm", "p-cpe:/a:mandriva:linux:tetex-doc", "p-cpe:/a:mandriva:linux:tetex-latex"], "id": "MANDRAKE_MDKSA-2007-022.NASL", "href": "https://www.tenable.com/plugins/nessus/24637", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2007:022. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(24637);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2007-0103\", \"CVE-2007-0104\");\n script_xref(name:\"MDKSA\", value:\"2007:022\");\n\n script_name(english:\"Mandrake Linux Security Advisory : tetex (MDKSA-2007:022)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandrake Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Adobe PDF specification 1.3, as implemented by xpdf 3.0.1 patch 2,\nkpdf in KDE before 3.5.5, and other products, allows remote attackers\nto have an unknown impact, possibly including denial of service\n(infinite loop), arbitrary code execution, or memory corruption, via a\nPDF file with a (1) crafted catalog dictionary or (2) a crafted Pages\nattribute that references an invalid page tree node.\n\nThe updated packages have been patched to correct this problem.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:jadetex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tetex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tetex-afm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tetex-context\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tetex-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tetex-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tetex-dvilj\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tetex-dvipdfm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tetex-dvips\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tetex-latex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tetex-mfwin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tetex-texi2html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:tetex-xdvi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:xmltex\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2006\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2007\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/01/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/02/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2006.0\", reference:\"jadetex-3.12-110.3.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"tetex-3.0-12.3.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"tetex-afm-3.0-12.3.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"tetex-context-3.0-12.3.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"tetex-devel-3.0-12.3.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"tetex-doc-3.0-12.3.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"tetex-dvilj-3.0-12.3.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"tetex-dvipdfm-3.0-12.3.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"tetex-dvips-3.0-12.3.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"tetex-latex-3.0-12.3.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"tetex-mfwin-3.0-12.3.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"tetex-texi2html-3.0-12.3.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"tetex-xdvi-3.0-12.3.20060mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK2006.0\", reference:\"xmltex-1.9-58.3.20060mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK2007.0\", reference:\"jadetex-3.12-116.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"tetex-3.0-18.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"tetex-afm-3.0-18.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"tetex-context-3.0-18.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"tetex-devel-3.0-18.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"tetex-doc-3.0-18.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"tetex-dvilj-3.0-18.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"tetex-dvipdfm-3.0-18.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"tetex-dvips-3.0-18.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"tetex-latex-3.0-18.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"tetex-mfwin-3.0-18.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"tetex-texi2html-3.0-18.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"tetex-xdvi-3.0-18.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"xmltex-1.9-64.1mdv2007.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T11:51:40", "description": "The Adobe PDF specification 1.3, as implemented by xpdf 3.0.1 patch 2,\nkpdf in KDE before 3.5.5, and other products, allows remote attackers\nto have an unknown impact, possibly including denial of service\n(infinite loop), arbitrary code execution, or memory corruption, via a\nPDF file with a (1) crafted catalog dictionary or (2) a crafted Pages\nattribute that references an invalid page tree node.\n\nThe updated packages have been patched to correct this problem.", "edition": 24, "published": "2007-02-18T00:00:00", "title": "Mandrake Linux Security Advisory : poppler (MDKSA-2007:020)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-0103", "CVE-2007-0104"], "modified": "2007-02-18T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:lib64poppler-qt1", "cpe:/o:mandriva:linux:2007", "p-cpe:/a:mandriva:linux:libpoppler-qt4-1", "p-cpe:/a:mandriva:linux:lib64poppler-qt4-1", "p-cpe:/a:mandriva:linux:lib64poppler1-devel", "p-cpe:/a:mandriva:linux:lib64poppler-qt1-devel", "p-cpe:/a:mandriva:linux:libpoppler-qt1", "p-cpe:/a:mandriva:linux:libpoppler-qt1-devel", "p-cpe:/a:mandriva:linux:lib64poppler1", "p-cpe:/a:mandriva:linux:lib64poppler-qt4-1-devel", "p-cpe:/a:mandriva:linux:poppler", "p-cpe:/a:mandriva:linux:libpoppler1", "p-cpe:/a:mandriva:linux:libpoppler1-devel", "p-cpe:/a:mandriva:linux:libpoppler-qt4-1-devel"], "id": "MANDRAKE_MDKSA-2007-020.NASL", "href": "https://www.tenable.com/plugins/nessus/24635", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2007:020. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(24635);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2007-0103\", \"CVE-2007-0104\");\n script_xref(name:\"MDKSA\", value:\"2007:020\");\n\n script_name(english:\"Mandrake Linux Security Advisory : poppler (MDKSA-2007:020)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandrake Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Adobe PDF specification 1.3, as implemented by xpdf 3.0.1 patch 2,\nkpdf in KDE before 3.5.5, and other products, allows remote attackers\nto have an unknown impact, possibly including denial of service\n(infinite loop), arbitrary code execution, or memory corruption, via a\nPDF file with a (1) crafted catalog dictionary or (2) a crafted Pages\nattribute that references an invalid page tree node.\n\nThe updated packages have been patched to correct this problem.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64poppler-qt1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64poppler-qt1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64poppler-qt4-1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64poppler-qt4-1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64poppler1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64poppler1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libpoppler-qt1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libpoppler-qt1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libpoppler-qt4-1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libpoppler-qt4-1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libpoppler1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libpoppler1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:poppler\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2007\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/01/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/02/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64poppler-qt1-0.5.3-5.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64poppler-qt1-devel-0.5.3-5.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64poppler-qt4-1-0.5.3-5.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64poppler-qt4-1-devel-0.5.3-5.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64poppler1-0.5.3-5.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64poppler1-devel-0.5.3-5.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libpoppler-qt1-0.5.3-5.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libpoppler-qt1-devel-0.5.3-5.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libpoppler-qt4-1-0.5.3-5.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libpoppler-qt4-1-devel-0.5.3-5.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libpoppler1-0.5.3-5.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libpoppler1-devel-0.5.3-5.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"poppler-0.5.3-5.1mdv2007.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-20T15:39:01", "description": "The poppler PDF loader library did not limit the recursion depth of\nthe page model tree. By tricking a user into opening a specially\ncrafter PDF file, this could be exploited to trigger an infinite loop\nand eventually crash an application that uses this library.\n\nkpdf in Ubuntu 5.10, and KOffice in all Ubuntu releases contains a\ncopy of this code and thus is affected as well.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 25, "published": "2007-11-10T00:00:00", "title": "Ubuntu 5.10 / 6.06 LTS / 6.10 : kdegraphics, koffice, poppler vulnerability (USN-410-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-0103", "CVE-2007-0104"], "modified": "2007-11-10T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:krita-data", "p-cpe:/a:canonical:ubuntu_linux:libpoppler1-qt", "p-cpe:/a:canonical:ubuntu_linux:kpresenter-data", "p-cpe:/a:canonical:ubuntu_linux:kgamma", "p-cpe:/a:canonical:ubuntu_linux:kformula", "p-cpe:/a:canonical:ubuntu_linux:ksnapshot", "p-cpe:/a:canonical:ubuntu_linux:libpoppler0c2", "p-cpe:/a:canonical:ubuntu_linux:libkscan-dev", "cpe:/o:canonical:ubuntu_linux:6.10", "p-cpe:/a:canonical:ubuntu_linux:libpoppler0c2-qt", "p-cpe:/a:canonical:ubuntu_linux:poppler-utils", "p-cpe:/a:canonical:ubuntu_linux:krita", "p-cpe:/a:canonical:ubuntu_linux:libpoppler0c2-glib", "p-cpe:/a:canonical:ubuntu_linux:kpresenter", "p-cpe:/a:canonical:ubuntu_linux:koffice-libs", "p-cpe:/a:canonical:ubuntu_linux:koffice", "p-cpe:/a:canonical:ubuntu_linux:libpoppler1", "p-cpe:/a:canonical:ubuntu_linux:kghostview", "p-cpe:/a:canonical:ubuntu_linux:kdvi", "p-cpe:/a:canonical:ubuntu_linux:kpovmodeler", "p-cpe:/a:canonical:ubuntu_linux:kplato", "p-cpe:/a:canonical:ubuntu_linux:kview", "p-cpe:/a:canonical:ubuntu_linux:kugar", "p-cpe:/a:canonical:ubuntu_linux:kdegraphics", "p-cpe:/a:canonical:ubuntu_linux:koffice-doc-html", "p-cpe:/a:canonical:ubuntu_linux:kamera", "p-cpe:/a:canonical:ubuntu_linux:libkscan1", "p-cpe:/a:canonical:ubuntu_linux:kcoloredit", "p-cpe:/a:canonical:ubuntu_linux:kmrml", "p-cpe:/a:canonical:ubuntu_linux:kdegraphics-kfile-plugins", "p-cpe:/a:canonical:ubuntu_linux:ksvg", "p-cpe:/a:canonical:ubuntu_linux:kruler", "p-cpe:/a:canonical:ubuntu_linux:kolourpaint", "p-cpe:/a:canonical:ubuntu_linux:kpdf", "p-cpe:/a:canonical:ubuntu_linux:kspread", "p-cpe:/a:canonical:ubuntu_linux:kivio", "p-cpe:/a:canonical:ubuntu_linux:libpoppler1-glib", "p-cpe:/a:canonical:ubuntu_linux:kdegraphics-doc-html", "p-cpe:/a:canonical:ubuntu_linux:koffice-dbg", "cpe:/o:canonical:ubuntu_linux:5.10", "p-cpe:/a:canonical:ubuntu_linux:kooka", "p-cpe:/a:canonical:ubuntu_linux:koshell", "p-cpe:/a:canonical:ubuntu_linux:kviewshell", "p-cpe:/a:canonical:ubuntu_linux:koffice-doc", "p-cpe:/a:canonical:ubuntu_linux:kthesaurus", "p-cpe:/a:canonical:ubuntu_linux:kiconedit", "p-cpe:/a:canonical:ubuntu_linux:kdegraphics-dev", "p-cpe:/a:canonical:ubuntu_linux:koffice-data", "p-cpe:/a:canonical:ubuntu_linux:kword-data", "p-cpe:/a:canonical:ubuntu_linux:kchart", "p-cpe:/a:canonical:ubuntu_linux:kfax", "p-cpe:/a:canonical:ubuntu_linux:libpoppler1-qt4", "p-cpe:/a:canonical:ubuntu_linux:libpoppler-qt4-dev", "p-cpe:/a:canonical:ubuntu_linux:koffice-dev", "p-cpe:/a:canonical:ubuntu_linux:kuickshow", "p-cpe:/a:canonical:ubuntu_linux:libpoppler-glib-dev", "p-cpe:/a:canonical:ubuntu_linux:karbon", "p-cpe:/a:canonical:ubuntu_linux:kexi", "cpe:/o:canonical:ubuntu_linux:6.06:-:lts", "p-cpe:/a:canonical:ubuntu_linux:kivio-data", "p-cpe:/a:canonical:ubuntu_linux:libpoppler-dev", "p-cpe:/a:canonical:ubuntu_linux:kword", "p-cpe:/a:canonical:ubuntu_linux:libpoppler-qt-dev"], "id": "UBUNTU_USN-410-1.NASL", "href": "https://www.tenable.com/plugins/nessus/27998", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-410-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(27998);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2007-0103\", \"CVE-2007-0104\");\n script_xref(name:\"USN\", value:\"410-1\");\n\n script_name(english:\"Ubuntu 5.10 / 6.06 LTS / 6.10 : kdegraphics, koffice, poppler vulnerability (USN-410-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The poppler PDF loader library did not limit the recursion depth of\nthe page model tree. By tricking a user into opening a specially\ncrafter PDF file, this could be exploited to trigger an infinite loop\nand eventually crash an application that uses this library.\n\nkpdf in Ubuntu 5.10, and KOffice in all Ubuntu releases contains a\ncopy of this code and thus is affected as well.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/410-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:kamera\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:karbon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:kchart\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:kcoloredit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:kdegraphics\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:kdegraphics-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:kdegraphics-doc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:kdegraphics-kfile-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:kdvi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:kexi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:kfax\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:kformula\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:kgamma\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:kghostview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:kiconedit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:kivio\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:kivio-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:kmrml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:koffice\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:koffice-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:koffice-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:koffice-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:koffice-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:koffice-doc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:koffice-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:kolourpaint\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:kooka\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:koshell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:kpdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:kplato\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:kpovmodeler\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:kpresenter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:kpresenter-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:krita\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:krita-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:kruler\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:ksnapshot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:kspread\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:ksvg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:kthesaurus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:kugar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:kuickshow\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:kview\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:kviewshell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:kword\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:kword-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libkscan-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libkscan1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libpoppler-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libpoppler-glib-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libpoppler-qt-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libpoppler-qt4-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libpoppler0c2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libpoppler0c2-glib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libpoppler0c2-qt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libpoppler1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libpoppler1-glib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libpoppler1-qt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libpoppler1-qt4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:poppler-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:5.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/01/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/11/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2007-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(5\\.10|6\\.06|6\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 5.10 / 6.06 / 6.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"5.10\", pkgname:\"kamera\", pkgver:\"3.4.3-0ubuntu2.6\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"karbon\", pkgver:\"1.4.1-0ubuntu7.5\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"kchart\", pkgver:\"1.4.1-0ubuntu7.5\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"kcoloredit\", pkgver:\"3.4.3-0ubuntu2.6\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"kdegraphics\", pkgver:\"3.4.3-0ubuntu2.6\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"kdegraphics-dev\", pkgver:\"3.4.3-0ubuntu2.6\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"kdegraphics-doc-html\", pkgver:\"3.4.3-0ubuntu2.6\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"kdegraphics-kfile-plugins\", pkgver:\"3.4.3-0ubuntu2.6\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"kdvi\", pkgver:\"3.4.3-0ubuntu2.6\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"kfax\", pkgver:\"3.4.3-0ubuntu2.6\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"kformula\", pkgver:\"1.4.1-0ubuntu7.5\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"kgamma\", pkgver:\"3.4.3-0ubuntu2.6\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"kghostview\", pkgver:\"3.4.3-0ubuntu2.6\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"kiconedit\", pkgver:\"3.4.3-0ubuntu2.6\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"kivio\", pkgver:\"1.4.1-0ubuntu7.5\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"kivio-data\", pkgver:\"1.4.1-0ubuntu7.5\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"kmrml\", pkgver:\"3.4.3-0ubuntu2.6\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"koffice\", pkgver:\"1.4.1-0ubuntu7.5\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"koffice-data\", pkgver:\"1.4.1-0ubuntu7.5\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"koffice-dev\", pkgver:\"1.4.1-0ubuntu7.5\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"koffice-doc-html\", pkgver:\"1.4.1-0ubuntu7.5\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"koffice-libs\", pkgver:\"1.4.1-0ubuntu7.5\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"kolourpaint\", pkgver:\"3.4.3-0ubuntu2.6\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"kooka\", pkgver:\"3.4.3-0ubuntu2.6\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"koshell\", pkgver:\"1.4.1-0ubuntu7.5\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"kpdf\", pkgver:\"4:3.4.3-0ubuntu2.6\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"kpovmodeler\", pkgver:\"3.4.3-0ubuntu2.6\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"kpresenter\", pkgver:\"1.4.1-0ubuntu7.5\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"krita\", pkgver:\"1.4.1-0ubuntu7.5\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"kruler\", pkgver:\"3.4.3-0ubuntu2.6\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"ksnapshot\", pkgver:\"3.4.3-0ubuntu2.6\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"kspread\", pkgver:\"1.4.1-0ubuntu7.5\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"ksvg\", pkgver:\"3.4.3-0ubuntu2.6\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"kthesaurus\", pkgver:\"1.4.1-0ubuntu7.5\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"kugar\", pkgver:\"1.4.1-0ubuntu7.5\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"kuickshow\", pkgver:\"3.4.3-0ubuntu2.6\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"kview\", pkgver:\"3.4.3-0ubuntu2.6\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"kviewshell\", pkgver:\"3.4.3-0ubuntu2.6\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"kword\", pkgver:\"1:1.4.1-0ubuntu7.5\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"libkscan-dev\", pkgver:\"3.4.3-0ubuntu2.6\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"libkscan1\", pkgver:\"3.4.3-0ubuntu2.6\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"libpoppler-dev\", pkgver:\"0.4.2-0ubuntu6.8\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"libpoppler-glib-dev\", pkgver:\"0.4.2-0ubuntu6.8\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"libpoppler-qt-dev\", pkgver:\"0.4.2-0ubuntu6.8\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"libpoppler0c2\", pkgver:\"0.4.2-0ubuntu6.8\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"libpoppler0c2-glib\", pkgver:\"0.4.2-0ubuntu6.8\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"libpoppler0c2-qt\", pkgver:\"0.4.2-0ubuntu6.8\")) flag++;\nif (ubuntu_check(osver:\"5.10\", pkgname:\"poppler-utils\", pkgver:\"0.4.2-0ubuntu6.8\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"karbon\", pkgver:\"1.5.0-0ubuntu9.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"kchart\", pkgver:\"1.5.0-0ubuntu9.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"kexi\", pkgver:\"1.5.0-0ubuntu9.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"kformula\", pkgver:\"1.5.0-0ubuntu9.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"kivio\", pkgver:\"1.5.0-0ubuntu9.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"kivio-data\", pkgver:\"1.5.0-0ubuntu9.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"koffice\", pkgver:\"1.5.0-0ubuntu9.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"koffice-data\", pkgver:\"1.5.0-0ubuntu9.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"koffice-dbg\", pkgver:\"1.5.0-0ubuntu9.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"koffice-dev\", pkgver:\"1.5.0-0ubuntu9.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"koffice-doc\", pkgver:\"1.5.0-0ubuntu9.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"koffice-doc-html\", pkgver:\"1.5.0-0ubuntu9.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"koffice-libs\", pkgver:\"1.5.0-0ubuntu9.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"koshell\", pkgver:\"1.5.0-0ubuntu9.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"kplato\", pkgver:\"1.5.0-0ubuntu9.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"kpresenter\", pkgver:\"1.5.0-0ubuntu9.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"kpresenter-data\", pkgver:\"1.5.0-0ubuntu9.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"krita\", pkgver:\"1.5.0-0ubuntu9.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"krita-data\", pkgver:\"1.5.0-0ubuntu9.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"kspread\", pkgver:\"1.5.0-0ubuntu9.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"kthesaurus\", pkgver:\"1.5.0-0ubuntu9.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"kugar\", pkgver:\"1.5.0-0ubuntu9.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"kword\", pkgver:\"1:1.5.0-0ubuntu9.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"kword-data\", pkgver:\"1.5.0-0ubuntu9.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libpoppler-dev\", pkgver:\"0.5.1-0ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libpoppler-glib-dev\", pkgver:\"0.5.1-0ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libpoppler-qt-dev\", pkgver:\"0.5.1-0ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libpoppler1\", pkgver:\"0.5.1-0ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libpoppler1-glib\", pkgver:\"0.5.1-0ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libpoppler1-qt\", pkgver:\"0.5.1-0ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"poppler-utils\", pkgver:\"0.5.1-0ubuntu7.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"karbon\", pkgver:\"1.5.2-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"kchart\", pkgver:\"1.5.2-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"kexi\", pkgver:\"1.5.2-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"kformula\", pkgver:\"1.5.2-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"kivio\", pkgver:\"1.5.2-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"kivio-data\", pkgver:\"1.5.2-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"koffice\", pkgver:\"1.5.2-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"koffice-data\", pkgver:\"1.5.2-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"koffice-dbg\", pkgver:\"1.5.2-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"koffice-dev\", pkgver:\"1.5.2-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"koffice-doc\", pkgver:\"1.5.2-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"koffice-doc-html\", pkgver:\"1.5.2-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"koffice-libs\", pkgver:\"1.5.2-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"koshell\", pkgver:\"1.5.2-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"kplato\", pkgver:\"1.5.2-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"kpresenter\", pkgver:\"1.5.2-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"kpresenter-data\", pkgver:\"1.5.2-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"krita\", pkgver:\"1.5.2-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"krita-data\", pkgver:\"1.5.2-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"kspread\", pkgver:\"1.5.2-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"kthesaurus\", pkgver:\"1.5.2-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"kugar\", pkgver:\"1.5.2-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"kword\", pkgver:\"1:1.5.2-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"kword-data\", pkgver:\"1.5.2-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libpoppler-dev\", pkgver:\"0.5.4-0ubuntu4.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libpoppler-glib-dev\", pkgver:\"0.5.4-0ubuntu4.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libpoppler-qt-dev\", pkgver:\"0.5.4-0ubuntu4.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libpoppler-qt4-dev\", pkgver:\"0.5.4-0ubuntu4.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libpoppler1\", pkgver:\"0.5.4-0ubuntu4.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libpoppler1-glib\", pkgver:\"0.5.4-0ubuntu4.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libpoppler1-qt\", pkgver:\"0.5.4-0ubuntu4.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libpoppler1-qt4\", pkgver:\"0.5.4-0ubuntu4.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"poppler-utils\", pkgver:\"0.5.4-0ubuntu4.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kamera / karbon / kchart / kcoloredit / kdegraphics / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:22", "bulletinFamily": "software", "cvelist": ["CVE-2007-0103", "CVE-2007-0104", "CVE-2007-0102"], "description": "Infinite loop on page model tree parsing.", "edition": 1, "modified": "2007-01-21T00:00:00", "published": "2007-01-21T00:00:00", "id": "SECURITYVULNS:VULN:7067", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:7067", "title": "Multiple PDF library PDF parsing DoS", "type": "securityvulns", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}
