Search...

Debian Security Advisory DSA 1408-1 (kdegraphics)

2008-01-17T00:00:00

ID OPENVAS:59235
Type openvas
Reporter Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com
Modified 2017-07-07T00:00:00

Description

The remote host is missing an update to kdegraphics announced via advisory DSA 1408-1.

                                        
                                            # OpenVAS Vulnerability Test
# $Id: deb_1408_1.nasl 6616 2017-07-07 12:10:49Z cfischer $
# Description: Auto-generated from advisory DSA 1408-1
#
# Authors:
# Thomas Reinke &lt;reinke@securityspace.com&gt;
#
# Copyright:
# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com
# Text descriptions are largerly excerpted from the referenced
# advisory, and are Copyright (c) the respective author(s)
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2,
# as published by the Free Software Foundation
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#

include("revisions-lib.inc");
tag_insight = "Alin Rad Pop discovered a buffer overflow in kpdf, which could allow
the execution of arbitrary code if a malformed PDF file is displayed.

For the stable distribution (etch), this problem has been fixed in
version 4:3.5.5-3etch2. Builds for arm and sparc are not yet available.

The old stable distribution (sarge) will be fixed later.

We recommend that you upgrade your kdegraphics packages.";
tag_summary = "The remote host is missing an update to kdegraphics
announced via advisory DSA 1408-1.";

tag_solution = "https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201408-1";

if(description)
{
 script_id(59235);
 script_version("$Revision: 6616 $");
 script_tag(name:"last_modification", value:"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $");
 script_tag(name:"creation_date", value:"2008-01-17 23:23:47 +0100 (Thu, 17 Jan 2008)");
 script_cve_id("CVE-2007-5393");
 script_tag(name:"cvss_base", value:"9.3");
 script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
 script_name("Debian Security Advisory DSA 1408-1 (kdegraphics)");



 script_category(ACT_GATHER_INFO);

 script_copyright("Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com");
 script_family("Debian Local Security Checks");
 script_dependencies("gather-package-list.nasl");
 script_mandatory_keys("ssh/login/debian_linux", "ssh/login/packages");
 script_tag(name : "solution" , value : tag_solution);
 script_tag(name : "insight" , value : tag_insight);
 script_tag(name : "summary" , value : tag_summary);
 script_tag(name:"qod_type", value:"package");
 script_tag(name:"solution_type", value:"VendorFix");
 exit(0);
}

#
# The script code starts here
#

include("pkg-lib-deb.inc");

res = "";
report = "";
if ((res = isdpkgvuln(pkg:"kdegraphics-doc-html", ver:"3.5.5-3etch2", rls:"DEB4.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kdegraphics", ver:"3.5.5-3etch2", rls:"DEB4.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kolourpaint", ver:"3.5.5-3etch2", rls:"DEB4.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kiconedit", ver:"3.5.5-3etch2", rls:"DEB4.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kfaxview", ver:"3.5.5-3etch2", rls:"DEB4.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kuickshow", ver:"3.5.5-3etch2", rls:"DEB4.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kooka", ver:"3.5.5-3etch2", rls:"DEB4.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kghostview", ver:"3.5.5-3etch2", rls:"DEB4.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kdegraphics-dev", ver:"3.5.5-3etch2", rls:"DEB4.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kfax", ver:"3.5.5-3etch2", rls:"DEB4.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kview", ver:"3.5.5-3etch2", rls:"DEB4.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kpdf", ver:"3.5.5-3etch2", rls:"DEB4.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kmrml", ver:"3.5.5-3etch2", rls:"DEB4.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kpovmodeler", ver:"3.5.5-3etch2", rls:"DEB4.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kdegraphics-kfile-plugins", ver:"3.5.5-3etch2", rls:"DEB4.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"ksnapshot", ver:"3.5.5-3etch2", rls:"DEB4.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kruler", ver:"3.5.5-3etch2", rls:"DEB4.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"libkscan-dev", ver:"3.5.5-3etch2", rls:"DEB4.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kamera", ver:"3.5.5-3etch2", rls:"DEB4.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"libkscan1", ver:"3.5.5-3etch2", rls:"DEB4.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kcoloredit", ver:"3.5.5-3etch2", rls:"DEB4.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kdegraphics-dbg", ver:"3.5.5-3etch2", rls:"DEB4.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kdvi", ver:"3.5.5-3etch2", rls:"DEB4.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kgamma", ver:"3.5.5-3etch2", rls:"DEB4.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"kviewshell", ver:"3.5.5-3etch2", rls:"DEB4.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"ksvg", ver:"3.5.5-3etch2", rls:"DEB4.0")) != NULL) {
    report += res;
}

if (report != "") {
    security_message(data:report);
} else if (__pkg_match) {
    exit(99); # Not vulnerable.
}

JSON Vulners Source

Initial Source

{"id": "OPENVAS:59235", "type": "openvas", "bulletinFamily": "scanner", "title": "Debian Security Advisory DSA 1408-1 (kdegraphics)", "description": "The remote host is missing an update to kdegraphics\nannounced via advisory DSA 1408-1.", "published": "2008-01-17T00:00:00", "modified": "2017-07-07T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=59235", "reporter": "Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com", "references": [], "cvelist": ["CVE-2007-5393"], "lastseen": "2017-07-24T12:50:00", "viewCount": 0, "enchantments": {"score": {"value": 7.6, "vector": "NONE", "modified": "2017-07-24T12:50:00", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2007-5393"]}, {"type": "osvdb", "idList": ["OSVDB:39543"]}, {"type": "centos", "idList": ["CESA-2007:1024", "CESA-2007:1025", "CESA-2007:1023", "CESA-2007:1028-01", "CESA-2007:1031-01", "CESA-2007:1028"]}, {"type": "redhat", "idList": ["RHSA-2007:1025", "RHSA-2007:1023", "RHSA-2007:1021", "RHSA-2007:1051", "RHSA-2007:1031", "RHSA-2007:1026", "RHSA-2007:1028"]}, {"type": "nessus", "idList": ["CENTOS_RHSA-2007-1028.NASL", "REDHAT-RHSA-2007-1028.NASL", "ORACLELINUX_ELSA-2007-1028.NASL", "FEDORA_2007-3031.NASL", "CENTOS_RHSA-2007-1023.NASL", "REDHAT-RHSA-2007-1031.NASL", "DEBIAN_DSA-1408.NASL", "SUSE_KDEGRAPHICS3-PDF-4681.NASL", "SUSE_PDFTOHTML-4642.NASL", "REDHAT-RHSA-2007-1051.NASL"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1480-1:FF106", "DEBIAN:DSA-1408-1:14841"]}, {"type": "seebug", "idList": ["SSV:2409"]}, {"type": "oraclelinux", "idList": ["ELSA-2007-1024", "ELSA-2007-1028", "ELSA-2007-1026", "ELSA-2007-1023"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310122632", "OPENVAS:58763", "OPENVAS:60443", "OPENVAS:1361412562310830067", "OPENVAS:861398", "OPENVAS:1361412562310830113", "OPENVAS:861530", "OPENVAS:861064", "OPENVAS:136141256231065958", "OPENVAS:861497"]}, {"type": "fedora", "idList": ["FEDORA:LAD057H6022394", "FEDORA:LAD057H4022394", "FEDORA:LAD057UF022395", "FEDORA:LAD057H2022394", "FEDORA:LAD057GX022394", "FEDORA:LAD057UK022395", "FEDORA:LAD057UM022395", "FEDORA:LAD057H5022394", "FEDORA:LA9NFJ0N011644", "FEDORA:LAD057H0022394"]}, {"type": "suse", "idList": ["SUSE-SA:2007:060"]}, {"type": "freebsd", "idList": ["2747FC39-915B-11DC-9239-001C2514716C"]}], "modified": "2017-07-24T12:50:00", "rev": 2}, "vulnersScore": 7.6}, "pluginID": "59235", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1408_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1408-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Alin Rad Pop discovered a buffer overflow in kpdf, which could allow\nthe execution of arbitrary code if a malformed PDF file is displayed.\n\nFor the stable distribution (etch), this problem has been fixed in\nversion 4:3.5.5-3etch2. Builds for arm and sparc are not yet available.\n\nThe old stable distribution (sarge) will be fixed later.\n\nWe recommend that you upgrade your kdegraphics packages.\";\ntag_summary = \"The remote host is missing an update to kdegraphics\nannounced via advisory DSA 1408-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201408-1\";\n\nif(description)\n{\n script_id(59235);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 23:23:47 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2007-5393\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 1408-1 (kdegraphics)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"kdegraphics-doc-html\", ver:\"3.5.5-3etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kdegraphics\", ver:\"3.5.5-3etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kolourpaint\", ver:\"3.5.5-3etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kiconedit\", ver:\"3.5.5-3etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kfaxview\", ver:\"3.5.5-3etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kuickshow\", ver:\"3.5.5-3etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kooka\", ver:\"3.5.5-3etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kghostview\", ver:\"3.5.5-3etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kdegraphics-dev\", ver:\"3.5.5-3etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kfax\", ver:\"3.5.5-3etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kview\", ver:\"3.5.5-3etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kpdf\", ver:\"3.5.5-3etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kmrml\", ver:\"3.5.5-3etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kpovmodeler\", ver:\"3.5.5-3etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kdegraphics-kfile-plugins\", ver:\"3.5.5-3etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ksnapshot\", ver:\"3.5.5-3etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kruler\", ver:\"3.5.5-3etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkscan-dev\", ver:\"3.5.5-3etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kamera\", ver:\"3.5.5-3etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libkscan1\", ver:\"3.5.5-3etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kcoloredit\", ver:\"3.5.5-3etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kdegraphics-dbg\", ver:\"3.5.5-3etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kdvi\", ver:\"3.5.5-3etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kgamma\", ver:\"3.5.5-3etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kviewshell\", ver:\"3.5.5-3etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ksvg\", ver:\"3.5.5-3etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "naslFamily": "Debian Local Security Checks"}

{"cve": [{"lastseen": "2020-10-03T11:45:54", "description": "Heap-based buffer overflow in the CCITTFaxStream::lookChar method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a PDF file that contains a crafted CCITTFaxDecode filter.", "edition": 3, "cvss3": {}, "published": "2007-11-08T02:46:00", "title": "CVE-2007-5393", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-5393"], "modified": "2017-09-29T01:29:00", "cpe": ["cpe:/a:xpdf:xpdf:3.02p11"], "id": "CVE-2007-5393", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-5393", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:xpdf:xpdf:3.02p11:*:*:*:*:*:*:*"]}], "centos": [{"lastseen": "2019-12-20T18:27:25", "bulletinFamily": "unix", "cvelist": ["CVE-2007-5393"], "description": "**CentOS Errata and Security Advisory** CESA-2007:1028\n\n\nTeTeX is an implementation of TeX. TeX takes a text file and a set of\r\nformatting commands as input, and creates a typesetter-independent DeVice\r\nIndependent (dvi) file as output.\r\n\r\nAlin Rad Pop discovered a flaw in the handling of PDF files. An attacker\r\ncould create a malicious PDF file that would cause TeTeX to crash, or\r\npotentially execute arbitrary code when opened. (CVE-2007-5393)\r\n\r\nUsers are advised to upgrade to these updated packages, which contain\r\nbackported patches to resolve these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2007-November/026413.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-November/026422.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-November/026423.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-November/026425.html\n\n**Affected packages:**\ntetex\ntetex-afm\ntetex-doc\ntetex-dvips\ntetex-fonts\ntetex-latex\ntetex-xdvi\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2007-1028.html", "edition": 4, "modified": "2007-11-08T00:04:58", "published": "2007-11-07T20:26:41", "href": "http://lists.centos.org/pipermail/centos-announce/2007-November/026413.html", "id": "CESA-2007:1028", "title": "tetex security update", "type": "centos", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-20T18:24:38", "bulletinFamily": "unix", "cvelist": ["CVE-2007-5393"], "description": "**CentOS Errata and Security Advisory** CESA-2007:1028-01\n\n\nTeTeX is an implementation of TeX. TeX takes a text file and a set of\r\nformatting commands as input, and creates a typesetter-independent DeVice\r\nIndependent (dvi) file as output.\r\n\r\nAlin Rad Pop discovered a flaw in the handling of PDF files. An attacker\r\ncould create a malicious PDF file that would cause TeTeX to crash, or\r\npotentially execute arbitrary code when opened. (CVE-2007-5393)\r\n\r\nUsers are advised to upgrade to these updated packages, which contain\r\nbackported patches to resolve these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2007-November/026443.html\n\n**Affected packages:**\ntetex\ntetex-afm\ntetex-doc\ntetex-dvilj\ntetex-dvips\ntetex-fonts\ntetex-latex\ntetex-xdvi\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/rh21as-errata.html", "edition": 4, "modified": "2007-11-09T03:33:56", "published": "2007-11-09T03:33:56", "href": "http://lists.centos.org/pipermail/centos-announce/2007-November/026443.html", "id": "CESA-2007:1028-01", "title": "tetex security update", "type": "centos", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-20T18:25:38", "bulletinFamily": "unix", "cvelist": ["CVE-2007-4033", "CVE-2007-5393"], "description": "**CentOS Errata and Security Advisory** CESA-2007:1031-01\n\n\nXpdf is an X Window System-based viewer for Portable Document Format (PDF)\r\nfiles.\r\n\r\nAlin Rad Pop discovered a flaw in the handling of PDF files. An attacker\r\ncould create a malicious PDF file that would cause Xpdf to crash, or\r\npotentially execute arbitrary code when opened. (CVE-2007-5393)\r\n\r\nA flaw was found in the t1lib library, used in the handling of Type 1\r\nfonts. An attacker could create a malicious file that would cause Xpdf\r\nto crash, or potentially execute arbitrary code when opened.\r\n(CVE-2007-4033)\r\n\r\nUsers are advised to upgrade to these updated packages, which contain\r\nbackported patches to resolve these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2007-November/026444.html\n\n**Affected packages:**\nxpdf\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/rh21as-errata.html", "edition": 4, "modified": "2007-11-09T03:35:01", "published": "2007-11-09T03:35:01", "href": "http://lists.centos.org/pipermail/centos-announce/2007-November/026444.html", "id": "CESA-2007:1031-01", "title": "xpdf security update", "type": "centos", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-20T18:24:23", "bulletinFamily": "unix", "cvelist": ["CVE-2007-4351", "CVE-2007-4045", "CVE-2007-5393"], "description": "**CentOS Errata and Security Advisory** CESA-2007:1023\n\n\nThe Common UNIX Printing System (CUPS) provides a portable printing layer\r\nfor UNIX(R) operating systems.\r\n\r\nAlin Rad Pop discovered a flaw in the handling of PDF files. An attacker\r\ncould create a malicious PDF file that would cause CUPS to crash or\r\npotentially execute arbitrary code when printed. (CVE-2007-5393)\r\n\r\nAlin Rad Pop discovered a flaw in in the way CUPS handles certain IPP tags.\r\nA remote attacker who is able to connect to the IPP TCP port could send a\r\nmalicious request causing the CUPS daemon to crash. (CVE-2007-4351)\r\n\r\nA flaw was found in the way CUPS handled SSL negotiation. A remote attacker\r\ncapable of connecting to the CUPS daemon could cause CUPS to crash.\r\n(CVE-2007-4045)\r\n\r\nAll CUPS users are advised to upgrade to these updated packages, which\r\ncontain backported patches to resolve these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2007-November/026412.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-November/026418.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-November/026419.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-November/026424.html\n\n**Affected packages:**\ncups\ncups-devel\ncups-libs\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2007-1023.html", "edition": 4, "modified": "2007-11-07T23:51:07", "published": "2007-11-07T20:06:27", "href": "http://lists.centos.org/pipermail/centos-announce/2007-November/026412.html", "id": "CESA-2007:1023", "title": "cups security update", "type": "centos", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-20T18:25:53", "bulletinFamily": "unix", "cvelist": ["CVE-2007-5392", "CVE-2007-4352", "CVE-2007-5393"], "description": "**CentOS Errata and Security Advisory** CESA-2007:1029\n\n\nXpdf is an X Window System-based viewer for Portable Document Format (PDF)\r\nfiles.\r\n\r\nAlin Rad Pop discovered several flaws in the handling of PDF files. An\r\nattacker could create a malicious PDF file that would cause Xpdf to crash,\r\nor potentially execute arbitrary code when opened.\r\n(CVE-2007-4352, CVE-2007-5392, CVE-2007-5393)\r\n\r\nUsers are advised to upgrade to these updated packages, which contain\r\nbackported patches to resolve these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2007-November/026411.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-November/026417.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-November/026435.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-November/026436.html\n\n**Affected packages:**\nxpdf\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2007-1029.html", "edition": 3, "modified": "2007-11-08T12:18:33", "published": "2007-11-07T19:58:17", "href": "http://lists.centos.org/pipermail/centos-announce/2007-November/026411.html", "id": "CESA-2007:1029", "title": "xpdf security update", "type": "centos", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-17T03:29:52", "bulletinFamily": "unix", "cvelist": ["CVE-2007-5392", "CVE-2007-4352", "CVE-2007-5393"], "description": "**CentOS Errata and Security Advisory** CESA-2007:1024\n\n\nThe kdegraphics packages contain applications for the K Desktop\r\nEnvironment. This includes kpdf, a PDF file viewer.\r\n\r\nAlin Rad Pop discovered several flaws in the handling of PDF files. An\r\nattacker could create a malicious PDF file that would cause kpdf to crash,\r\nor potentially execute arbitrary code when opened. \r\n(CVE-2007-4352, CVE-2007-5392, CVE-2007-5393)\r\n\r\nAll kdegraphics users are advised to upgrade to these updated packages,\r\nwhich contain backported patches to resolve these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2007-November/026449.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-November/026450.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-November/026453.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-November/026454.html\n\n**Affected packages:**\nkdegraphics\nkdegraphics-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2007-1024.html", "edition": 6, "modified": "2007-11-12T22:19:44", "published": "2007-11-12T16:32:18", "href": "http://lists.centos.org/pipermail/centos-announce/2007-November/026449.html", "id": "CESA-2007:1024", "title": "kdegraphics security update", "type": "centos", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2021-01-06T09:25:13", "description": "Updated tetex packages that fix a security issue are now available for\nRed Hat Enterprise Linux 2.1 and 3.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nTeTeX is an implementation of TeX. TeX takes a text file and a set of\nformatting commands as input, and creates a typesetter-independent\nDeVice Independent (dvi) file as output.\n\nAlin Rad Pop discovered a flaw in the handling of PDF files. An\nattacker could create a malicious PDF file that would cause TeTeX to\ncrash, or potentially execute arbitrary code when opened.\n(CVE-2007-5393)\n\nUsers are advised to upgrade to these updated packages, which contain\nbackported patches to resolve these issues.", "edition": 26, "published": "2009-04-23T00:00:00", "title": "CentOS 3 : tetex (CESA-2007:1028)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5393"], "modified": "2009-04-23T00:00:00", "cpe": ["p-cpe:/a:centos:centos:tetex-dvips", "p-cpe:/a:centos:centos:tetex", "p-cpe:/a:centos:centos:tetex-fonts", "p-cpe:/a:centos:centos:tetex-doc", "p-cpe:/a:centos:centos:tetex-xdvi", "p-cpe:/a:centos:centos:tetex-latex", "p-cpe:/a:centos:centos:tetex-afm", "cpe:/o:centos:centos:3"], "id": "CENTOS_RHSA-2007-1028.NASL", "href": "https://www.tenable.com/plugins/nessus/37834", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2007:1028 and \n# CentOS Errata and Security Advisory 2007:1028 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(37834);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2007-5393\");\n script_bugtraq_id(26367);\n script_xref(name:\"RHSA\", value:\"2007:1028\");\n\n script_name(english:\"CentOS 3 : tetex (CESA-2007:1028)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated tetex packages that fix a security issue are now available for\nRed Hat Enterprise Linux 2.1 and 3.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nTeTeX is an implementation of TeX. TeX takes a text file and a set of\nformatting commands as input, and creates a typesetter-independent\nDeVice Independent (dvi) file as output.\n\nAlin Rad Pop discovered a flaw in the handling of PDF files. An\nattacker could create a malicious PDF file that would cause TeTeX to\ncrash, or potentially execute arbitrary code when opened.\n(CVE-2007-5393)\n\nUsers are advised to upgrade to these updated packages, which contain\nbackported patches to resolve these issues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2007-November/014375.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?91ee2a79\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2007-November/014384.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?690d3c9d\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2007-November/014385.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5b2674ad\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected tetex packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tetex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tetex-afm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tetex-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tetex-dvips\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tetex-fonts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tetex-latex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:tetex-xdvi\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/11/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/11/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 3.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-3\", reference:\"tetex-1.0.7-67.11\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"tetex-afm-1.0.7-67.11\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"tetex-doc-1.0.7-67.11\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"tetex-dvips-1.0.7-67.11\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"tetex-fonts-1.0.7-67.11\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"tetex-latex-1.0.7-67.11\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"tetex-xdvi-1.0.7-67.11\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tetex / tetex-afm / tetex-doc / tetex-dvips / tetex-fonts / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-06T09:44:52", "description": "Alin Rad Pop discovered a buffer overflow in kpdf, which could allow\nthe execution of arbitrary code if a malformed PDF file is displayed.\n\nThe old stable distribution (sarge) will be fixed later.", "edition": 26, "published": "2007-11-26T00:00:00", "title": "Debian DSA-1408-1 : kdegraphics - buffer overflow", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5393"], "modified": "2007-11-26T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:4.0", "p-cpe:/a:debian:debian_linux:kdegraphics"], "id": "DEBIAN_DSA-1408.NASL", "href": "https://www.tenable.com/plugins/nessus/28297", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1408. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(28297);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2007-5393\");\n script_xref(name:\"DSA\", value:\"1408\");\n\n script_name(english:\"Debian DSA-1408-1 : kdegraphics - buffer overflow\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Alin Rad Pop discovered a buffer overflow in kpdf, which could allow\nthe execution of arbitrary code if a malformed PDF file is displayed.\n\nThe old stable distribution (sarge) will be fixed later.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2007/dsa-1408\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the kdegraphics packages.\n\nFor the stable distribution (etch), this problem has been fixed in\nversion 4:3.5.5-3etch2. Builds for arm and sparc are not yet\navailable.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kdegraphics\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/11/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/11/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"kamera\", reference:\"4:3.5.5-3etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"kcoloredit\", reference:\"4:3.5.5-3etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"kdegraphics\", reference:\"4:3.5.5-3etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"kdegraphics-dbg\", reference:\"4:3.5.5-3etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"kdegraphics-dev\", reference:\"4:3.5.5-3etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"kdegraphics-doc-html\", reference:\"4:3.5.5-3etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"kdegraphics-kfile-plugins\", reference:\"4:3.5.5-3etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"kdvi\", reference:\"4:3.5.5-3etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"kfax\", reference:\"4:3.5.5-3etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"kfaxview\", reference:\"4:3.5.5-3etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"kgamma\", reference:\"4:3.5.5-3etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"kghostview\", reference:\"4:3.5.5-3etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"kiconedit\", reference:\"4:3.5.5-3etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"kmrml\", reference:\"4:3.5.5-3etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"kolourpaint\", reference:\"4:3.5.5-3etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"kooka\", reference:\"4:3.5.5-3etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"kpdf\", reference:\"4:3.5.5-3etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"kpovmodeler\", reference:\"4:3.5.5-3etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"kruler\", reference:\"4:3.5.5-3etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"ksnapshot\", reference:\"4:3.5.5-3etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"ksvg\", reference:\"4:3.5.5-3etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"kuickshow\", reference:\"4:3.5.5-3etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"kview\", reference:\"4:3.5.5-3etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"kviewshell\", reference:\"4:3.5.5-3etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libkscan-dev\", reference:\"4:3.5.5-3etch2\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libkscan1\", reference:\"4:3.5.5-3etch2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T14:45:22", "description": "A buffer overflow in the xpdf code contained in kpdf could be\nexploited by attackers to potentially execute arbitrary code\n(CVE-2007-5393).", "edition": 23, "published": "2007-11-14T00:00:00", "title": "openSUSE 10 Security Update : kdegraphics3-pdf (kdegraphics3-pdf-4681)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5393"], "modified": "2007-11-14T00:00:00", "cpe": ["cpe:/o:novell:opensuse:10.3", "cpe:/o:novell:opensuse:10.2", "p-cpe:/a:novell:opensuse:kdegraphics3-pdf", "cpe:/o:novell:opensuse:10.1"], "id": "SUSE_KDEGRAPHICS3-PDF-4681.NASL", "href": "https://www.tenable.com/plugins/nessus/28204", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update kdegraphics3-pdf-4681.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(28204);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-5393\");\n\n script_name(english:\"openSUSE 10 Security Update : kdegraphics3-pdf (kdegraphics3-pdf-4681)\");\n script_summary(english:\"Check for the kdegraphics3-pdf-4681 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A buffer overflow in the xpdf code contained in kpdf could be\nexploited by attackers to potentially execute arbitrary code\n(CVE-2007-5393).\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kdegraphics3-pdf package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kdegraphics3-pdf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/11/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/11/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.1|SUSE10\\.2|SUSE10\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.1 / 10.2 / 10.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.1\", reference:\"kdegraphics3-pdf-3.5.1-23.20\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"kdegraphics3-pdf-3.5.5-43.5\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"kdegraphics3-pdf-3.5.7-60.3\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kdegraphics3-pdf\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T12:44:04", "description": "From Red Hat Security Advisory 2007:1028 :\n\nUpdated tetex packages that fix a security issue are now available for\nRed Hat Enterprise Linux 2.1 and 3.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nTeTeX is an implementation of TeX. TeX takes a text file and a set of\nformatting commands as input, and creates a typesetter-independent\nDeVice Independent (dvi) file as output.\n\nAlin Rad Pop discovered a flaw in the handling of PDF files. An\nattacker could create a malicious PDF file that would cause TeTeX to\ncrash, or potentially execute arbitrary code when opened.\n(CVE-2007-5393)\n\nUsers are advised to upgrade to these updated packages, which contain\nbackported patches to resolve these issues.", "edition": 24, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 3 : tetex (ELSA-2007-1028)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5393"], "modified": "2013-07-12T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:tetex-xdvi", "cpe:/o:oracle:linux:3", "p-cpe:/a:oracle:linux:tetex-afm", "p-cpe:/a:oracle:linux:tetex-fonts", "p-cpe:/a:oracle:linux:tetex", "p-cpe:/a:oracle:linux:tetex-dvips", "p-cpe:/a:oracle:linux:tetex-latex"], "id": "ORACLELINUX_ELSA-2007-1028.NASL", "href": "https://www.tenable.com/plugins/nessus/67605", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2007:1028 and \n# Oracle Linux Security Advisory ELSA-2007-1028 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67605);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-5393\");\n script_bugtraq_id(26367);\n script_xref(name:\"RHSA\", value:\"2007:1028\");\n\n script_name(english:\"Oracle Linux 3 : tetex (ELSA-2007-1028)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2007:1028 :\n\nUpdated tetex packages that fix a security issue are now available for\nRed Hat Enterprise Linux 2.1 and 3.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nTeTeX is an implementation of TeX. TeX takes a text file and a set of\nformatting commands as input, and creates a typesetter-independent\nDeVice Independent (dvi) file as output.\n\nAlin Rad Pop discovered a flaw in the handling of PDF files. An\nattacker could create a malicious PDF file that would cause TeTeX to\ncrash, or potentially execute arbitrary code when opened.\n(CVE-2007-5393)\n\nUsers are advised to upgrade to these updated packages, which contain\nbackported patches to resolve these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2007-November/000390.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected tetex packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tetex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tetex-afm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tetex-dvips\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tetex-fonts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tetex-latex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tetex-xdvi\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/11/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/11/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 3\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"tetex-1.0.7-67.11\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"tetex-1.0.7-67.11\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"tetex-afm-1.0.7-67.11\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"tetex-afm-1.0.7-67.11\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"tetex-dvips-1.0.7-67.11\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"tetex-dvips-1.0.7-67.11\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"tetex-fonts-1.0.7-67.11\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"tetex-fonts-1.0.7-67.11\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"tetex-latex-1.0.7-67.11\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"tetex-latex-1.0.7-67.11\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"tetex-xdvi-1.0.7-67.11\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"tetex-xdvi-1.0.7-67.11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tetex / tetex-afm / tetex-dvips / tetex-fonts / tetex-latex / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T13:05:56", "description": "Updated kdegraphics packages that fix a security issue are now\navailable for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kdegraphics packages contain applications for the K Desktop\nEnvironment. This includes kpdf, a PDF file viewer.\n\nAlin Rad Pop discovered a flaw in the handling of PDF files. An\nattacker could create a malicious PDF file that would cause kpdf to\ncrash, or potentially execute arbitrary code when opened.\n(CVE-2007-5393)\n\nAll kdegraphics users are advised to upgrade to these updated\npackages, which contain backported patches to resolve this issue.", "edition": 26, "published": "2009-04-23T00:00:00", "title": "RHEL 5 : kdegraphics (RHSA-2007:1051)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5393"], "modified": "2009-04-23T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:5", "p-cpe:/a:redhat:enterprise_linux:kdegraphics-devel", "p-cpe:/a:redhat:enterprise_linux:kdegraphics", "cpe:/o:redhat:enterprise_linux:5.1"], "id": "REDHAT-RHSA-2007-1051.NASL", "href": "https://www.tenable.com/plugins/nessus/36457", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2007:1051. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(36457);\n script_version(\"1.21\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-5393\");\n script_bugtraq_id(26367);\n script_xref(name:\"RHSA\", value:\"2007:1051\");\n\n script_name(english:\"RHEL 5 : kdegraphics (RHSA-2007:1051)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kdegraphics packages that fix a security issue are now\navailable for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kdegraphics packages contain applications for the K Desktop\nEnvironment. This includes kpdf, a PDF file viewer.\n\nAlin Rad Pop discovered a flaw in the handling of PDF files. An\nattacker could create a malicious PDF file that would cause kpdf to\ncrash, or potentially execute arbitrary code when opened.\n(CVE-2007-5393)\n\nAll kdegraphics users are advised to upgrade to these updated\npackages, which contain backported patches to resolve this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-5393\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2007:1051\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kdegraphics and / or kdegraphics-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kdegraphics\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kdegraphics-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/11/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/11/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2007:1051\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"kdegraphics-3.5.4-5.el5_1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kdegraphics-3.5.4-5.el5_1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"kdegraphics-devel-3.5.4-5.el5_1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kdegraphics-devel-3.5.4-5.el5_1\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kdegraphics / kdegraphics-devel\");\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T13:05:55", "description": "Updated tetex packages that fix a security issue are now available for\nRed Hat Enterprise Linux 2.1 and 3.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nTeTeX is an implementation of TeX. TeX takes a text file and a set of\nformatting commands as input, and creates a typesetter-independent\nDeVice Independent (dvi) file as output.\n\nAlin Rad Pop discovered a flaw in the handling of PDF files. An\nattacker could create a malicious PDF file that would cause TeTeX to\ncrash, or potentially execute arbitrary code when opened.\n(CVE-2007-5393)\n\nUsers are advised to upgrade to these updated packages, which contain\nbackported patches to resolve these issues.", "edition": 27, "published": "2007-11-08T00:00:00", "title": "RHEL 2.1 / 3 : tetex (RHSA-2007:1028)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5393"], "modified": "2007-11-08T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:3", "cpe:/o:redhat:enterprise_linux:2.1", "p-cpe:/a:redhat:enterprise_linux:tetex-afm", "p-cpe:/a:redhat:enterprise_linux:tetex-doc", "p-cpe:/a:redhat:enterprise_linux:tetex-dvilj", "p-cpe:/a:redhat:enterprise_linux:tetex-fonts", "p-cpe:/a:redhat:enterprise_linux:tetex", "p-cpe:/a:redhat:enterprise_linux:tetex-xdvi", "p-cpe:/a:redhat:enterprise_linux:tetex-latex", "p-cpe:/a:redhat:enterprise_linux:tetex-dvips"], "id": "REDHAT-RHSA-2007-1028.NASL", "href": "https://www.tenable.com/plugins/nessus/27838", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2007:1028. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(27838);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-5393\");\n script_bugtraq_id(26367);\n script_xref(name:\"RHSA\", value:\"2007:1028\");\n\n script_name(english:\"RHEL 2.1 / 3 : tetex (RHSA-2007:1028)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated tetex packages that fix a security issue are now available for\nRed Hat Enterprise Linux 2.1 and 3.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nTeTeX is an implementation of TeX. TeX takes a text file and a set of\nformatting commands as input, and creates a typesetter-independent\nDeVice Independent (dvi) file as output.\n\nAlin Rad Pop discovered a flaw in the handling of PDF files. An\nattacker could create a malicious PDF file that would cause TeTeX to\ncrash, or potentially execute arbitrary code when opened.\n(CVE-2007-5393)\n\nUsers are advised to upgrade to these updated packages, which contain\nbackported patches to resolve these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-5393\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2007:1028\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tetex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tetex-afm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tetex-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tetex-dvilj\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tetex-dvips\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tetex-fonts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tetex-latex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tetex-xdvi\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:2.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/11/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/11/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/11/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(2\\.1|3)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 2.1 / 3.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2007:1028\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"tetex-1.0.7-38.5E.12\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"tetex-afm-1.0.7-38.5E.12\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"tetex-doc-1.0.7-38.5E.12\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"tetex-dvilj-1.0.7-38.5E.12\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"tetex-dvips-1.0.7-38.5E.12\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"tetex-fonts-1.0.7-38.5E.12\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"tetex-latex-1.0.7-38.5E.12\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"tetex-xdvi-1.0.7-38.5E.12\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"tetex-1.0.7-67.11\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"tetex-afm-1.0.7-67.11\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"tetex-dvips-1.0.7-67.11\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"tetex-fonts-1.0.7-67.11\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"tetex-latex-1.0.7-67.11\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"tetex-xdvi-1.0.7-67.11\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tetex / tetex-afm / tetex-doc / tetex-dvilj / tetex-dvips / etc\");\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T13:05:56", "description": "Updated xpdf packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 2.1.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nXpdf is an X Window System-based viewer for Portable Document Format\n(PDF) files.\n\nAlin Rad Pop discovered a flaw in the handling of PDF files. An\nattacker could create a malicious PDF file that would cause Xpdf to\ncrash, or potentially execute arbitrary code when opened.\n(CVE-2007-5393)\n\nA flaw was found in the t1lib library, used in the handling of Type 1\nfonts. An attacker could create a malicious file that would cause Xpdf\nto crash, or potentially execute arbitrary code when opened.\n(CVE-2007-4033)\n\nUsers are advised to upgrade to these updated packages, which contain\nbackported patches to resolve these issues.", "edition": 26, "published": "2007-11-08T00:00:00", "title": "RHEL 2.1 : xpdf (RHSA-2007:1031)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-4033", "CVE-2007-5393"], "modified": "2007-11-08T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:2.1", "p-cpe:/a:redhat:enterprise_linux:xpdf"], "id": "REDHAT-RHSA-2007-1031.NASL", "href": "https://www.tenable.com/plugins/nessus/27840", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2007:1031. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(27840);\n script_version(\"1.23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-4033\", \"CVE-2007-5393\");\n script_bugtraq_id(25079, 26367);\n script_xref(name:\"RHSA\", value:\"2007:1031\");\n\n script_name(english:\"RHEL 2.1 : xpdf (RHSA-2007:1031)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated xpdf packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 2.1.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nXpdf is an X Window System-based viewer for Portable Document Format\n(PDF) files.\n\nAlin Rad Pop discovered a flaw in the handling of PDF files. An\nattacker could create a malicious PDF file that would cause Xpdf to\ncrash, or potentially execute arbitrary code when opened.\n(CVE-2007-5393)\n\nA flaw was found in the t1lib library, used in the handling of Type 1\nfonts. An attacker could create a malicious file that would cause Xpdf\nto crash, or potentially execute arbitrary code when opened.\n(CVE-2007-4033)\n\nUsers are advised to upgrade to these updated packages, which contain\nbackported patches to resolve these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-4033\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-5393\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2007:1031\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected xpdf package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xpdf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:2.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/07/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/11/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/11/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^2\\.1([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 2.1\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\nif (cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i386\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2007:1031\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"xpdf-0.92-19.el2\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xpdf\");\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T13:05:55", "description": "Updated cups packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe Common UNIX Printing System (CUPS) provides a portable printing\nlayer for UNIX(R) operating systems.\n\nAlin Rad Pop discovered a flaw in the handling of PDF files. An\nattacker could create a malicious PDF file that would cause CUPS to\ncrash or potentially execute arbitrary code when printed.\n(CVE-2007-5393)\n\nAlin Rad Pop discovered a flaw in in the way CUPS handles certain IPP\ntags. A remote attacker who is able to connect to the IPP TCP port\ncould send a malicious request causing the CUPS daemon to crash.\n(CVE-2007-4351)\n\nA flaw was found in the way CUPS handled SSL negotiation. A remote\nattacker capable of connecting to the CUPS daemon could cause CUPS to\ncrash. (CVE-2007-4045)\n\nAll CUPS users are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues.", "edition": 27, "published": "2007-11-08T00:00:00", "title": "RHEL 3 : cups (RHSA-2007:1023)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-4351", "CVE-2007-4045", "CVE-2007-5393"], "modified": "2007-11-08T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:3", "p-cpe:/a:redhat:enterprise_linux:cups-devel", "p-cpe:/a:redhat:enterprise_linux:cups", "p-cpe:/a:redhat:enterprise_linux:cups-libs"], "id": "REDHAT-RHSA-2007-1023.NASL", "href": "https://www.tenable.com/plugins/nessus/27836", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2007:1023. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(27836);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-4045\", \"CVE-2007-4351\", \"CVE-2007-5393\");\n script_bugtraq_id(26367, 26524);\n script_xref(name:\"RHSA\", value:\"2007:1023\");\n\n script_name(english:\"RHEL 3 : cups (RHSA-2007:1023)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated cups packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe Common UNIX Printing System (CUPS) provides a portable printing\nlayer for UNIX(R) operating systems.\n\nAlin Rad Pop discovered a flaw in the handling of PDF files. An\nattacker could create a malicious PDF file that would cause CUPS to\ncrash or potentially execute arbitrary code when printed.\n(CVE-2007-5393)\n\nAlin Rad Pop discovered a flaw in in the way CUPS handles certain IPP\ntags. A remote attacker who is able to connect to the IPP TCP port\ncould send a malicious request causing the CUPS daemon to crash.\n(CVE-2007-4351)\n\nA flaw was found in the way CUPS handled SSL negotiation. A remote\nattacker capable of connecting to the CUPS daemon could cause CUPS to\ncrash. (CVE-2007-4045)\n\nAll CUPS users are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-4045\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-4351\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-5393\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2007:1023\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected cups, cups-devel and / or cups-libs packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cups\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cups-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cups-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/07/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/11/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/11/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 3.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2007:1023\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL3\", reference:\"cups-1.1.17-13.3.46\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"cups-devel-1.1.17-13.3.46\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"cups-libs-1.1.17-13.3.46\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"cups / cups-devel / cups-libs\");\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T12:44:04", "description": "From Red Hat Security Advisory 2007:1023 :\n\nUpdated cups packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe Common UNIX Printing System (CUPS) provides a portable printing\nlayer for UNIX(R) operating systems.\n\nAlin Rad Pop discovered a flaw in the handling of PDF files. An\nattacker could create a malicious PDF file that would cause CUPS to\ncrash or potentially execute arbitrary code when printed.\n(CVE-2007-5393)\n\nAlin Rad Pop discovered a flaw in in the way CUPS handles certain IPP\ntags. A remote attacker who is able to connect to the IPP TCP port\ncould send a malicious request causing the CUPS daemon to crash.\n(CVE-2007-4351)\n\nA flaw was found in the way CUPS handled SSL negotiation. A remote\nattacker capable of connecting to the CUPS daemon could cause CUPS to\ncrash. (CVE-2007-4045)\n\nAll CUPS users are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues.", "edition": 25, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 3 : cups (ELSA-2007-1023)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-4351", "CVE-2007-4045", "CVE-2007-5393"], "modified": "2013-07-12T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:cups", "p-cpe:/a:oracle:linux:cups-libs", "cpe:/o:oracle:linux:3", "p-cpe:/a:oracle:linux:cups-devel"], "id": "ORACLELINUX_ELSA-2007-1023.NASL", "href": "https://www.tenable.com/plugins/nessus/67600", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2007:1023 and \n# Oracle Linux Security Advisory ELSA-2007-1023 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67600);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-4045\", \"CVE-2007-4351\", \"CVE-2007-5393\");\n script_bugtraq_id(26367, 26524);\n script_xref(name:\"RHSA\", value:\"2007:1023\");\n\n script_name(english:\"Oracle Linux 3 : cups (ELSA-2007-1023)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2007:1023 :\n\nUpdated cups packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe Common UNIX Printing System (CUPS) provides a portable printing\nlayer for UNIX(R) operating systems.\n\nAlin Rad Pop discovered a flaw in the handling of PDF files. An\nattacker could create a malicious PDF file that would cause CUPS to\ncrash or potentially execute arbitrary code when printed.\n(CVE-2007-5393)\n\nAlin Rad Pop discovered a flaw in in the way CUPS handles certain IPP\ntags. A remote attacker who is able to connect to the IPP TCP port\ncould send a malicious request causing the CUPS daemon to crash.\n(CVE-2007-4351)\n\nA flaw was found in the way CUPS handled SSL negotiation. A remote\nattacker capable of connecting to the CUPS daemon could cause CUPS to\ncrash. (CVE-2007-4045)\n\nAll CUPS users are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2007-November/000391.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected cups packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:cups\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:cups-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:cups-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/07/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/11/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 3\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"cups-1.1.17-13.3.46\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"cups-1.1.17-13.3.46\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"cups-devel-1.1.17-13.3.46\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"cups-devel-1.1.17-13.3.46\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"cups-libs-1.1.17-13.3.46\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"cups-libs-1.1.17-13.3.46\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"cups / cups-devel / cups-libs\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-06T09:25:13", "description": "Updated cups packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe Common UNIX Printing System (CUPS) provides a portable printing\nlayer for UNIX(R) operating systems.\n\nAlin Rad Pop discovered a flaw in the handling of PDF files. An\nattacker could create a malicious PDF file that would cause CUPS to\ncrash or potentially execute arbitrary code when printed.\n(CVE-2007-5393)\n\nAlin Rad Pop discovered a flaw in in the way CUPS handles certain IPP\ntags. A remote attacker who is able to connect to the IPP TCP port\ncould send a malicious request causing the CUPS daemon to crash.\n(CVE-2007-4351)\n\nA flaw was found in the way CUPS handled SSL negotiation. A remote\nattacker capable of connecting to the CUPS daemon could cause CUPS to\ncrash. (CVE-2007-4045)\n\nAll CUPS users are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues.", "edition": 27, "published": "2009-04-23T00:00:00", "title": "CentOS 3 : cups (CESA-2007:1023)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-4351", "CVE-2007-4045", "CVE-2007-5393"], "modified": "2009-04-23T00:00:00", "cpe": ["p-cpe:/a:centos:centos:cups-libs", "p-cpe:/a:centos:centos:cups", "p-cpe:/a:centos:centos:cups-devel", "cpe:/o:centos:centos:3"], "id": "CENTOS_RHSA-2007-1023.NASL", "href": "https://www.tenable.com/plugins/nessus/37449", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2007:1023 and \n# CentOS Errata and Security Advisory 2007:1023 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(37449);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2007-4045\", \"CVE-2007-4351\", \"CVE-2007-5393\");\n script_bugtraq_id(26367, 26524);\n script_xref(name:\"RHSA\", value:\"2007:1023\");\n\n script_name(english:\"CentOS 3 : cups (CESA-2007:1023)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated cups packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 3.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe Common UNIX Printing System (CUPS) provides a portable printing\nlayer for UNIX(R) operating systems.\n\nAlin Rad Pop discovered a flaw in the handling of PDF files. An\nattacker could create a malicious PDF file that would cause CUPS to\ncrash or potentially execute arbitrary code when printed.\n(CVE-2007-5393)\n\nAlin Rad Pop discovered a flaw in in the way CUPS handles certain IPP\ntags. A remote attacker who is able to connect to the IPP TCP port\ncould send a malicious request causing the CUPS daemon to crash.\n(CVE-2007-4351)\n\nA flaw was found in the way CUPS handled SSL negotiation. A remote\nattacker capable of connecting to the CUPS daemon could cause CUPS to\ncrash. (CVE-2007-4045)\n\nAll CUPS users are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2007-November/014374.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?897971c7\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2007-November/014380.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0d54a062\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2007-November/014381.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?84fff1c1\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected cups packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:cups\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:cups-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:cups-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/07/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/11/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 3.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-3\", reference:\"cups-1.1.17-13.3.46\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"cups-devel-1.1.17-13.3.46\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"cups-libs-1.1.17-13.3.46\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"cups / cups-devel / cups-libs\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2019-08-13T18:45:12", "bulletinFamily": "unix", "cvelist": ["CVE-2007-5393"], "description": "TeTeX is an implementation of TeX. TeX takes a text file and a set of\r\nformatting commands as input, and creates a typesetter-independent DeVice\r\nIndependent (dvi) file as output.\r\n\r\nAlin Rad Pop discovered a flaw in the handling of PDF files. An attacker\r\ncould create a malicious PDF file that would cause TeTeX to crash, or\r\npotentially execute arbitrary code when opened. (CVE-2007-5393)\r\n\r\nUsers are advised to upgrade to these updated packages, which contain\r\nbackported patches to resolve these issues.", "modified": "2019-03-22T23:43:28", "published": "2007-11-07T05:00:00", "id": "RHSA-2007:1028", "href": "https://access.redhat.com/errata/RHSA-2007:1028", "type": "redhat", "title": "(RHSA-2007:1028) Important: tetex security update", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:45:21", "bulletinFamily": "unix", "cvelist": ["CVE-2007-5393"], "description": "The kdegraphics packages contain applications for the K Desktop\r\nEnvironment. This includes kpdf, a PDF file viewer.\r\n\r\nAlin Rad Pop discovered a flaw in the handling of PDF files. An attacker\r\ncould create a malicious PDF file that would cause kpdf to crash, or\r\npotentially execute arbitrary code when opened. (CVE-2007-5393)\r\n\r\nAll kdegraphics users are advised to upgrade to these updated packages,\r\nwhich contain backported patches to resolve this issue.", "modified": "2017-09-08T11:48:22", "published": "2007-11-16T05:00:00", "id": "RHSA-2007:1051", "href": "https://access.redhat.com/errata/RHSA-2007:1051", "type": "redhat", "title": "(RHSA-2007:1051) Important: kdegraphics security update", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:44:58", "bulletinFamily": "unix", "cvelist": ["CVE-2007-4033", "CVE-2007-5393"], "description": "Xpdf is an X Window System-based viewer for Portable Document Format (PDF)\r\nfiles.\r\n\r\nAlin Rad Pop discovered a flaw in the handling of PDF files. An attacker\r\ncould create a malicious PDF file that would cause Xpdf to crash, or\r\npotentially execute arbitrary code when opened. (CVE-2007-5393)\r\n\r\nA flaw was found in the t1lib library, used in the handling of Type 1\r\nfonts. An attacker could create a malicious file that would cause Xpdf\r\nto crash, or potentially execute arbitrary code when opened.\r\n(CVE-2007-4033)\r\n\r\nUsers are advised to upgrade to these updated packages, which contain\r\nbackported patches to resolve these issues.", "modified": "2018-03-14T19:27:40", "published": "2007-11-07T05:00:00", "id": "RHSA-2007:1031", "href": "https://access.redhat.com/errata/RHSA-2007:1031", "type": "redhat", "title": "(RHSA-2007:1031) Important: xpdf security update", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:46:18", "bulletinFamily": "unix", "cvelist": ["CVE-2007-4045", "CVE-2007-4351", "CVE-2007-5393"], "description": "The Common UNIX Printing System (CUPS) provides a portable printing layer\r\nfor UNIX(R) operating systems.\r\n\r\nAlin Rad Pop discovered a flaw in the handling of PDF files. An attacker\r\ncould create a malicious PDF file that would cause CUPS to crash or\r\npotentially execute arbitrary code when printed. (CVE-2007-5393)\r\n\r\nAlin Rad Pop discovered a flaw in in the way CUPS handles certain IPP tags.\r\nA remote attacker who is able to connect to the IPP TCP port could send a\r\nmalicious request causing the CUPS daemon to crash. (CVE-2007-4351)\r\n\r\nA flaw was found in the way CUPS handled SSL negotiation. A remote attacker\r\ncapable of connecting to the CUPS daemon could cause CUPS to crash.\r\n(CVE-2007-4045)\r\n\r\nAll CUPS users are advised to upgrade to these updated packages, which\r\ncontain backported patches to resolve these issues.", "modified": "2017-07-28T18:43:55", "published": "2007-11-07T05:00:00", "id": "RHSA-2007:1023", "href": "https://access.redhat.com/errata/RHSA-2007:1023", "type": "redhat", "title": "(RHSA-2007:1023) Important: cups security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:45:34", "bulletinFamily": "unix", "cvelist": ["CVE-2007-4352", "CVE-2007-5392", "CVE-2007-5393"], "description": "The kdegraphics packages contain applications for the K Desktop\r\nEnvironment. This includes kpdf, a PDF file viewer.\r\n\r\nAlin Rad Pop discovered several flaws in the handling of PDF files. An\r\nattacker could create a malicious PDF file that would cause kpdf to crash,\r\nor potentially execute arbitrary code when opened. \r\n(CVE-2007-4352, CVE-2007-5392, CVE-2007-5393)\r\n\r\nAll kdegraphics users are advised to upgrade to these updated packages,\r\nwhich contain backported patches to resolve these issues.", "modified": "2017-09-08T11:55:20", "published": "2007-11-12T05:00:00", "id": "RHSA-2007:1024", "href": "https://access.redhat.com/errata/RHSA-2007:1024", "type": "redhat", "title": "(RHSA-2007:1024) Important: kdegraphics security update", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:45:17", "bulletinFamily": "unix", "cvelist": ["CVE-2007-4352", "CVE-2007-5392", "CVE-2007-5393"], "description": "Poppler is a PDF rendering library, used by applications such as evince. \r\n\r\nAlin Rad Pop discovered several flaws in the handling of PDF files. An\r\nattacker could create a malicious PDF file that would cause an application\r\nlinked with poppler to crash, or potentially execute arbitrary code when\r\nopened. (CVE-2007-4352, CVE-2007-5392, CVE-2007-5393)\r\n\r\nUsers are advised to upgrade to these updated packages, which contain\r\nbackported patches to resolve these issues.", "modified": "2017-09-08T12:11:55", "published": "2007-11-07T05:00:00", "id": "RHSA-2007:1026", "href": "https://access.redhat.com/errata/RHSA-2007:1026", "type": "redhat", "title": "(RHSA-2007:1026) Important: poppler security update", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:35", "bulletinFamily": "software", "cvelist": ["CVE-2007-5393"], "description": "# No description provided by the source\n\n## References:\n[Secunia Advisory ID:27599](https://secuniaresearch.flexerasoftware.com/advisories/27599/)\n[Secunia Advisory ID:27658](https://secuniaresearch.flexerasoftware.com/advisories/27658/)\n[Secunia Advisory ID:27705](https://secuniaresearch.flexerasoftware.com/advisories/27705/)\n[Secunia Advisory ID:27772](https://secuniaresearch.flexerasoftware.com/advisories/27772/)\n[Secunia Advisory ID:27577](https://secuniaresearch.flexerasoftware.com/advisories/27577/)\n[Secunia Advisory ID:27686](https://secuniaresearch.flexerasoftware.com/advisories/27686/)\n[Secunia Advisory ID:27579](https://secuniaresearch.flexerasoftware.com/advisories/27579/)\n[Secunia Advisory ID:27573](https://secuniaresearch.flexerasoftware.com/advisories/27573/)\n[Secunia Advisory ID:27624](https://secuniaresearch.flexerasoftware.com/advisories/27624/)\n[Secunia Advisory ID:27619](https://secuniaresearch.flexerasoftware.com/advisories/27619/)\n[Secunia Advisory ID:27640](https://secuniaresearch.flexerasoftware.com/advisories/27640/)\n[Secunia Advisory ID:27637](https://secuniaresearch.flexerasoftware.com/advisories/27637/)\n[Secunia Advisory ID:27575](https://secuniaresearch.flexerasoftware.com/advisories/27575/)\n[Secunia Advisory ID:27856](https://secuniaresearch.flexerasoftware.com/advisories/27856/)\n[Secunia Advisory ID:26436](https://secuniaresearch.flexerasoftware.com/advisories/26436/)\n[Secunia Advisory ID:27578](https://secuniaresearch.flexerasoftware.com/advisories/27578/)\n[Secunia Advisory ID:27574](https://secuniaresearch.flexerasoftware.com/advisories/27574/)\n[Secunia Advisory ID:27636](https://secuniaresearch.flexerasoftware.com/advisories/27636/)\n[Secunia Advisory ID:27632](https://secuniaresearch.flexerasoftware.com/advisories/27632/)\n[Secunia Advisory ID:27656](https://secuniaresearch.flexerasoftware.com/advisories/27656/)\n[Secunia Advisory ID:27634](https://secuniaresearch.flexerasoftware.com/advisories/27634/)\n[Secunia Advisory ID:27642](https://secuniaresearch.flexerasoftware.com/advisories/27642/)\n[Secunia Advisory ID:27721](https://secuniaresearch.flexerasoftware.com/advisories/27721/)\n[Secunia Advisory ID:27743](https://secuniaresearch.flexerasoftware.com/advisories/27743/)\n[Secunia Advisory ID:27718](https://secuniaresearch.flexerasoftware.com/advisories/27718/)\n[Secunia Advisory ID:28043](https://secuniaresearch.flexerasoftware.com/advisories/28043/)\n[Secunia Advisory ID:26503](https://secuniaresearch.flexerasoftware.com/advisories/26503/)\n[Secunia Advisory ID:27645](https://secuniaresearch.flexerasoftware.com/advisories/27645/)\n[Secunia Advisory ID:27641](https://secuniaresearch.flexerasoftware.com/advisories/27641/)\n[Secunia Advisory ID:27618](https://secuniaresearch.flexerasoftware.com/advisories/27618/)\n[Secunia Advisory ID:27615](https://secuniaresearch.flexerasoftware.com/advisories/27615/)\n[Secunia Advisory ID:27724](https://secuniaresearch.flexerasoftware.com/advisories/27724/)\n[Secunia Advisory ID:27759](https://secuniaresearch.flexerasoftware.com/advisories/27759/)\n[Related OSVDB ID: 1018760](https://vulners.com/osvdb/OSVDB:1018760)\nRedHat RHSA: RHSA-2007:1029\nRedHat RHSA: RHSA-2007:1027\nRedHat RHSA: RHSA-2007:1024\nRedHat RHSA: RHSA-2007:1025\nRedHat RHSA: RHSA-2007:1028\nRedHat RHSA: RHSA-2007:1026\nRedHat RHSA: RHSA-2007:1021\nOther Advisory URL: http://www.ubuntu.com/usn/usn-542-1\nOther Advisory URL: https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00327.html\nOther Advisory URL: http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html\nOther Advisory URL: https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html\nOther Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200711-22.xml\nOther Advisory URL: http://www.mandriva.com/en/security/advisories?name=MDKSA-2007:228\nOther Advisory URL: http://www.kde.org/info/security/advisory-20071107-1.txt\nOther Advisory URL: http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html\nOther Advisory URL: http://www.ubuntu.com/usn/usn-542-2\nOther Advisory URL: http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.761882\nOther Advisory URL: http://www.us.debian.org/security/2007/dsa-1408\nOther Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200711-26.xml\nOther Advisory URL: http://www.mandriva.com/en/security/advisories?name=MDKSA-2007:230\nOther Advisory URL: http://lists.rpath.com/pipermail/security-announce/2007-November/000282.html\nOther Advisory URL: http://rhn.redhat.com/errata/RHSA-2007-1025.html\nOther Advisory URL: http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html\nOther Advisory URL: https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html\nOther Advisory URL: https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html\nOther Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200711-34.xml\nOther Advisory URL: https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html\nOther Advisory URL: https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html\nOther Advisory URL: http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html\nOther Advisory URL: http://lists.opensuse.org/opensuse-security-announce/2007-11/msg00001.html\nOther Advisory URL: http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html\nOther Advisory URL: http://www.mandriva.com/en/security/advisories?name=MDKSA-2007:223\nOther Advisory URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:160\n[CVE-2007-5393](https://vulners.com/cve/CVE-2007-5393)\n", "edition": 1, "modified": "2007-11-08T19:41:27", "published": "2007-11-08T19:41:27", "href": "https://vulners.com/osvdb/OSVDB:39543", "id": "OSVDB:39543", "title": "Xpdf xpdf/Stream.cc CCITTFaxStream::lookChar Method PDF Handling Overflow", "type": "osvdb", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "debian": [{"lastseen": "2020-11-11T13:18:56", "bulletinFamily": "unix", "cvelist": ["CVE-2007-5393"], "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1408-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nNovember 21, 2007 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : kdegraphics\nVulnerability : buffer overflow\nProblem type : local(remote)\nDebian-specific: no\nCVE Id(s) : CVE-2007-5393\n\nAlin Rad Pop discovered a buffer overflow in kpdf, which could allow\nthe execution of arbitrary code if a malformed PDF file is displayed.\n\nFor the stable distribution (etch), this problem has been fixed in\nversion 4:3.5.5-3etch2. Builds for arm and sparc are not yet available.\n\nThe old stable distribution (sarge) will be fixed later.\n\nWe recommend that you upgrade your kdegraphics packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nStable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics_3.5.5.orig.tar.gz\n Size/MD5 checksum: 9012930 944e16dde53ffdb8c25a90d951a9d223\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics_3.5.5-3etch2.dsc\n Size/MD5 checksum: 1536 ed91f6a35e94700fecbd7a3f3f9ba534\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics_3.5.5-3etch2.diff.gz\n Size/MD5 checksum: 425618 f4eefc4970bcfe9cd7ca1069135d7740\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-doc-html_3.5.5-3etch2_all.deb\n Size/MD5 checksum: 151474 22439252b23511a33efa70183894dcb7\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics_3.5.5-3etch2_all.deb\n Size/MD5 checksum: 19324 9e756d045ecb29f0a670cf70f1abed40\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.5-3etch2_alpha.deb\n Size/MD5 checksum: 1147468 b495fd35363d8042436dc8be68fcfa88\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.5-3etch2_alpha.deb\n Size/MD5 checksum: 198642 ba98cfc37986de883561976a32e96e19\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.5-3etch2_alpha.deb\n Size/MD5 checksum: 113226 4ccbdbb8a1ff70512a60ca1c1a394370\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.5-3etch2_alpha.deb\n Size/MD5 checksum: 508944 1a2223c7d11221a91228ea04548b3a88\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.5-3etch2_alpha.deb\n Size/MD5 checksum: 780514 af4cc02475a9a4670f2e0c29f6644190\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.5-3etch2_alpha.deb\n Size/MD5 checksum: 254192 bf101006574e464d5ac73148bf7b2464\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.5-3etch2_alpha.deb\n Size/MD5 checksum: 102798 df059a3b6b2161f2c88a4a891bc062a7\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.5-3etch2_alpha.deb\n Size/MD5 checksum: 151170 b05cbe75e6057c3c87c2f377d708093d\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.5-3etch2_alpha.deb\n Size/MD5 checksum: 433084 48ba54c484be8cc8e4ae78af2e824043\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.5-3etch2_alpha.deb\n Size/MD5 checksum: 855280 96197c67ddb9fe3b329ee181d4f43987\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.5-3etch2_alpha.deb\n Size/MD5 checksum: 250342 5109640d8730836104b0e699f9a276f1\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.5-3etch2_alpha.deb\n Size/MD5 checksum: 2375878 8126c95e18d5eb5b42819a395a19bbdc\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.5-3etch2_alpha.deb\n Size/MD5 checksum: 322766 0dd17e7280e4940d1a6ea45d5b6cca32\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.5-3etch2_alpha.deb\n Size/MD5 checksum: 179374 9e1ff70e550a85d516261ebdac45197b\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.5-3etch2_alpha.deb\n Size/MD5 checksum: 67730 1b501ada82c83239f226a4ba20b0ab0e\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.5-3etch2_alpha.deb\n Size/MD5 checksum: 19152 e2e4434bfbd82dd966a3a4d617e685c8\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.5-3etch2_alpha.deb\n Size/MD5 checksum: 97172 521a9aaf5c1060dbb02972b44f305101\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.5-3etch2_alpha.deb\n Size/MD5 checksum: 152656 3d46f45e3e164d70cd08945267c62fc5\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.5-3etch2_alpha.deb\n Size/MD5 checksum: 118402 16fc647ff2e49b2c9a775635aadee1de\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.5-3etch2_alpha.deb\n Size/MD5 checksum: 34291890 48d843b4eb9a2d843b68d379ee2fa3dd\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.5-3etch2_alpha.deb\n Size/MD5 checksum: 546336 fd21127e99c5a3abd3a2acc0e538a961\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.5-3etch2_alpha.deb\n Size/MD5 checksum: 81888 9b95e51e26944dfa811c5f8f782e1bc0\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.5-3etch2_alpha.deb\n Size/MD5 checksum: 886258 e7e5177777b3dfd03e40bf1bb817424d\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.5-3etch2_alpha.deb\n Size/MD5 checksum: 1364480 1a784cbac69306042993e8c786efa032\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.5-3etch2_amd64.deb\n Size/MD5 checksum: 19154 4e373b6a528361deda45ad6068d1de54\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.5-3etch2_amd64.deb\n Size/MD5 checksum: 68538 3eb7e335c788697563c32e4d959af77e\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.5-3etch2_amd64.deb\n Size/MD5 checksum: 79770 f54280ea690ab1e35cbc5b3ccf30f4cb\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.5-3etch2_amd64.deb\n Size/MD5 checksum: 1100056 0e858f7a8f6492957f66861547f6cf68\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.5-3etch2_amd64.deb\n Size/MD5 checksum: 767724 badd0e88f4b112b3273cba68ec358361\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.5-3etch2_amd64.deb\n Size/MD5 checksum: 148958 b5f881cdb4adfa83c4ae74f052eb8519\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.5-3etch2_amd64.deb\n Size/MD5 checksum: 111140 b485bf240051fc40104a28bb7f86890e\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.5-3etch2_amd64.deb\n Size/MD5 checksum: 92996 797a54d50caf5f39f68c78f05b7723a9\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.5-3etch2_amd64.deb\n Size/MD5 checksum: 789850 10688e4103e73aed20837596ee027bf6\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.5-3etch2_amd64.deb\n Size/MD5 checksum: 829202 2cedf8792fc58acb1a0074532db1f174\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.5-3etch2_amd64.deb\n Size/MD5 checksum: 144220 dc575d1aba3facd663aedd5f588d87bc\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.5-3etch2_amd64.deb\n Size/MD5 checksum: 183802 c25b459af7480794afa73135ab0514e7\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.5-3etch2_amd64.deb\n Size/MD5 checksum: 176064 dd654e718cdbfd9e9fea84ec8c934656\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.5-3etch2_amd64.deb\n Size/MD5 checksum: 101450 6dfce9fd8cb4806787e60483eee51c6e\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.5-3etch2_amd64.deb\n Size/MD5 checksum: 423308 80e1d6a2d14e1adb005d449b45ae7005\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.5-3etch2_amd64.deb\n Size/MD5 checksum: 2289878 9e385753195f7dc0b6f2f4ddbacd7aa5\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.5-3etch2_amd64.deb\n Size/MD5 checksum: 539828 281182db3ca4822cff8d3b891e46824f\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.5-3etch2_amd64.deb\n Size/MD5 checksum: 239824 01b96434bfc624870cf7448d50ed8c2d\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.5-3etch2_amd64.deb\n Size/MD5 checksum: 242418 e730a06c8eccf8d0b52747deca834e76\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.5-3etch2_amd64.deb\n Size/MD5 checksum: 108720 ffde6c1d7f6c3868d8e868469c0187f1\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.5-3etch2_amd64.deb\n Size/MD5 checksum: 25817698 79286437d0db09cf3d05195e1e8fd775\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.5-3etch2_amd64.deb\n Size/MD5 checksum: 498302 d6ca80204f6af137337f5b39cce922cf\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.5-3etch2_amd64.deb\n Size/MD5 checksum: 292294 175b941e2a680c782c438890b84df475\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.5-3etch2_amd64.deb\n Size/MD5 checksum: 1220502 acce3b49eb95914f105614a8f35fb71c\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.5-3etch2_hppa.deb\n Size/MD5 checksum: 258142 ef3914675accf3bb424382fea785dfa3\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.5-3etch2_hppa.deb\n Size/MD5 checksum: 151544 bcecb378b6cf454ad40d2a1da6ef16c3\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.5-3etch2_hppa.deb\n Size/MD5 checksum: 860944 b0e3cd7045af561132f86523166d3826\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.5-3etch2_hppa.deb\n Size/MD5 checksum: 111212 525c8fb23481315a5ec5268b604e65e0\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.5-3etch2_hppa.deb\n Size/MD5 checksum: 1430126 d18438ea3b86edba2234efecc1f42eca\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.5-3etch2_hppa.deb\n Size/MD5 checksum: 254658 c41f6ad57007c01a35e46836dd287d94\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.5-3etch2_hppa.deb\n Size/MD5 checksum: 149568 e5b03182e27ead234de8d20223be2a51\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.5-3etch2_hppa.deb\n Size/MD5 checksum: 19160 1a1d3b4ffb6ecdf3f3c40030edc40b3a\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.5-3etch2_hppa.deb\n Size/MD5 checksum: 113992 c9959fe3319ea940694b9a7f5bf0f8b5\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.5-3etch2_hppa.deb\n Size/MD5 checksum: 319392 c8d13384cd39c5a4af63433e8b1d0b86\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.5-3etch2_hppa.deb\n Size/MD5 checksum: 26246082 9148df82311888dc827f16f6eb905d65\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.5-3etch2_hppa.deb\n Size/MD5 checksum: 446658 684fbd1910b25409c86121969f8ec031\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.5-3etch2_hppa.deb\n Size/MD5 checksum: 99578 41c471fd35f4a45f300d57dcf958cae2\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.5-3etch2_hppa.deb\n Size/MD5 checksum: 509038 825c67b46686210f73fe4a0dd0e51653\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.5-3etch2_hppa.deb\n Size/MD5 checksum: 83666 4791f64bcc6b1c269f285fb93b5a18e2\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.5-3etch2_hppa.deb\n Size/MD5 checksum: 189116 b1344be76f328efe134faedcd810f2aa\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.5-3etch2_hppa.deb\n Size/MD5 checksum: 176856 008be1acf34e749ef98d17cd3f2fa68d\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.5-3etch2_hppa.deb\n Size/MD5 checksum: 2452528 3392e5cd1341204348f6f55b7521961b\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.5-3etch2_hppa.deb\n Size/MD5 checksum: 66704 6b4a08714ab59df34af5c84e1d718f16\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.5-3etch2_hppa.deb\n Size/MD5 checksum: 97608 b5cb67ddb24316d8c33238de8a586a7e\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.5-3etch2_hppa.deb\n Size/MD5 checksum: 769042 767adb11e6359f0a9df8d43c27897998\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.5-3etch2_hppa.deb\n Size/MD5 checksum: 1137900 821c607db401416dec320da557b307e6\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.5-3etch2_hppa.deb\n Size/MD5 checksum: 890922 b0c6156492edc77aafbf354925b5b56d\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.5-3etch2_hppa.deb\n Size/MD5 checksum: 555392 598fc5d2881d2b383f3f48ac2fbd2a61\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.5-3etch2_i386.deb\n Size/MD5 checksum: 172986 854446e3829db7faf7f203ee7cd34af8\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.5-3etch2_i386.deb\n Size/MD5 checksum: 260296 3cbde054156fa174c4f82a9624277879\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.5-3etch2_i386.deb\n Size/MD5 checksum: 1221124 750986878171ff4bc882a9166a6d52e3\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.5-3etch2_i386.deb\n Size/MD5 checksum: 146026 61bb81c8f2cb66c30b09f8d240125fe0\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.5-3etch2_i386.deb\n Size/MD5 checksum: 89964 8ed4f2f9dd45f4c90628f04e85f31f07\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.5-3etch2_i386.deb\n Size/MD5 checksum: 234200 ceae62290d5829e5f79ea98c91283ede\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.5-3etch2_i386.deb\n Size/MD5 checksum: 1072918 1ed9dd0dfdfff1aefe2d789c75102049\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.5-3etch2_i386.deb\n Size/MD5 checksum: 99574 d7ac35c266c8762b5439dbe87e0aeaa1\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.5-3etch2_i386.deb\n Size/MD5 checksum: 108250 99d6057808b4cbd82e1dda9c5f153d34\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.5-3etch2_i386.deb\n Size/MD5 checksum: 785092 9d13f9150385687d72ac24cdb6e3e43b\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.5-3etch2_i386.deb\n Size/MD5 checksum: 492782 df60e4e9bc0b4c8bf7ad0c68f2bc9835\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.5-3etch2_i386.deb\n Size/MD5 checksum: 390016 598c6a4d1a0a61443d6f2aec20bdf295\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.5-3etch2_i386.deb\n Size/MD5 checksum: 743292 55d55b2d140a1f574b98e016dc27d11c\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.5-3etch2_i386.deb\n Size/MD5 checksum: 19158 eecd5c8d9f42b24963c4612f6c3a4dd6\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.5-3etch2_i386.deb\n Size/MD5 checksum: 2226710 bef47b8f650f75f297617ca4acd16d29\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.5-3etch2_i386.deb\n Size/MD5 checksum: 223362 aaacc5bd7f6bac99132ab06969c4d686\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.5-3etch2_i386.deb\n Size/MD5 checksum: 78224 5fda09da11136b8981cfa52f92dbdc1a\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.5-3etch2_i386.deb\n Size/MD5 checksum: 25356930 fe17bea6d0bdfb2910c74c16bc49d3c0\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.5-3etch2_i386.deb\n Size/MD5 checksum: 531012 38fe8b89c2ffc1f8cfb9b79dd3a3cbee\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.5-3etch2_i386.deb\n Size/MD5 checksum: 103498 e81b755feeacdd5abda85e441d1c5eb7\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.5-3etch2_i386.deb\n Size/MD5 checksum: 176690 b5f77e1e7de951d71e6dad86b79ffe8d\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.5-3etch2_i386.deb\n Size/MD5 checksum: 67022 975344f7f7f9c0c77d3982e1c90f0c5b\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.5-3etch2_i386.deb\n Size/MD5 checksum: 135112 c3e65f8b072fba1c9919e4613f19229c\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.5-3etch2_i386.deb\n Size/MD5 checksum: 757882 888af99e3ef8e4af5947ee45b1454869\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.5-3etch2_ia64.deb\n Size/MD5 checksum: 391066 64a915f516eac826fd32bd5fdf7aa77d\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.5-3etch2_ia64.deb\n Size/MD5 checksum: 2665960 57978672b190eed01ce3501fe837c21b\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.5-3etch2_ia64.deb\n Size/MD5 checksum: 99572 eb1f6eb739d776589ada2203be482784\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.5-3etch2_ia64.deb\n Size/MD5 checksum: 290504 f8d389be5433cecc83a2306431cac3c0\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.5-3etch2_ia64.deb\n Size/MD5 checksum: 1254718 7540dd87f548dcfe1c6ddb7a47d4a7da\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.5-3etch2_ia64.deb\n Size/MD5 checksum: 93194 72e2a8092f09d322f67e683916005154\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.5-3etch2_ia64.deb\n Size/MD5 checksum: 25335652 f913689482058625c12112bf31182160\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.5-3etch2_ia64.deb\n Size/MD5 checksum: 1119844 4facc1d231ab7c6e1543c8858fae833b\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.5-3etch2_ia64.deb\n Size/MD5 checksum: 533170 ce1acceaffa3d7bab1ad507bc26367e3\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.5-3etch2_ia64.deb\n Size/MD5 checksum: 128488 34e2c1a87ee69f7ca8d3bf5b7eb45941\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.5-3etch2_ia64.deb\n Size/MD5 checksum: 1471476 b9400a575d5357ea23f484ce1cab91c8\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.5-3etch2_ia64.deb\n Size/MD5 checksum: 486774 7eb3322b2d0a07a21663477f2d3d855f\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.5-3etch2_ia64.deb\n Size/MD5 checksum: 109766 f95ea224e95f1ca62c4cadaafeb03e52\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.5-3etch2_ia64.deb\n Size/MD5 checksum: 603028 1f974597e6be7f3baa211789c94576e2\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.5-3etch2_ia64.deb\n Size/MD5 checksum: 126086 a4a6eb182e7a6b0211c0255e84de6435\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.5-3etch2_ia64.deb\n Size/MD5 checksum: 810790 5736f132620ee6509b1c201682a3ad29\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.5-3etch2_ia64.deb\n Size/MD5 checksum: 187132 86c7237b712c9f99b5d711d292aa6775\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.5-3etch2_ia64.deb\n Size/MD5 checksum: 19154 ab9ed5ce41d283f02e01664bb4b6348d\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.5-3etch2_ia64.deb\n Size/MD5 checksum: 178500 691484ae6fd5499e857ac7b8b2f76576\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.5-3etch2_ia64.deb\n Size/MD5 checksum: 165462 acc3bf2d6ab306718b021dda9e442d7b\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.5-3etch2_ia64.deb\n Size/MD5 checksum: 220052 702f9e5ae5bceabb8ab31c0dcd86568b\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.5-3etch2_ia64.deb\n Size/MD5 checksum: 1057762 bb569225836aa0d71efde7059ed600fc\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.5-3etch2_ia64.deb\n Size/MD5 checksum: 289910 ce856b246e3b3f1d9d9cfe13646d7381\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.5-3etch2_ia64.deb\n Size/MD5 checksum: 72712 7cf62cdf972234d4d8714e75ff05f15a\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.5-3etch2_mips.deb\n Size/MD5 checksum: 85654 5dac07ec7b9d79a9af56f12cb5ea113d\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.5-3etch2_mips.deb\n Size/MD5 checksum: 517690 a00de3e429bc91364b83c015e3d0ede1\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.5-3etch2_mips.deb\n Size/MD5 checksum: 212806 187c5519daa01587f622d7836620c18c\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.5-3etch2_mips.deb\n Size/MD5 checksum: 106620 70be2cf245d0605dd1e58d9363f28dce\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.5-3etch2_mips.deb\n Size/MD5 checksum: 766820 b8ebce4b9cd4b248b305dffe4cb485f9\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.5-3etch2_mips.deb\n Size/MD5 checksum: 484736 990c37aa3d50a0d9b72b6dbc49bad058\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.5-3etch2_mips.deb\n Size/MD5 checksum: 261574 e625957a32765b0674433ce02dfb1071\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.5-3etch2_mips.deb\n Size/MD5 checksum: 19156 c9b4dc12190874deea9f58bcbcb74f58\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.5-3etch2_mips.deb\n Size/MD5 checksum: 2105116 53684d1614e345583d01ff322963d2be\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.5-3etch2_mips.deb\n Size/MD5 checksum: 224642 c98cc9aa60b93f6f9e0f2be2f20656dd\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.5-3etch2_mips.deb\n Size/MD5 checksum: 189028 a5425e1d726f7bea7ce17dc4f69cc3d6\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.5-3etch2_mips.deb\n Size/MD5 checksum: 148408 61d3e1cf948c9c76c0ef8c95d66d9cbc\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.5-3etch2_mips.deb\n Size/MD5 checksum: 111064 0a584281334b2a7306150efabf2259f9\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.5-3etch2_mips.deb\n Size/MD5 checksum: 393498 bb80483252fd2febffd424fe3e1a4017\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.5-3etch2_mips.deb\n Size/MD5 checksum: 64560 69e37558f95e5179a18d9ba79aa7e917\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.5-3etch2_mips.deb\n Size/MD5 checksum: 1130380 0700be8715d2a8d7e3f21687a482bd2d\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.5-3etch2_mips.deb\n Size/MD5 checksum: 74264 026d668e4d2157ce4725029c5f71efcf\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.5-3etch2_mips.deb\n Size/MD5 checksum: 127560 c6d6e3f6b42bb54416b8b554c82409eb\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.5-3etch2_mips.deb\n Size/MD5 checksum: 745374 50bd5a7623434796be644a9fbef5e85e\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.5-3etch2_mips.deb\n Size/MD5 checksum: 99568 db98df90b52da3b6a4a4f0554f71015e\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.5-3etch2_mips.deb\n Size/MD5 checksum: 176706 60572f17b15473cbfae4a4c1722660c1\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.5-3etch2_mips.deb\n Size/MD5 checksum: 26680548 f240a8d31d86c144cbb126cb3ba69618\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.5-3etch2_mips.deb\n Size/MD5 checksum: 1142692 4ac102c3af1fa8b5088ab7d546fa1d65\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.5-3etch2_mips.deb\n Size/MD5 checksum: 752612 45705e092d60742af739fb535f7d1360\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.5-3etch2_mipsel.deb\n Size/MD5 checksum: 765286 db9d274ba96affaa882a578cab5c477a\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.5-3etch2_mipsel.deb\n Size/MD5 checksum: 1124102 ccfcee0f78e2b14b962778ac6b36ddd3\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.5-3etch2_mipsel.deb\n Size/MD5 checksum: 125776 e3ea30f8965525957928d8c3ea5e23ba\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.5-3etch2_mipsel.deb\n Size/MD5 checksum: 391656 b5b861c00a12c92c9f4a8509db2daa42\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.5-3etch2_mipsel.deb\n Size/MD5 checksum: 211488 018da53796feafcd691290aa2a401674\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.5-3etch2_mipsel.deb\n Size/MD5 checksum: 742508 4994d5d4872000107bec6c29b78ee665\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.5-3etch2_mipsel.deb\n Size/MD5 checksum: 110814 1711ff902d2ec6810c8bec7741dd2419\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.5-3etch2_mipsel.deb\n Size/MD5 checksum: 19162 0ab073913abf12b9dc501dad3d45becf\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.5-3etch2_mipsel.deb\n Size/MD5 checksum: 2090968 4c22b180f8cad0fad3ac61b7b2853aba\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.5-3etch2_mipsel.deb\n Size/MD5 checksum: 261530 947df4d20a7d2f75eb2a65fa3496d4a9\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.5-3etch2_mipsel.deb\n Size/MD5 checksum: 1106526 ad81170fd1df69deb8d8a6840d9a8d8b\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.5-3etch2_mipsel.deb\n Size/MD5 checksum: 85370 a13db9a7ef38c37373a1c6f22b79bb87\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.5-3etch2_mipsel.deb\n Size/MD5 checksum: 25819802 e48f005fefadc426d4f53979b17a48d1\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.5-3etch2_mipsel.deb\n Size/MD5 checksum: 738790 3663319450e9e628f32f8dd8a7bf1e45\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.5-3etch2_mipsel.deb\n Size/MD5 checksum: 148036 2bae54e2cb5c465608ddf8285b0897af\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.5-3etch2_mipsel.deb\n Size/MD5 checksum: 99590 61d25c5e12a044e1b403b117f65ed02a\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.5-3etch2_mipsel.deb\n Size/MD5 checksum: 483110 d75ea6cf256707a1469e0a36db6ed941\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.5-3etch2_mipsel.deb\n Size/MD5 checksum: 64470 347c59c31b317d6b1d83dad46c79aaaf\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.5-3etch2_mipsel.deb\n Size/MD5 checksum: 176448 f060f8d55569778c810ff2ab19181ae7\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.5-3etch2_mipsel.deb\n Size/MD5 checksum: 516742 1745967e0435735b8fe43df1496075fa\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.5-3etch2_mipsel.deb\n Size/MD5 checksum: 74226 32a0238900efd89e4071a4ba9d8866da\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.5-3etch2_mipsel.deb\n Size/MD5 checksum: 222372 380487049eb855319e33abece640945a\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.5-3etch2_mipsel.deb\n Size/MD5 checksum: 106418 66bfff941a0a0a81091b28b10c4c925b\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.5-3etch2_mipsel.deb\n Size/MD5 checksum: 187962 868201d5ec8ad3c454521c1912b65dd0\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.5-3etch2_powerpc.deb\n Size/MD5 checksum: 65828 0c86c2ada1ec2b07c08c586965ab69db\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.5-3etch2_powerpc.deb\n Size/MD5 checksum: 19160 7fbadc51bf113eea46f77e87da6935f8\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.5-3etch2_powerpc.deb\n Size/MD5 checksum: 1061264 420437861bf1061c516de907ae691f04\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.5-3etch2_powerpc.deb\n Size/MD5 checksum: 754356 5f60e6e186d0b494d3c814eb17f89df8\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.5-3etch2_powerpc.deb\n Size/MD5 checksum: 421288 f7030203c7695cc7ec0a6229c39dfaee\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.5-3etch2_powerpc.deb\n Size/MD5 checksum: 89510 a7b185597c54ee1b17d73c71d62cc53e\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.5-3etch2_powerpc.deb\n Size/MD5 checksum: 302198 6658e89610ea7e7f0791097799f0233c\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.5-3etch2_powerpc.deb\n Size/MD5 checksum: 1226788 e1b4cb03d416d6a5b003f2455158a084\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.5-3etch2_powerpc.deb\n Size/MD5 checksum: 78264 5d61b7f0369da7ea1bf11872cb5f0513\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.5-3etch2_powerpc.deb\n Size/MD5 checksum: 103858 3688f3e44ffa1138c059899378446715\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.5-3etch2_powerpc.deb\n Size/MD5 checksum: 99582 112b942ba3a4c7508f667e212768b45d\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.5-3etch2_powerpc.deb\n Size/MD5 checksum: 26594038 b1e4245cf352bddc7d20cd784ed32919\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.5-3etch2_powerpc.deb\n Size/MD5 checksum: 492166 76377dc2f9882ab2c3572affe21f9dfc\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.5-3etch2_powerpc.deb\n Size/MD5 checksum: 763056 00116833bf3e6ac40c57fdf868e7d4d2\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.5-3etch2_powerpc.deb\n Size/MD5 checksum: 529872 57b88fff57976b3572551e7516077d40\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.5-3etch2_powerpc.deb\n Size/MD5 checksum: 2201688 06defbaf65109569005d92eee6d35b52\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.5-3etch2_powerpc.deb\n Size/MD5 checksum: 785958 904635b93e674c4b894d50c12b9d8844\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.5-3etch2_powerpc.deb\n Size/MD5 checksum: 171888 73b69a73e3f931a28490de0e9f753df6\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.5-3etch2_powerpc.deb\n Size/MD5 checksum: 145764 e8caa32cd9828a0c861cf77103bd37c3\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.5-3etch2_powerpc.deb\n Size/MD5 checksum: 230352 eced9fd7ce57aefacabcd9db8388071b\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.5-3etch2_powerpc.deb\n Size/MD5 checksum: 173582 94589ffc30cc3f5a7e99dc92d0e95670\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.5-3etch2_powerpc.deb\n Size/MD5 checksum: 133384 5fce940b9c886c87d16c2ee3a3196f2e\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.5-3etch2_powerpc.deb\n Size/MD5 checksum: 109542 7d7ec4c1c85c418346f9c3840bf97ca8\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.5-3etch2_powerpc.deb\n Size/MD5 checksum: 232408 348100cdb06231002f441e1e93c595e6\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dev_3.5.5-3etch2_s390.deb\n Size/MD5 checksum: 99564 ae01423fe1777b254cec1f3ef11d5898\n http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.5-3etch2_s390.deb\n Size/MD5 checksum: 765656 e038589f9bd5d00493302e286d799e0c\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-dbg_3.5.5-3etch2_s390.deb\n Size/MD5 checksum: 26249330 e7730c0ced6db912dc6d0fcdc8f4fc4d\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3.5.5-3etch2_s390.deb\n Size/MD5 checksum: 145114 8c9a8c369342abf509d2b519faf41223\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler_3.5.5-3etch2_s390.deb\n Size/MD5 checksum: 2249590 bca1c8bd9d99b1cce4956b9b5689a3f4\n http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3.5.5-3etch2_s390.deb\n Size/MD5 checksum: 181912 c8c78f8f6d049b6e1f3e83ebef3c370f\n http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5.5-3etch2_s390.deb\n Size/MD5 checksum: 66640 4b4c13f3233eef58deb1e95a94d0c50c\n http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-dev_3.5.5-3etch2_s390.deb\n Size/MD5 checksum: 19152 28bf46ae916ace2765113d28a8f7a387\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.5-3etch2_s390.deb\n Size/MD5 checksum: 149950 1c5594e1a2dcc44b6b3d18bbc2472021\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.5-3etch2_s390.deb\n Size/MD5 checksum: 538204 a01a436dedef2612fab44e75e6f1c5fe\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.5-3etch2_s390.deb\n Size/MD5 checksum: 1170976 1ac6bcbbf48ca71da39860c9b5031611\n http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.5-3etch2_s390.deb\n Size/MD5 checksum: 246172 2dfc441b17525aba356bb124e18fbce1\n http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_3.5.5-3etch2_s390.deb\n Size/MD5 checksum: 106790 2ab6f490380f24fb1747fb39d93feb58\n http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint_3.5.5-3etch2_s390.deb\n Size/MD5 checksum: 1098170 99446ab5ef794476d32b866ad1e69984\n http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics-kfile-plugins_3.5.5-3etch2_s390.deb\n Size/MD5 checksum: 275840 58e19740deb3c4276eb89eb3d4f9f7ca\n http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3.5.5-3etch2_s390.deb\n Size/MD5 checksum: 113072 42725157aaa11a1f4ca6dff97bcadc3a\n http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5.5-3etch2_s390.deb\n Size/MD5 checksum: 79002 87c1277e7e2de5e5de3a5479da166df7\n http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.5-3etch2_s390.deb\n Size/MD5 checksum: 798196 0c09b64e7506c5f9a367698cc9ba3407\n http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3.5.5-3etch2_s390.deb\n Size/MD5 checksum: 504504 b0a23a7a0fe517f338e3fb2bf8bb9372\n http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_3.5.5-3etch2_s390.deb\n Size/MD5 checksum: 248396 12dbc381c18caf5d2dacbdca67081e7d\n http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_3.5.5-3etch2_s390.deb\n Size/MD5 checksum: 858992 db7cf638d0225d0d5eadc0f88d3a71f2\n http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5.5-3etch2_s390.deb\n Size/MD5 checksum: 95946 5fa15a398792f24f27c51cdc0e751d3f\n http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3.5.5-3etch2_s390.deb\n Size/MD5 checksum: 176144 b1e645ef2a281d6ff9d626eb8d0405d1\n http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.5-3etch2_s390.deb\n Size/MD5 checksum: 421938 c4b41d0d9b2ef6f08d995f9eebbc93d5\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "edition": 3, "modified": "2007-11-21T00:00:00", "published": "2007-11-21T00:00:00", "id": "DEBIAN:DSA-1408-1:14841", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00187.html", "title": "[SECURITY] [DSA 1408-1] New kdegraphics packages fix arbitrary code execution", "type": "debian", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-11-11T13:11:28", "bulletinFamily": "unix", "cvelist": ["CVE-2007-5392", "CVE-2007-4352", "CVE-2007-5393"], "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1537-1 security@debian.org\nhttp://www.debian.org/security/ Devin Carraway\nApril 02, 2008 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : xpdf\nVulnerability : multiple\nProblem type : local (remote)\nDebian-specific: no\nCVE Id(s) : CVE-2007-4352 CVE-2007-5392 CVE-2007-5393\n\nAlin Rad Pop (Secunia) discovered a number of vulnerabilities in xpdf, a set\nof tools for display and conversion of Portable Document Format (PDF) files.\nThe Common Vulnerabilities and Exposures project identifies the following\nthree problems:\n\nCVE-2007-4352\n\n Inadequate DCT stream validation allows an attacker to corrupt\n memory and potentially execute arbitrary code by supplying a\n maliciously crafted PDF file.\n\nCVE-2007-5392\n\n An integer overflow vulnerability in DCT stream handling could\n allow an attacker to overflow a heap buffer, enabling the execution\n of arbitrary code.\n\nCVE-2007-5393\n\n A buffer overflow vulnerability in xpdf's CCITT image compression\n handlers allows overflow on the heap, allowing an attacker to\n execute arbitrary code by supplying a maliciously crafted\n CCITTFaxDecode filter.\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 3.01-9.1+etch2.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 3.02-1.3.\n\nWe recommend that you upgrade your xpdf packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nStable updates are available for amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.01-9.1+etch2.diff.gz\n Size/MD5 checksum: 38819 aab7a1116e3267fad270dda3c77d79ea\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.01-9.1+etch2.dsc\n Size/MD5 checksum: 974 e67bcc829b980bc91168137c5f7c8ff0\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.01.orig.tar.gz\n Size/MD5 checksum: 599778 e004c69c7dddef165d768b1362b44268\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-common_3.01-9.1+etch2_all.deb\n Size/MD5 checksum: 61314 e5390719b5e1ccf8d7693a62ec34acfd\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.01-9.1+etch2_all.deb\n Size/MD5 checksum: 1280 b45afbdf7fb24ada4e657dba2a8c8243\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch2_amd64.deb\n Size/MD5 checksum: 1456842 fb1b065bf8436387895bcd70327a531a\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch2_amd64.deb\n Size/MD5 checksum: 795110 e72df10c4736d9ea929118a7a70dfff3\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch2_arm.deb\n Size/MD5 checksum: 788592 8ae5bca1f64769399171301753168f16\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch2_arm.deb\n Size/MD5 checksum: 1432474 932ab72d7c80440db8cc315f5c8d15db\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch2_hppa.deb\n Size/MD5 checksum: 1742282 3da481ccb549c8f8b0e9ccc623c25483\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch2_hppa.deb\n Size/MD5 checksum: 949772 075197f762e662652adafef93707b52a\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch2_i386.deb\n Size/MD5 checksum: 783020 a6ddad14ae3173c88b753612060b2b07\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch2_i386.deb\n Size/MD5 checksum: 1426268 5e84d679b7123dfd002cea841d283979\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch2_ia64.deb\n Size/MD5 checksum: 1197338 43efabc7f076e9c9d9e0bfec5195ea9b\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch2_ia64.deb\n Size/MD5 checksum: 2168060 5472b44baa87bae8e1401ba27793f102\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch2_mips.deb\n Size/MD5 checksum: 1709020 48e6faeb10a55716dd7a0e1063d8a983\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch2_mips.deb\n Size/MD5 checksum: 944706 9ef45fa29e6b793ffd6ddb4300299d87\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch2_mipsel.deb\n Size/MD5 checksum: 932510 c737ff8bd1d841f6d35b3d4c89de7e43\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch2_mipsel.deb\n Size/MD5 checksum: 1688522 5f9636000a58a2e0935686aa33c51974\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch2_powerpc.deb\n Size/MD5 checksum: 1522230 ef3d27bfb0bd744eb87ade8a4f7d55a6\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch2_powerpc.deb\n Size/MD5 checksum: 834210 a0293d2c13cce4de9f483e678d344581\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch2_s390.deb\n Size/MD5 checksum: 1365510 df6cb0028e22f051dabf649f11b7987d\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch2_s390.deb\n Size/MD5 checksum: 753070 b4fffe635d26e9951bc772f4ee9e44a2\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.01-9.1+etch2_sparc.deb\n Size/MD5 checksum: 750702 b327ef2ff5e022b473b5d9865adcc27a\n http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.01-9.1+etch2_sparc.deb\n Size/MD5 checksum: 1364114 d1bab9a2a555a26090a22a1c533abd9f\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "edition": 3, "modified": "2008-04-02T21:25:35", "published": "2008-04-02T21:25:35", "id": "DEBIAN:DSA-1537-1:8A8BD", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2008/msg00107.html", "title": "[SECURITY] [DSA 1537-1] New xpdf packages fix multiple vulnerabilities", "type": "debian", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-11-11T13:30:13", "bulletinFamily": "unix", "cvelist": ["CVE-2007-5392", "CVE-2007-4352", "CVE-2007-5393"], "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1480-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nFebruary 05, 2008 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : poppler\nVulnerability : several\nProblem type : local(remote)\nDebian-specific: no\nCVE Id(s) : CVE-2007-4352 CVE-2007-5392 CVE-2007-5393\n\nAlin Rad Pop discovered several buffer overflows in the Poppler PDF\nlibrary, which could allow the execution of arbitrary code if a\nmalformed PDF file is opened.\n\nFor the stable distribution (etch), these problems have been fixed in\nversion 0.4.5-5.1etch2.\n\nThe old stable distribution (sarge) doesn't contain poppler.\n\nWe recommend that you upgrade your poppler packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian 4.0 (stable)\n- -------------------\n\nStable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/p/poppler/poppler_0.4.5-5.1etch2.diff.gz\n Size/MD5 checksum: 484246 62ac8891f912e0297dee3bc875497ef7\n http://security.debian.org/pool/updates/main/p/poppler/poppler_0.4.5-5.1etch2.dsc\n Size/MD5 checksum: 749 d12234813b844d590e151f454c7f26fb\n http://security.debian.org/pool/updates/main/p/poppler/poppler_0.4.5.orig.tar.gz\n Size/MD5 checksum: 783752 2bb1c75aa3f9c42f0ba48b5492e6d32c\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-qt_0.4.5-5.1etch2_alpha.deb\n Size/MD5 checksum: 30374 498fdc2dcafa1368c76f22a26243bd18\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-glib_0.4.5-5.1etch2_alpha.deb\n Size/MD5 checksum: 42932 5c37d6c62ed141bb1ea227e8ed4a02ac\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.4.5-5.1etch2_alpha.deb\n Size/MD5 checksum: 774474 25ee5518b1f66bdcab1276ae15104362\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.4.5-5.1etch2_alpha.deb\n Size/MD5 checksum: 33862 97c425d38d2a52013ecb777323fedcbf\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.4.5-5.1etch2_alpha.deb\n Size/MD5 checksum: 55184 6a8bc43d21cd7b053e4ff2e96039ecde\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2_0.4.5-5.1etch2_alpha.deb\n Size/MD5 checksum: 504400 1873e99c14b49a16a97fa1853840393c\n http://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.4.5-5.1etch2_alpha.deb\n Size/MD5 checksum: 86262 6e9bb738236eb858aa379a011722df5e\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2_0.4.5-5.1etch2_amd64.deb\n Size/MD5 checksum: 456402 b149225663d59f2a71f959c54dc9980a\n http://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.4.5-5.1etch2_amd64.deb\n Size/MD5 checksum: 83490 503a5244ca6778e8934001fcb775863a\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.4.5-5.1etch2_amd64.deb\n Size/MD5 checksum: 45932 a4f161401bfa3dd4179e1f06f26ea2fc\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.4.5-5.1etch2_amd64.deb\n Size/MD5 checksum: 30518 caea56a87a7f3cbe810912043198944c\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.4.5-5.1etch2_amd64.deb\n Size/MD5 checksum: 613524 9f60fe935bf1a0d39cb476306a1cd877\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-qt_0.4.5-5.1etch2_amd64.deb\n Size/MD5 checksum: 29574 765b2a6179f6de7bcd12577267f28bdc\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-glib_0.4.5-5.1etch2_amd64.deb\n Size/MD5 checksum: 41628 d321bfeef8b4b1646ba1232c2b289e31\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.4.5-5.1etch2_arm.deb\n Size/MD5 checksum: 30290 ca3b42b4698fd95047d9d01da07c19f0\n http://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.4.5-5.1etch2_arm.deb\n Size/MD5 checksum: 81660 b5ef96b6267053ef30530742cc7fc885\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-qt_0.4.5-5.1etch2_arm.deb\n Size/MD5 checksum: 29290 cb56448209be77de26a8ae8370ade5e7\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.4.5-5.1etch2_arm.deb\n Size/MD5 checksum: 594802 ee6c3e505eca8dc598dc5128418d24c3\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.4.5-5.1etch2_arm.deb\n Size/MD5 checksum: 44606 44101c76d6b8148c26ad3e85dd72fe66\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2_0.4.5-5.1etch2_arm.deb\n Size/MD5 checksum: 438018 eb2a802afd0da063c444c0cf2e4a1ed4\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-glib_0.4.5-5.1etch2_arm.deb\n Size/MD5 checksum: 40054 a1c854be81c453ed1208c7f4f9c2f5eb\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2_0.4.5-5.1etch2_i386.deb\n Size/MD5 checksum: 443352 016dd5a98a0eb335af593d1e51e081d5\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-qt_0.4.5-5.1etch2_i386.deb\n Size/MD5 checksum: 29378 8d28f47566c6ea599a9d008280d13129\n http://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.4.5-5.1etch2_i386.deb\n Size/MD5 checksum: 80798 8a05f82badaa6b3f69e86b5ec524b0fa\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.4.5-5.1etch2_i386.deb\n Size/MD5 checksum: 44140 e344517322685ec03e9368569b1040ee\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-glib_0.4.5-5.1etch2_i386.deb\n Size/MD5 checksum: 40610 3a31076ff600ff771e68180074b46a21\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.4.5-5.1etch2_i386.deb\n Size/MD5 checksum: 30134 194fbfb244f877cd07b00bc5564a0a30\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.4.5-5.1etch2_i386.deb\n Size/MD5 checksum: 573836 dda4a5aa4e8c0c931bb456daf3e7e38d\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.4.5-5.1etch2_ia64.deb\n Size/MD5 checksum: 105174 4d21ca486d0dfb96ab111110aea18184\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.4.5-5.1etch2_ia64.deb\n Size/MD5 checksum: 808710 fef48b747551e1f078e51a863db42d64\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-glib_0.4.5-5.1etch2_ia64.deb\n Size/MD5 checksum: 47680 6c2a9d463679be4d6738009e01d53229\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.4.5-5.1etch2_ia64.deb\n Size/MD5 checksum: 33654 afe0b327c8cde6490cf3982450286911\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.4.5-5.1etch2_ia64.deb\n Size/MD5 checksum: 54716 5aef6fdb1721fd392e7a5b694774fe3f\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-qt_0.4.5-5.1etch2_ia64.deb\n Size/MD5 checksum: 32070 d2981f21f801bd748cf0f429683de327\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2_0.4.5-5.1etch2_ia64.deb\n Size/MD5 checksum: 613062 ddfb7f3ee5899b15576dccf1f7730af5\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.4.5-5.1etch2_mips.deb\n Size/MD5 checksum: 31838 ee6109e671d1b520e4f0e139ce323d31\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.4.5-5.1etch2_mips.deb\n Size/MD5 checksum: 674630 ced70154cf0bf69de7e3f0682a26efe7\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-qt_0.4.5-5.1etch2_mips.deb\n Size/MD5 checksum: 29444 80577ad366a7ff024f6bbcfe28e9423e\n http://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.4.5-5.1etch2_mips.deb\n Size/MD5 checksum: 86570 95f59eddb01635867c47ebefdf53148f\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2_0.4.5-5.1etch2_mips.deb\n Size/MD5 checksum: 457738 adb74127e8b2f75c08dc4d1140cfcf53\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.4.5-5.1etch2_mips.deb\n Size/MD5 checksum: 50162 a9a20c39b24ffb935dd5c95e58225250\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-glib_0.4.5-5.1etch2_mips.deb\n Size/MD5 checksum: 41714 9eba45d7741fb6af5defe6cd13aa04b4\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.4.5-5.1etch2_mipsel.deb\n Size/MD5 checksum: 32068 8f0e573a5d16b9c38647fd35af827f51\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2_0.4.5-5.1etch2_mipsel.deb\n Size/MD5 checksum: 444286 1a9c45b8d5110116e7327379448cb5e5\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.4.5-5.1etch2_mipsel.deb\n Size/MD5 checksum: 49638 67f7ee08100eedef89ce6a10261e4cf3\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-qt_0.4.5-5.1etch2_mipsel.deb\n Size/MD5 checksum: 29716 d1695e641ec7f2025aed5f3b3092f432\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.4.5-5.1etch2_mipsel.deb\n Size/MD5 checksum: 664980 b521ee4bdbc3f5c063522e14c93a49fb\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-glib_0.4.5-5.1etch2_mipsel.deb\n Size/MD5 checksum: 41074 a4d66ed0588b10960fe40da8e2114aa9\n http://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.4.5-5.1etch2_mipsel.deb\n Size/MD5 checksum: 86512 25a6b4c4a4a6b1bd8217c5cd7c824554\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.4.5-5.1etch2_powerpc.deb\n Size/MD5 checksum: 89176 40cc1c0ddbcb14c1bd88620e4427f2ad\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-glib_0.4.5-5.1etch2_powerpc.deb\n Size/MD5 checksum: 43006 857e0d7a14ac3448d531a6e92badfaa7\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.4.5-5.1etch2_powerpc.deb\n Size/MD5 checksum: 651790 b85508f089275c45426271ab42af5852\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.4.5-5.1etch2_powerpc.deb\n Size/MD5 checksum: 31282 3b991e0a59044ad90bce84dab4a3c286\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.4.5-5.1etch2_powerpc.deb\n Size/MD5 checksum: 48000 0d4dcec8c85e63bf932cba1214e23e8a\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2_0.4.5-5.1etch2_powerpc.deb\n Size/MD5 checksum: 472200 5f73beffafb62d0c609a1065e162dbaa\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-qt_0.4.5-5.1etch2_powerpc.deb\n Size/MD5 checksum: 31310 689f8d2507230afdc69b2d967ce6dfc7\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-glib_0.4.5-5.1etch2_s390.deb\n Size/MD5 checksum: 41554 d03144f78dde41a7eb0c33ee63436429\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.4.5-5.1etch2_s390.deb\n Size/MD5 checksum: 621764 ac5f100d5a18b4088a00503ad7d27347\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.4.5-5.1etch2_s390.deb\n Size/MD5 checksum: 30430 9f8575a73fa04ca2920ed97d3d30960f\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.4.5-5.1etch2_s390.deb\n Size/MD5 checksum: 46690 219c0e56d1ae87c01d984ddce2f576b1\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-qt_0.4.5-5.1etch2_s390.deb\n Size/MD5 checksum: 29332 e34057f02956439dcd2c1643153a4320\n http://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.4.5-5.1etch2_s390.deb\n Size/MD5 checksum: 80556 9bf0f20909214d5433c8b6986bd86813\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2_0.4.5-5.1etch2_s390.deb\n Size/MD5 checksum: 453712 471ce86c951154e00d8e5c6e78170915\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2_0.4.5-5.1etch2_sparc.deb\n Size/MD5 checksum: 444208 7108e0818b726a16e46d0fa8c41b3b9b\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler-glib-dev_0.4.5-5.1etch2_sparc.deb\n Size/MD5 checksum: 44412 7773d4a704d458419c50e49eb6c2148f\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-qt_0.4.5-5.1etch2_sparc.deb\n Size/MD5 checksum: 29146 9a3e1df71ee09b5b55703673153232c5\n http://security.debian.org/pool/updates/main/p/poppler/poppler-utils_0.4.5-5.1etch2_sparc.deb\n Size/MD5 checksum: 78156 63a833e7ebdb56c067e69aa1a3988ed1\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler0c2-glib_0.4.5-5.1etch2_sparc.deb\n Size/MD5 checksum: 40312 040a74fe179460b0b175e29bc0de26a6\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler-dev_0.4.5-5.1etch2_sparc.deb\n Size/MD5 checksum: 583836 2e40b8be7ad912d86235bd6ff59aeb92\n http://security.debian.org/pool/updates/main/p/poppler/libpoppler-qt-dev_0.4.5-5.1etch2_sparc.deb\n Size/MD5 checksum: 30494 a17ba5f32a555022213133d909dc01aa\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "edition": 3, "modified": "2008-02-05T17:14:05", "published": "2008-02-05T17:14:05", "id": "DEBIAN:DSA-1480-1:FF106", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2008/msg00043.html", "title": "[SECURITY] [DSA 1480-1] New poppler packages fix several vulnerabilities", "type": "debian", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "seebug": [{"lastseen": "2017-11-19T21:55:24", "description": "Xpdf\u662f\u4e00\u6b3e\u5904\u7406PDF\u7684\u5e94\u7528\u7a0b\u5e8f\r\nXpdf\u5b58\u5728\u591a\u4e2a\u7f13\u51b2\u533a\u6ea2\u51fa\u95ee\u9898\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u6f0f\u6d1e\u4ee5\u5e94\u7528\u7a0b\u5e8f\u6743\u9650\u6267\u884c\u4efb\u610f\u6307\u4ee4\u3002\r\n1\uff09xpdf/Stream.cc\u6587\u4ef6\u4e2d\u7684"DCTStream::readProgressiveDataUnit()"\u65b9\u6cd5\u5b58\u5728\u6570\u7ec4\u7d22\u5f15\u9519\u8bef\uff0c\u901a\u8fc7\u7279\u6b8a\u6784\u5efa\u7684PDF\u6587\u4ef6\u53ef\u9020\u6210\u5185\u5b58\u7834\u574f\u3002\r\n2\uff09xpdf/Stream.cc\u6587\u4ef6\u4e2d\u7684"DCTStream::reset()"\u65b9\u6cd5\u5b58\u5728\u6574\u6570\u6ea2\u51fa\u9519\u8bef\uff0c\u53ef\u5bfc\u81f4\u57fa\u4e8e\u5806\u7684\u7f13\u51b2\u533a\u6ea2\u51fa\u3002\r\n3\uff09xpdf/Stream.cc\u4e2d\u7684"CCITTFaxStream::lookChar()"\u65b9\u6cd5\u5b58\u5728\u8fb9\u754c\u9519\u8bef\uff0c\u901a\u8fc7\u7279\u6b8a\u6784\u5efa\u7684"CCITTFaxDecode"\u8fc7\u6ee4\u5668\u53ef\u5bfc\u81f4\u89e6\u53d1\u57fa\u4e8e\u5806\u7684\u7f13\u51b2\u533a\u6ea2\u51fa\u3002\r\n\n\nXpdf Xpdf 3.02pl1\r\nteTeX teTeX 1.0.7 \r\n+ Conectiva Linux 8.0 \r\n+ Conectiva Linux 8.0 \r\n+ Conectiva Linux 7.0 \r\n+ Conectiva Linux 7.0 \r\n+ Conectiva Linux 6.0 \r\n+ Conectiva Linux 6.0 \r\n+ Debian Linux 3.0 sparc\r\n+ Debian Linux 3.0 sparc\r\n+ Debian Linux 3.0 s/390\r\n+ Debian Linux 3.0 s/390\r\n+ Debian Linux 3.0 ppc\r\n+ Debian Linux 3.0 ppc\r\n+ Debian Linux 3.0 mipsel\r\n+ Debian Linux 3.0 mipsel\r\n+ Debian Linux 3.0 mips\r\n+ Debian Linux 3.0 mips\r\n+ Debian Linux 3.0 m68k\r\n+ Debian Linux 3.0 m68k\r\n+ Debian Linux 3.0 ia-64\r\n+ Debian Linux 3.0 ia-64\r\n+ Debian Linux 3.0 ia-32\r\n+ Debian Linux 3.0 ia-32\r\n+ Debian Linux 3.0 hppa\r\n+ Debian Linux 3.0 hppa\r\n+ Debian Linux 3.0 arm\r\n+ Debian Linux 3.0 arm\r\n+ Debian Linux 3.0 alpha\r\n+ Debian Linux 3.0 alpha\r\n+ Debian Linux 3.0 \r\n+ Debian Linux 3.0 \r\n+ HP Secure OS software for Linux 1.0 \r\n+ HP Secure OS software for Linux 1.0 \r\n+ Immunix Immunix OS 7.0 beta\r\n+ Immunix Immunix OS 7.0 beta\r\n+ Immunix Immunix OS 7.0 \r\n+ Immunix Immunix OS 7.0 \r\n+ Immunix Immunix OS 6.2 \r\n+ Immunix Immunix OS 6.2 \r\n+ MandrakeSoft Corporate Server 1.0.1 \r\n+ MandrakeSoft Corporate Server 1.0.1 \r\n+ MandrakeSoft Linux Mandrake 9.0 \r\n+ MandrakeSoft Linux Mandrake 9.0 \r\n+ MandrakeSoft Linux Mandrake 8.2 ppc\r\n+ MandrakeSoft Linux Mandrake 8.2 ppc\r\n+ MandrakeSoft Linux Mandrake 8.2 \r\n+ MandrakeSoft Linux Mandrake 8.2 \r\n+ MandrakeSoft Linux Mandrake 8.1 ia64\r\n+ MandrakeSoft Linux Mandrake 8.1 ia64\r\n+ MandrakeSoft Linux Mandrake 8.1 \r\n+ MandrakeSoft Linux Mandrake 8.1 \r\n+ MandrakeSoft Linux Mandrake 8.0 ppc\r\n+ MandrakeSoft Linux Mandrake 8.0 ppc\r\n+ MandrakeSoft Linux Mandrake 8.0 \r\n+ MandrakeSoft Linux Mandrake 8.0 \r\n+ MandrakeSoft Linux Mandrake 7.2 \r\n+ MandrakeSoft Linux Mandrake 7.2 \r\n+ MandrakeSoft Linux Mandrake 7.1 \r\n+ MandrakeSoft Linux Mandrake 7.1 \r\n+ RedHat Desktop 3.0 \r\n+ RedHat Desktop 3.0 \r\n+ RedHat Enterprise Linux WS 3\r\n+ RedHat Enterprise Linux WS 3\r\n+ RedHat Enterprise Linux WS 2.1 IA64\r\n+ RedHat Enterprise Linux WS 2.1 IA64\r\n+ RedHat Enterprise Linux WS 2.1\r\n+ RedHat Enterprise Linux WS 2.1\r\n+ RedHat Enterprise Linux ES 3\r\n+ RedHat Enterprise Linux ES 3\r\n+ RedHat Enterprise Linux ES 2.1 IA64\r\n+ RedHat Enterprise Linux ES 2.1 IA64\r\n+ RedHat Enterprise Linux ES 2.1\r\n+ RedHat Enterprise Linux ES 2.1\r\n+ RedHat Enterprise Linux AS 3\r\n+ RedHat Enterprise Linux AS 3\r\n+ RedHat Enterprise Linux AS 2.1 IA64\r\n+ RedHat Enterprise Linux AS 2.1 IA64\r\n+ RedHat Enterprise Linux AS 2.1\r\n+ RedHat Enterprise Linux AS 2.1\r\n+ RedHat Linux 8.0 i386\r\n+ RedHat Linux 8.0 i386\r\n+ RedHat Linux 8.0 \r\n+ RedHat Linux 8.0 \r\n+ RedHat Linux 7.3 i386\r\n+ RedHat Linux 7.3 i386\r\n+ RedHat Linux 7.3 \r\n+ RedHat Linux 7.3 \r\n+ RedHat Linux 7.2 ia64\r\n+ RedHat Linux 7.2 ia64\r\n+ RedHat Linux 7.2 i386\r\n+ RedHat Linux 7.2 i386\r\n+ RedHat Linux 7.2 \r\n+ RedHat Linux 7.2 \r\n+ RedHat Linux 7.1 ia64\r\n+ RedHat Linux 7.1 ia64\r\n+ RedHat Linux 7.1 i386\r\n+ RedHat Linux 7.1 i386\r\n+ RedHat Linux 7.1 alpha\r\n+ RedHat Linux 7.1 alpha\r\n+ RedHat Linux 7.1 \r\n+ RedHat Linux 7.1 \r\n+ RedHat Linux 7.0 i386\r\n+ RedHat Linux 7.0 i386\r\n+ RedHat Linux 7.0 alpha\r\n+ RedHat Linux 7.0 alpha\r\n+ RedHat Linux 7.0 \r\n+ RedHat Linux 7.0 \r\n+ RedHat Linux Advanced Work Station 2.1 \r\n+ RedHat Linux Advanced Work Station 2.1 \r\nRedHat Enterprise Linux Desktop Workstation v. 5 client\r\nRedHat Enterprise Linux Desktop v.5 client\r\nRedHat Enterprise Linux WS 5\r\nRedHat Enterprise Linux WS 4\r\nRedHat Enterprise Linux WS 3\r\nRedHat Enterprise Linux WS 2.1 IA64\r\nRedHat Enterprise Linux WS 2.1\r\nRedHat Enterprise Linux v. 5 server\r\nRedHat Enterprise Linux ES 4\r\nRedHat Enterprise Linux ES 3\r\nRedHat Enterprise Linux ES 2.1 IA64\r\nRedHat Enterprise Linux ES 2.1\r\nRedHat Enterprise Linux AS 4\r\nRedHat Enterprise Linux AS 3\r\nRedHat Enterprise Linux AS 2.1 IA64\r\nRedHat Enterprise Linux AS 2.1\r\nRedHat Desktop 4.0 \r\nRedHat Desktop 3.0 \r\nRedHat Advanced Workstation for the Itanium Processor 2.1 IA64\r\nRedHat Advanced Workstation for the Itanium Processor 2.1 \r\nPoppler poppler 0.5.4 \r\nKDE KOffice 1.6.3 \r\nKDE KOffice 1.6.1 \r\nKDE KOffice 1.6 \r\nKDE KOffice 1.5.91 \r\nKDE KOffice 1.5.2 \r\nKDE KOffice 1.5 \r\nKDE KOffice 1.4.2 \r\nKDE KOffice 1.4.1 \r\nKDE KOffice 1.4 \r\nKDE KOffice 1.3.5 \r\nKDE KOffice 1.3.4 \r\nKDE KOffice 1.3.3 \r\n+ MandrakeSoft Linux Mandrake 10.1 x86_64\r\n+ MandrakeSoft Linux Mandrake 10.1 \r\nKDE KOffice 1.3.2 \r\nKDE KOffice 1.3.1 \r\nKDE KOffice 1.3 beta3\r\nKDE KOffice 1.3 beta2\r\nKDE KOffice 1.3 beta1\r\nKDE KOffice 1.3 \r\n+ MandrakeSoft Linux Mandrake 10.0 AMD64\r\n+ MandrakeSoft Linux Mandrake 10.0 \r\nKDE KOffice 1.2.92 \r\nKDE KOffice 1.2.1 \r\nKDE KOffice 1.2 \r\nKDE KDE 3.5.8 \r\nKDE KDE 3.5.7 \r\nKDE KDE 3.5.6 \r\nKDE KDE 3.5.5 \r\nKDE KDE 3.5.4 \r\nKDE KDE 3.5.3 \r\nKDE KDE 3.5.2 \r\nKDE KDE 3.5.1 \r\nKDE KDE 3.5 \r\nKDE KDE 3.4.3 \r\n- Gentoo Linux \r\nKDE KDE 3.4.2 \r\nKDE KDE 3.4.1 \r\n+ RedHat Fedora Core4\r\n+ RedHat Fedora Core4\r\nKDE KDE 3.4 \r\nKDE KDE 3.4 \r\nKDE KDE 3.3.2 \r\n+ Debian Linux 3.1 sparc\r\n+ Debian Linux 3.1 sparc\r\n+ Debian Linux 3.1 sparc\r\n+ Debian Linux 3.1 s/390\r\n+ Debian Linux 3.1 s/390\r\n+ Debian Linux 3.1 s/390\r\n+ Debian Linux 3.1 ppc\r\n+ Debian Linux 3.1 ppc\r\n+ Debian Linux 3.1 ppc\r\n+ Debian Linux 3.1 mipsel\r\n+ Debian Linux 3.1 mipsel\r\n+ Debian Linux 3.1 mipsel\r\n+ Debian Linux 3.1 mips\r\n+ Debian Linux 3.1 mips\r\n+ Debian Linux 3.1 mips\r\n+ Debian Linux 3.1 m68k\r\n+ Debian Linux 3.1 m68k\r\n+ Debian Linux 3.1 m68k\r\n+ Debian Linux 3.1 ia-64\r\n+ Debian Linux 3.1 ia-64\r\n+ Debian Linux 3.1 ia-64\r\n+ Debian Linux 3.1 ia-32\r\n+ Debian Linux 3.1 ia-32\r\n+ Debian Linux 3.1 ia-32\r\n+ Debian Linux 3.1 hppa\r\n+ Debian Linux 3.1 hppa\r\n+ Debian Linux 3.1 hppa\r\n+ Debian Linux 3.1 arm\r\n+ Debian Linux 3.1 arm\r\n+ Debian Linux 3.1 arm\r\n+ Debian Linux 3.1 amd64\r\n+ Debian Linux 3.1 amd64\r\n+ Debian Linux 3.1 amd64\r\n+ Debian Linux 3.1 alpha\r\n+ Debian Linux 3.1 alpha\r\n+ Debian Linux 3.1 alpha\r\n+ Debian Linux 3.1 \r\n+ Debian Linux 3.1 \r\n+ Debian Linux 3.1 \r\nKDE KDE 3.3.2 \r\nKDE KDE 3.3.1 \r\n+ RedHat Fedora Core3\r\n+ RedHat Fedora Core3\r\nKDE KDE 3.3 \r\nKDE KDE 3.2.3 \r\nKDE KDE 3.2.2 \r\n+ KDE KDE 3.2.2 \r\n+ RedHat Fedora Core2\r\nKDE KDE 3.2.1 \r\nKDE KDE 3.2 \r\nGNOME GPdf 2.8.3 \r\nGNOME GPdf 2.8.2 \r\n+ RedHat Fedora Core3\r\n+ RedHat Fedora Core2\r\nGNOME GPdf 2.8 \r\nEasy Software Products CUPS 1.1.17 \r\n+ RedHat Desktop 3.0 \r\n+ RedHat Enterprise Linux WS 3\r\n+ RedHat Enterprise Linux ES 3\r\n+ RedHat Enterprise Linux AS 3\r\n\n \u5382\u5546\u89e3\u51b3\u65b9\u6848\r\n\u8865\u4e01\u4e0b\u8f7d\uff1a\r\nXpdf Xpdf 3.02pl1\r\nXpdf xpdf-3.02pl2.patch\r\n<a href=\"ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl2.patch\" target=\"_blank\">ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl2.patch</a>\r\nKDE KOffice 1.6.3 \r\nKDE koffice-1.6.3-xpdf2-CVE-2007-4352-5392-5393.diff\r\n<a href=\"ftp://ftp.kde.org/pub/kde/security_patches/koffice-1.6.3-xpdf2-CVE-200\" target=\"_blank\">ftp://ftp.kde.org/pub/kde/security_patches/koffice-1.6.3-xpdf2-CVE-200</a> 7-4352-5392-5393.diff\r\nKDE KDE 3.5.5 \r\nKDE post-3.5.5-kdegraphics-CVE-2007-5393.diff\r\n<a href=\"ftp://ftp.kde.org/pub/kde/security_patches/post-3.5.5-kdegraphics-CVE-\" target=\"_blank\">ftp://ftp.kde.org/pub/kde/security_patches/post-3.5.5-kdegraphics-CVE-</a> 2007-5393.diff\r\nKDE KDE 3.5.6 \r\nKDE post-3.5.5-kdegraphics-CVE-2007-5393.diff\r\n<a href=\"ftp://ftp.kde.org/pub/kde/security_patches/post-3.5.5-kdegraphics-CVE-\" target=\"_blank\">ftp://ftp.kde.org/pub/kde/security_patches/post-3.5.5-kdegraphics-CVE-</a> 2007-5393.diff\r\nKDE KDE 3.5.7 \r\nKDE post-3.5.5-kdegraphics-CVE-2007-5393.diff\r\n<a href=\"ftp://ftp.kde.org/pub/kde/security_patches/post-3.5.5-kdegraphics-CVE-\" target=\"_blank\">ftp://ftp.kde.org/pub/kde/security_patches/post-3.5.5-kdegraphics-CVE-</a> 2007-5393.diff\r\nKDE KDE 3.5.8 \r\nKDE post-3.5.8-kdegraphics-kpdf.diff\r\n<a href=\"ftp://ftp.kde.org/pub/kde/security_patches/post-3.5.8-kdegraphics-kpdf.diff\" target=\"_blank\">ftp://ftp.kde.org/pub/kde/security_patches/post-3.5.8-kdegraphics-kpdf.diff</a>", "published": "2007-11-11T00:00:00", "type": "seebug", "title": "Xpdf\u591a\u4e2a\u8fdc\u7a0bStream.CC\u6f0f\u6d1e", "bulletinFamily": "exploit", "cvelist": ["CVE-2007-4352", "CVE-2007-5393"], "modified": "2007-11-11T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-2409", "id": "SSV:2409", "sourceData": "", "sourceHref": "", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:34:13", "bulletinFamily": "unix", "cvelist": ["CVE-2007-3387", "CVE-2007-5393"], "description": " [1.0.7-67.11]\n - xpdf buffer overflow in CCITTFaxStream::lookChar() CVE-2007-5393 (#356761)\n Resolves: #356761\n \n [1.0.7-67.10]\n - backport upstream fix for xpdf integer overflow CVE-2007-3387 (#248206)\n Resolves: #248206 ", "edition": 4, "modified": "2007-11-07T00:00:00", "published": "2007-11-07T00:00:00", "id": "ELSA-2007-1028", "href": "http://linux.oracle.com/errata/ELSA-2007-1028.html", "title": "Important: tetex security update ", "type": "oraclelinux", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:00", "bulletinFamily": "unix", "cvelist": ["CVE-2007-4351", "CVE-2007-4045", "CVE-2007-5393"], "description": " [1.1.17-13.3.46]\n - Applied patch to fix CVE-2007-4045 (bug #356541).\n - Applied patch to fix CVE-2007-4351 (STR #2561, bug #356541).\n - Applied patch to fix CVE-2007-5393 (bug #356541). ", "edition": 4, "modified": "2007-11-07T00:00:00", "published": "2007-11-07T00:00:00", "id": "ELSA-2007-1023", "href": "http://linux.oracle.com/errata/ELSA-2007-1023.html", "title": "Important: cups security update ", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:06", "bulletinFamily": "unix", "cvelist": ["CVE-2007-5392", "CVE-2007-4352", "CVE-2007-5393"], "description": " [3.00-14.el4]\n - Resolves: #356811, CVE-2007-4352 CVE-2007-5392 CVE-2007-5393 ", "edition": 4, "modified": "2007-11-07T00:00:00", "published": "2007-11-07T00:00:00", "id": "ELSA-2007-1029", "href": "http://linux.oracle.com/errata/ELSA-2007-1029.html", "title": "Important: xpdf security update ", "type": "oraclelinux", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:36:36", "bulletinFamily": "unix", "cvelist": ["CVE-2007-5392", "CVE-2007-4352", "CVE-2007-5393"], "description": " [2.3.27-8.1]\n Fixes for:\n - 345101 - CVE-2007-4352 xpdf memory corruption in DCTStream::readProgressiveDataUnit()\n - 345111 - CVE-2007-5392 xpdf buffer overflow in DCTStream::reset()\n - 345121 - CVE-2007-5393 xpdf buffer overflow in CCITTFaxStream::lookChar() ", "edition": 4, "modified": "2007-11-23T00:00:00", "published": "2007-11-23T00:00:00", "id": "ELSA-2007-1026", "href": "http://linux.oracle.com/errata/ELSA-2007-1026.html", "title": "Important: poppler security update ", "type": "oraclelinux", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "fedora": [{"lastseen": "2020-12-21T08:17:48", "bulletinFamily": "unix", "cvelist": ["CVE-2007-4352", "CVE-2007-5392", "CVE-2007-5393"], "description": "PIM (Personal Information Manager) applications, including: * akregator: feed aggregator * kmail: email client * knode: newsreader * knotes: sticky notes for the desktop * kontact: integrated PIM management * korganizer: journal, appointments, events, todos * kpilot: HotSync=C2=AE software for Palm OS=C2=AE devices ", "modified": "2007-11-13T00:05:02", "published": "2007-11-13T00:05:02", "id": "FEDORA:LAD057H3022394", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 7 Update: kdepim-3.5.8-5.svn20071013.ent.fc7", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:48", "bulletinFamily": "unix", "cvelist": ["CVE-2007-4352", "CVE-2007-5392", "CVE-2007-5393"], "description": "KOffice - Integrated Office Suite KOffice is a free, integrated office suite for KDE, the K Desktop Environme nt. ", "modified": "2007-11-09T23:50:51", "published": "2007-11-09T23:50:51", "id": "FEDORA:LA9NOK5S013218", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 8 Update: koffice-1.6.3-13.fc8", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:48", "bulletinFamily": "unix", "cvelist": ["CVE-2007-4352", "CVE-2007-5392", "CVE-2007-5393"], "description": "Educational/Edutainment applications, including: * blinken: Simon Says Game * kalzium: Periodic Table of Elements * kanagram: Letter Order Game * kbruch: Exercise Fractions * keduca: Tests and Exams * kgeography: Geography Trainer * khangman: Hangman Game * kig: Interactive Geometry * kiten: Japanese Reference/Study Tool * klatin: Latin Reviser * klettres: French alphabet tutor * kmplot: Mathematical Function Plotter * kpercentage: Excersie Percentages * kstars: Desktop Planetarium * ktouch: Touch Typing Tutor * kturtle: Logo Programming Environment * kverbos: Study Spanish Verbforms * kvoctrain: Vocabulary Trainer * kwordquiz: Vocabulary Trainer ", "modified": "2007-11-13T00:05:02", "published": "2007-11-13T00:05:02", "id": "FEDORA:LAD057H6022394", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 7 Update: kdeedu-3.5.8-2.fc7", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:48", "bulletinFamily": "unix", "cvelist": ["CVE-2007-4352", "CVE-2007-5392", "CVE-2007-5393"], "description": "Included with this package are: * kmag, a screen magnifier, * kmousetool, a program for people whom it hurts to click the mouse, * kmouth, program that allows people who have lost their voice to let their computer speak for them. ", "modified": "2007-11-13T00:05:02", "published": "2007-11-13T00:05:02", "id": "FEDORA:LAD057H2022394", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 7 Update: kdeaccessibility-3.5.8-2.fc7", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:48", "bulletinFamily": "unix", "cvelist": ["CVE-2007-4352", "CVE-2007-5392", "CVE-2007-5393"], "description": "Includes: * amor: Amusing Misuse Of Resources put's comic figures above your windows * eyesapplet: a kicker applet similar to XEyes * fifteenapplet: kicker applet, order 15 pieces in a 4x4 square by moving t hem * kmoon: system tray applet showing the moon phase * kodo: mouse movement meter * kteatime: system tray applet that makes sure your tea doesn't get too str ong * ktux: Tux-in-a-Spaceship screen saver * kweather: kicker applet that will display the current weather outside * kworldwatch: application and kicker applet showing daylight area on the w orld globe NOTE: kicker applets and screen savers require kdebase to be installed, and user to be logged-in to KDE. ", "modified": "2007-11-13T00:05:02", "published": "2007-11-13T00:05:02", "id": "FEDORA:LAD057UK022395", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 7 Update: kdetoys-3.5.8-1.fc7", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:48", "bulletinFamily": "unix", "cvelist": ["CVE-2007-4352", "CVE-2007-5392", "CVE-2007-5393"], "description": "A collection of applications and tools used by developers, including: * cervisia: a CVS frontend * kbabel: PO file management * kbugbuster: a tool to manage the KDE bug report system * kcachegrind: a browser for data produced by profiling tools (e.g. cachegr ind) * kompare: diff tool * kuiviewer: displays designer's UI files * umbrello: UML modeller and UML diagram tool ", "modified": "2007-11-13T00:05:02", "published": "2007-11-13T00:05:02", "id": "FEDORA:LAD057H5022394", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 7 Update: kdesdk-3.5.8-2.fc7", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:48", "bulletinFamily": "unix", "cvelist": ["CVE-2007-4352", "CVE-2007-5392", "CVE-2007-5393"], "description": "The KDevelop Integrated Development Environment provides many features that developers need as well as providing a unified interface to programs like gdb, the C/C++ compiler, and make. KDevelop manages or provides: All development tools needed for C++ programming like Compiler, Linker, automake and autoconf; KAppWizard, which generates complete, ready-to-go sample applications; Classgenerator, for creating new classes and integrating them into the current project; File management for sources, headers, documentation etc. to be included in the project; The creation of User-Handbooks written with SGML and the automatic generation of HTML-output with the KDE look and feel; Automatic HTML-based API-documentation for your project's classes with cross-references to the used libraries; Internationalization support for your application, allowing translators to easily add their target language to a project; KDevelop also includes WYSIWYG (What you see is what you get)-creation of user interfaces with a built-in dialog editor; Debugging your application by integrating KDbg; Editing of project-specific pixmaps with KIconEdit; The inclusion of any other program you need for development by adding it to the \"Tools\"-menu according to your individual needs. ", "modified": "2007-11-13T00:05:02", "published": "2007-11-13T00:05:02", "id": "FEDORA:LAD057UL022395", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 7 Update: kdevelop-3.5.0-4.fc7", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:48", "bulletinFamily": "unix", "cvelist": ["CVE-2007-4352", "CVE-2007-5392", "CVE-2007-5393"], "description": "Internationalization support for KDE ", "modified": "2007-11-13T00:05:02", "published": "2007-11-13T00:05:02", "id": "FEDORA:LAD057UG022395", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 7 Update: kde-i18n-3.5.8-1.fc7", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:48", "bulletinFamily": "unix", "cvelist": ["CVE-2007-4352", "CVE-2007-5392", "CVE-2007-5393"], "description": "A collection of KDE Addons/Plugins, including: * konq-plugins: akregator, babelfish, domtreeviewer, imagerotation, validat ors, webarchiver * kate (plugins) * kicker-applets: kbinaryclock, kolourpicker, ktimemon, mediacontrol * knewsticker-scripts ", "modified": "2007-11-13T00:05:02", "published": "2007-11-13T00:05:02", "id": "FEDORA:LAD057UN022395", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 7 Update: kdeaddons-3.5.8-2.fc7", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:48", "bulletinFamily": "unix", "cvelist": ["CVE-2007-4352", "CVE-2007-5392", "CVE-2007-5393"], "description": "The kdeadmin package includes administrative tools for the K Desktop Environment (KDE) including: kcron, kdat, knetworkconf, kpackage, ksysv, kuser. ", "modified": "2007-11-13T00:05:02", "published": "2007-11-13T00:05:02", "id": "FEDORA:LAD057UI022395", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 7 Update: kdeadmin-3.5.8-1.fc7", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2017-07-25T10:57:07", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5392", "CVE-2007-4352", "CVE-2007-5393"], "description": "Check for the Version of arts", "modified": "2017-07-10T00:00:00", "published": "2009-02-27T00:00:00", "id": "OPENVAS:861497", "href": "http://plugins.openvas.org/nasl.php?oid=861497", "type": "openvas", "title": "Fedora Update for arts FEDORA-2007-2985", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for arts FEDORA-2007-2985\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"arts (analog real-time synthesizer) is the sound system of KDE 3.\n\n The principle of arts is to create/process sound using small modules which do\n certain tasks. These may be create a waveform (oscillators), play samples,\n filter data, add signals, perform effects like delay/flanger/chorus, or\n output the data to the soundcard.\n \n By connecting all those small modules together, you can perform complex\n tasks like simulating a mixer, generating an instrument or things like\n playing a wave file with some effects.\";\n\ntag_affected = \"arts on Fedora 7\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00328.html\");\n script_id(861497);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 16:01:32 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2007-2985\");\n script_cve_id(\"CVE-2007-4352\", \"CVE-2007-5392\", \"CVE-2007-5393\");\n script_name( \"Fedora Update for arts FEDORA-2007-2985\");\n\n script_summary(\"Check for the Version of arts\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"arts\", rpm:\"arts~1.5.8~4.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"arts\", rpm:\"arts~1.5.8~4.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"arts-devel\", rpm:\"arts-devel~1.5.8~4.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"arts-debuginfo\", rpm:\"arts-debuginfo~1.5.8~4.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"arts-debuginfo\", rpm:\"arts-debuginfo~1.5.8~4.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"arts\", rpm:\"arts~1.5.8~4.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"arts-devel\", rpm:\"arts-devel~1.5.8~4.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:56:45", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5392", "CVE-2007-4352", "CVE-2007-5393"], "description": "Check for the Version of pdftohtml", "modified": "2017-07-06T00:00:00", "published": "2009-04-09T00:00:00", "id": "OPENVAS:830067", "href": "http://plugins.openvas.org/nasl.php?oid=830067", "type": "openvas", "title": "Mandriva Update for pdftohtml MDKSA-2007:223 (pdftohtml)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for pdftohtml MDKSA-2007:223 (pdftohtml)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Alin Rad Pop found several flaws in how PDF files are handled\n in pdftohtml. An attacker could create a malicious PDF file that\n would cause pdftohtml to crash or potentially execute arbitrary code\n when opened.\n\n The updated packages have been patched to correct this issue.\";\n\ntag_affected = \"pdftohtml on Mandriva Linux 2007.0,\n Mandriva Linux 2007.0/X86_64,\n Mandriva Linux 2007.1,\n Mandriva Linux 2007.1/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2007-11/msg00032.php\");\n script_id(830067);\n script_version(\"$Revision: 6568 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:04:21 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 14:00:25 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDKSA\", value: \"2007:223\");\n script_cve_id(\"CVE-2007-4352\", \"CVE-2007-5392\", \"CVE-2007-5393\");\n script_name( \"Mandriva Update for pdftohtml MDKSA-2007:223 (pdftohtml)\");\n\n script_summary(\"Check for the Version of pdftohtml\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2007.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"pdftohtml\", rpm:\"pdftohtml~0.39~1.2mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2007.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"pdftohtml\", rpm:\"pdftohtml~0.36~5.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:30:00", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5392", "CVE-2007-4352", "CVE-2007-5393"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-542-2", "modified": "2017-12-01T00:00:00", "published": "2009-03-23T00:00:00", "id": "OPENVAS:840109", "href": "http://plugins.openvas.org/nasl.php?oid=840109", "type": "openvas", "title": "Ubuntu Update for koffice vulnerabilities USN-542-2", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_542_2.nasl 7969 2017-12-01 09:23:16Z santu $\n#\n# Ubuntu Update for koffice vulnerabilities USN-542-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"USN-542-1 fixed a vulnerability in poppler. This update provides the\n corresponding updates for KWord, part of KOffice.\n\n Original advisory details:\n \n Secunia Research discovered several vulnerabilities in poppler. If a\n user were tricked into loading a specially crafted PDF file, a remote\n attacker could cause a denial of service or possibly execute arbitrary\n code with the user's privileges in applications linked against poppler.\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-542-2\";\ntag_affected = \"koffice vulnerabilities on Ubuntu 6.06 LTS ,\n Ubuntu 6.10 ,\n Ubuntu 7.04 ,\n Ubuntu 7.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-542-2/\");\n script_id(840109);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-23 10:59:50 +0100 (Mon, 23 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"542-2\");\n script_cve_id(\"CVE-2007-4352\", \"CVE-2007-5392\", \"CVE-2007-5393\");\n script_name( \"Ubuntu Update for koffice vulnerabilities USN-542-2\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU7.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"karbon\", ver:\"1.6.2-0ubuntu1.2\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kchart\", ver:\"1.6.2-0ubuntu1.2\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kexi\", ver:\"1.6.2-0ubuntu1.2\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kformula\", ver:\"1.6.2-0ubuntu1.2\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kivio\", ver:\"1.6.2-0ubuntu1.2\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"koffice-dbg\", ver:\"1.6.2-0ubuntu1.2\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"koffice-dev\", ver:\"1.6.2-0ubuntu1.2\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"koffice-libs\", ver:\"1.6.2-0ubuntu1.2\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"koshell\", ver:\"1.6.2-0ubuntu1.2\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kplato\", ver:\"1.6.2-0ubuntu1.2\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kpresenter\", ver:\"1.6.2-0ubuntu1.2\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"krita\", ver:\"1.6.2-0ubuntu1.2\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kspread\", ver:\"1.6.2-0ubuntu1.2\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kthesaurus\", ver:\"1.6.2-0ubuntu1.2\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kugar\", ver:\"1.6.2-0ubuntu1.2\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kword\", ver:\"1.6.2-0ubuntu1.2\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kivio-data\", ver:\"1.6.2-0ubuntu1.2\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"koffice-data\", ver:\"1.6.2-0ubuntu1.2\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"koffice-doc-html\", ver:\"1.6.2-0ubuntu1.2\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"koffice-doc\", ver:\"1.6.2-0ubuntu1.2\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"koffice\", ver:\"1.6.2-0ubuntu1.2\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kpresenter-data\", ver:\"1.6.2-0ubuntu1.2\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"krita-data\", ver:\"1.6.2-0ubuntu1.2\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kword-data\", ver:\"1.6.2-0ubuntu1.2\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"karbon\", ver:\"1.5.0-0ubuntu9.3\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kchart\", ver:\"1.5.0-0ubuntu9.3\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kexi\", ver:\"1.5.0-0ubuntu9.3\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kformula\", ver:\"1.5.0-0ubuntu9.3\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kivio\", ver:\"1.5.0-0ubuntu9.3\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"koffice-dbg\", ver:\"1.5.0-0ubuntu9.3\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"koffice-dev\", ver:\"1.5.0-0ubuntu9.3\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"koffice-libs\", ver:\"1.5.0-0ubuntu9.3\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"koshell\", ver:\"1.5.0-0ubuntu9.3\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kpresenter\", ver:\"1.5.0-0ubuntu9.3\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"krita\", ver:\"1.5.0-0ubuntu9.3\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kspread\", ver:\"1.5.0-0ubuntu9.3\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kthesaurus\", ver:\"1.5.0-0ubuntu9.3\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kugar\", ver:\"1.5.0-0ubuntu9.3\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kword\", ver:\"1.5.0-0ubuntu9.3\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kplato\", ver:\"1.5.0-0ubuntu9.3\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kivio-data\", ver:\"1.5.0-0ubuntu9.3\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"koffice-data\", ver:\"1.5.0-0ubuntu9.3\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"koffice-doc-html\", ver:\"1.5.0-0ubuntu9.3\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"koffice-doc\", ver:\"1.5.0-0ubuntu9.3\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"koffice\", ver:\"1.5.0-0ubuntu9.3\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kpresenter-data\", ver:\"1.5.0-0ubuntu9.3\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"krita-data\", ver:\"1.5.0-0ubuntu9.3\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kword-data\", ver:\"1.5.0-0ubuntu9.3\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"karbon\", ver:\"1.5.2-0ubuntu2.3\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kchart\", ver:\"1.5.2-0ubuntu2.3\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kexi\", ver:\"1.5.2-0ubuntu2.3\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kformula\", ver:\"1.5.2-0ubuntu2.3\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kivio\", ver:\"1.5.2-0ubuntu2.3\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"koffice-dbg\", ver:\"1.5.2-0ubuntu2.3\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"koffice-dev\", ver:\"1.5.2-0ubuntu2.3\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"koffice-libs\", ver:\"1.5.2-0ubuntu2.3\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"koshell\", ver:\"1.5.2-0ubuntu2.3\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kpresenter\", ver:\"1.5.2-0ubuntu2.3\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"krita\", ver:\"1.5.2-0ubuntu2.3\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kspread\", ver:\"1.5.2-0ubuntu2.3\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kthesaurus\", ver:\"1.5.2-0ubuntu2.3\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kugar\", ver:\"1.5.2-0ubuntu2.3\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kword\", ver:\"1.5.2-0ubuntu2.3\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kplato\", ver:\"1.5.2-0ubuntu2.3\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kivio-data\", ver:\"1.5.2-0ubuntu2.3\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"koffice-data\", ver:\"1.5.2-0ubuntu2.3\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"koffice-doc-html\", ver:\"1.5.2-0ubuntu2.3\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"koffice-doc\", ver:\"1.5.2-0ubuntu2.3\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"koffice\", ver:\"1.5.2-0ubuntu2.3\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kpresenter-data\", ver:\"1.5.2-0ubuntu2.3\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"krita-data\", ver:\"1.5.2-0ubuntu2.3\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kword-data\", ver:\"1.5.2-0ubuntu2.3\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU7.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"karbon\", ver:\"1.6.3-0ubuntu5.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kchart\", ver:\"1.6.3-0ubuntu5.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kexi\", ver:\"1.6.3-0ubuntu5.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kformula\", ver:\"1.6.3-0ubuntu5.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kivio\", ver:\"1.6.3-0ubuntu5.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"koffice-dbg\", ver:\"1.6.3-0ubuntu5.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"koffice-dev\", ver:\"1.6.3-0ubuntu5.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"koffice-libs\", ver:\"1.6.3-0ubuntu5.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"koshell\", ver:\"1.6.3-0ubuntu5.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kplato\", ver:\"1.6.3-0ubuntu5.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kpresenter\", ver:\"1.6.3-0ubuntu5.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"krita\", ver:\"1.6.3-0ubuntu5.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kspread\", ver:\"1.6.3-0ubuntu5.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kthesaurus\", ver:\"1.6.3-0ubuntu5.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kugar\", ver:\"1.6.3-0ubuntu5.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kword\", ver:\"1.6.3-0ubuntu5.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kivio-data\", ver:\"1.6.3-0ubuntu5.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"koffice-data\", ver:\"1.6.3-0ubuntu5.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"koffice-doc-html\", ver:\"1.6.3-0ubuntu5.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"koffice-doc\", ver:\"1.6.3-0ubuntu5.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"koffice\", ver:\"1.6.3-0ubuntu5.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kpresenter-data\", ver:\"1.6.3-0ubuntu5.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"krita-data\", ver:\"1.6.3-0ubuntu5.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"kword-data\", ver:\"1.6.3-0ubuntu5.1\", rls:\"UBUNTU7.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:23", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5392", "CVE-2007-4352", "CVE-2007-5393"], "description": "Check for the Version of koffice", "modified": "2017-07-10T00:00:00", "published": "2009-02-27T00:00:00", "id": "OPENVAS:861217", "href": "http://plugins.openvas.org/nasl.php?oid=861217", "type": "openvas", "title": "Fedora Update for koffice FEDORA-2007-3093", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for koffice FEDORA-2007-3093\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"koffice on Fedora 8\";\ntag_insight = \"KOffice - Integrated Office Suite\n KOffice is a free, integrated office suite for KDE, the K Desktop Environment.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00236.html\");\n script_id(861217);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 16:23:18 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2007-3093\");\n script_cve_id(\"CVE-2007-4352\", \"CVE-2007-5392\", \"CVE-2007-5393\");\n script_name( \"Fedora Update for koffice FEDORA-2007-3093\");\n\n script_summary(\"Check for the Version of koffice\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"koffice\", rpm:\"koffice~1.6.3~13.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-krita\", rpm:\"koffice-krita~1.6.3~13.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kword\", rpm:\"koffice-kword~1.6.3~13.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-karbon\", rpm:\"koffice-karbon~1.6.3~13.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-devel\", rpm:\"koffice-devel~1.6.3~13.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kformula\", rpm:\"koffice-kformula~1.6.3~13.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kpresenter\", rpm:\"koffice-kpresenter~1.6.3~13.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kexi\", rpm:\"koffice-kexi~1.6.3~13.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-core\", rpm:\"koffice-core~1.6.3~13.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kugar\", rpm:\"koffice-kugar~1.6.3~13.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-libs\", rpm:\"koffice-libs~1.6.3~13.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-debuginfo\", rpm:\"koffice-debuginfo~1.6.3~13.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-suite\", rpm:\"koffice-suite~1.6.3~13.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kivio\", rpm:\"koffice-kivio~1.6.3~13.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kspread\", rpm:\"koffice-kspread~1.6.3~13.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kexi-driver-pgsql\", rpm:\"koffice-kexi-driver-pgsql~1.6.3~13.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kplato\", rpm:\"koffice-kplato~1.6.3~13.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kchart\", rpm:\"koffice-kchart~1.6.3~13.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kexi-driver-mysql\", rpm:\"koffice-kexi-driver-mysql~1.6.3~13.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-filters\", rpm:\"koffice-filters~1.6.3~13.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-devel\", rpm:\"koffice-devel~1.6.3~13.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-suite\", rpm:\"koffice-suite~1.6.3~13.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kspread\", rpm:\"koffice-kspread~1.6.3~13.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kchart\", rpm:\"koffice-kchart~1.6.3~13.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kexi-driver-mysql\", rpm:\"koffice-kexi-driver-mysql~1.6.3~13.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kpresenter\", rpm:\"koffice-kpresenter~1.6.3~13.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kugar\", rpm:\"koffice-kugar~1.6.3~13.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kexi-driver-pgsql\", rpm:\"koffice-kexi-driver-pgsql~1.6.3~13.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-libs\", rpm:\"koffice-libs~1.6.3~13.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kplato\", rpm:\"koffice-kplato~1.6.3~13.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kivio\", rpm:\"koffice-kivio~1.6.3~13.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kword\", rpm:\"koffice-kword~1.6.3~13.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kformula\", rpm:\"koffice-kformula~1.6.3~13.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kexi\", rpm:\"koffice-kexi~1.6.3~13.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-karbon\", rpm:\"koffice-karbon~1.6.3~13.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-debuginfo\", rpm:\"koffice-debuginfo~1.6.3~13.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-filters\", rpm:\"koffice-filters~1.6.3~13.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-core\", rpm:\"koffice-core~1.6.3~13.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-krita\", rpm:\"koffice-krita~1.6.3~13.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:57:03", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5392", "CVE-2007-4352", "CVE-2007-5393"], "description": "Check for the Version of kdetoys", "modified": "2017-07-10T00:00:00", "published": "2009-02-27T00:00:00", "id": "OPENVAS:861227", "href": "http://plugins.openvas.org/nasl.php?oid=861227", "type": "openvas", "title": "Fedora Update for kdetoys FEDORA-2007-2985", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kdetoys FEDORA-2007-2985\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Includes:\n * amor: Amusing Misuse Of Resources put's comic figures above your windows\n * eyesapplet: a kicker applet similar to XEyes\n * fifteenapplet: kicker applet, order 15 pieces in a 4x4 square by moving them\n * kmoon: system tray applet showing the moon phase\n * kodo: mouse movement meter\n * kteatime: system tray applet that makes sure your tea doesn't get too strong\n * ktux: Tux-in-a-Spaceship screen saver\n * kweather: kicker applet that will display the current weather outside\n * kworldwatch: application and kicker applet showing daylight area on the world\n globe\n\n NOTE: kicker applets and screen savers require kdebase to be installed,\n and user to be logged-in to KDE.\";\n\ntag_affected = \"kdetoys on Fedora 7\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00320.html\");\n script_id(861227);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 16:01:32 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2007-2985\");\n script_cve_id(\"CVE-2007-4352\", \"CVE-2007-5392\", \"CVE-2007-5393\");\n script_name( \"Fedora Update for kdetoys FEDORA-2007-2985\");\n\n script_summary(\"Check for the Version of kdetoys\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"kdetoys\", rpm:\"kdetoys~3.5.8~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kdetoys\", rpm:\"kdetoys~3.5.8~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kdetoys-debuginfo\", rpm:\"kdetoys-debuginfo~3.5.8~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kdetoys\", rpm:\"kdetoys~3.5.8~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kdetoys-debuginfo\", rpm:\"kdetoys-debuginfo~3.5.8~1.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:38:07", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5392", "CVE-2007-4352", "CVE-2007-5393"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n kdegraphics3-pdf\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "modified": "2018-04-06T00:00:00", "published": "2009-10-13T00:00:00", "id": "OPENVAS:136141256231065999", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065999", "type": "openvas", "title": "SLES10: Security update for kdegraphics3-pdf", "sourceData": "#\n#VID slesp1-kdegraphics3-pdf-4682\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for kdegraphics3-pdf\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n kdegraphics3-pdf\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65999\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2007-4352\", \"CVE-2007-5392\", \"CVE-2007-5393\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES10: Security update for kdegraphics3-pdf\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kdegraphics3-pdf\", rpm:\"kdegraphics3-pdf~3.5.1~23.20\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:57:10", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5392", "CVE-2007-4352", "CVE-2007-5393"], "description": "Check for the Version of kdeedu", "modified": "2017-07-10T00:00:00", "published": "2009-02-27T00:00:00", "id": "OPENVAS:861503", "href": "http://plugins.openvas.org/nasl.php?oid=861503", "type": "openvas", "title": "Fedora Update for kdeedu FEDORA-2007-2985", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kdeedu FEDORA-2007-2985\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"kdeedu on Fedora 7\";\ntag_insight = \"Educational/Edutainment applications, including:\n * blinken: Simon Says Game\n * kalzium: Periodic Table of Elements\n * kanagram: Letter Order Game\n * kbruch: Exercise Fractions\n * keduca: Tests and Exams\n * kgeography: Geography Trainer\n * khangman: Hangman Game\n * kig: Interactive Geometry\n * kiten: Japanese Reference/Study Tool\n * klatin: Latin Reviser\n * klettres: French alphabet tutor\n * kmplot: Mathematical Function Plotter\n * kpercentage: Excersie Percentages\n * kstars: Desktop Planetarium\n * ktouch: Touch Typing Tutor\n * kturtle: Logo Programming Environment\n * kverbos: Study Spanish Verbforms\n * kvoctrain: Vocabulary Trainer\n * kwordquiz: Vocabulary Trainer\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00324.html\");\n script_id(861503);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 16:01:32 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2007-2985\");\n script_cve_id(\"CVE-2007-4352\", \"CVE-2007-5392\", \"CVE-2007-5393\");\n script_name( \"Fedora Update for kdeedu FEDORA-2007-2985\");\n\n script_summary(\"Check for the Version of kdeedu\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"kdeedu\", rpm:\"kdeedu~3.5.8~2.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kdeedu\", rpm:\"kdeedu~3.5.8~2.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kdeedu-debuginfo\", rpm:\"kdeedu-debuginfo~3.5.8~2.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kdeedu-devel\", rpm:\"kdeedu-devel~3.5.8~2.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kdeedu-devel\", rpm:\"kdeedu-devel~3.5.8~2.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kdeedu\", rpm:\"kdeedu~3.5.8~2.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kdeedu-debuginfo\", rpm:\"kdeedu-debuginfo~3.5.8~2.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:55:58", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5392", "CVE-2007-4352", "CVE-2007-5393"], "description": "Check for the Version of kdegames", "modified": "2017-07-10T00:00:00", "published": "2009-02-27T00:00:00", "id": "OPENVAS:861190", "href": "http://plugins.openvas.org/nasl.php?oid=861190", "type": "openvas", "title": "Fedora Update for kdegames FEDORA-2007-2985", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kdegames FEDORA-2007-2985\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"kdegames on Fedora 7\";\ntag_insight = \"Games and gaming libraries for the K Desktop Environment.\n Included with this package are: kenolaba, kasteroids, kblackbox, kmahjongg,\n kmines, konquest, kpat, kpoker, kreversi, ksame, kshisen, ksmiletris,\n ksnake, ksirtet, katomic, kjumpingcube, ktuberling.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00316.html\");\n script_id(861190);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 16:01:32 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2007-2985\");\n script_cve_id(\"CVE-2007-4352\", \"CVE-2007-5392\", \"CVE-2007-5393\");\n script_name( \"Fedora Update for kdegames FEDORA-2007-2985\");\n\n script_summary(\"Check for the Version of kdegames\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"kdegames\", rpm:\"kdegames~3.5.8~3.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kdegames-debuginfo\", rpm:\"kdegames-debuginfo~3.5.8~3.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kdegames-devel\", rpm:\"kdegames-devel~3.5.8~3.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kdegames\", rpm:\"kdegames~3.5.8~3.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kdegames-debuginfo\", rpm:\"kdegames-debuginfo~3.5.8~3.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kdegames-devel\", rpm:\"kdegames-devel~3.5.8~3.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kdegames\", rpm:\"kdegames~3.5.8~3.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:55:30", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5392", "CVE-2007-4352", "CVE-2007-5393"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n kdegraphics3-pdf\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/", "modified": "2017-07-11T00:00:00", "published": "2009-10-13T00:00:00", "id": "OPENVAS:65999", "href": "http://plugins.openvas.org/nasl.php?oid=65999", "type": "openvas", "title": "SLES10: Security update for kdegraphics3-pdf", "sourceData": "#\n#VID slesp1-kdegraphics3-pdf-4682\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for kdegraphics3-pdf\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n kdegraphics3-pdf\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 10 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_id(65999);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2007-4352\", \"CVE-2007-5392\", \"CVE-2007-5393\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES10: Security update for kdegraphics3-pdf\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"kdegraphics3-pdf\", rpm:\"kdegraphics3-pdf~3.5.1~23.20\", rls:\"SLES10.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:50:24", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-5392", "CVE-2007-4352", "CVE-2007-5393"], "description": "The remote host is missing an update to koffice\nannounced via advisory DSA 1509-1.", "modified": "2017-07-07T00:00:00", "published": "2008-02-28T00:00:00", "id": "OPENVAS:60443", "href": "http://plugins.openvas.org/nasl.php?oid=60443", "type": "openvas", "title": "Debian Security Advisory DSA 1509-1 (koffice)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1509_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1509-1 (koffice)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several vulnerabilities have been discovered in xpdf code that is\nembedded in koffice, an integrated office suite for KDE. These flaws\ncould allow an attacker to execute arbitrary code by inducing the user\nto import a specially crafted PDF document.\n\nThe Common Vulnerabilities and Exposures project identifies the\nfollowing problems:\n\nCVE-2007-4352\n\nArray index error in the DCTStream::readProgressiveDataUnit method in\nxpdf/Stream.cc in Xpdf 3.02pl1, as used in poppler, teTeX, KDE, KOffice,\nCUPS, and other products, allows remote attackers to trigger memory\ncorruption and execute arbitrary code via a crafted PDF file.\n\nCVE-2007-5392\n\nInteger overflow in the DCTStream::reset method in xpdf/Stream.cc in\nXpdf 3.02p11 allows remote attackers to execute arbitrary code via a\ncrafted PDF file, resulting in a heap-based buffer overflow.\n\nCVE-2007-5393\n\nHeap-based buffer overflow in the CCITTFaxStream::lookChar method in\nxpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute\narbitrary code via a PDF file that contains a crafted CCITTFaxDecode\nfilter.\n\nFor the stable distribution (etch), these problems have been fixed in version\n1:1.6.1-2etch2.\n\nUpdates for the old stable distribution (sarge), will be made available\nas soon as possible.\n\nWe recommend that you upgrade your koffice package.\";\ntag_summary = \"The remote host is missing an update to koffice\nannounced via advisory DSA 1509-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201509-1\";\n\n\nif(description)\n{\n script_id(60443);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-02-28 02:09:28 +0100 (Thu, 28 Feb 2008)\");\n script_cve_id(\"CVE-2007-4352\", \"CVE-2007-5392\", \"CVE-2007-5393\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 1509-1 (koffice)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"koffice-data\", ver:\"1.6.1-2etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kword-data\", ver:\"1.6.1-2etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kivio-data\", ver:\"1.6.1-2etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"koffice-doc\", ver:\"1.6.1-2etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"koffice-doc-html\", ver:\"1.6.1-2etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"koffice\", ver:\"1.6.1-2etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kpresenter-data\", ver:\"1.6.1-2etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"krita-data\", ver:\"1.6.1-2etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"koffice-dbg\", ver:\"1.6.1-2etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kword\", ver:\"1.6.1-2etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kexi\", ver:\"1.6.1-2etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"koffice-dev\", ver:\"1.6.1-2etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"karbon\", ver:\"1.6.1-2etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"koshell\", ver:\"1.6.1-2etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kspread\", ver:\"1.6.1-2etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kivio\", ver:\"1.6.1-2etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kplato\", ver:\"1.6.1-2etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kugar\", ver:\"1.6.1-2etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kchart\", ver:\"1.6.1-2etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"krita\", ver:\"1.6.1-2etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kpresenter\", ver:\"1.6.1-2etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kthesaurus\", ver:\"1.6.1-2etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"koffice-libs\", ver:\"1.6.1-2etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"kformula\", ver:\"1.6.1-2etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "suse": [{"lastseen": "2016-09-04T11:18:00", "bulletinFamily": "unix", "cvelist": ["CVE-2007-5392", "CVE-2007-4352", "CVE-2007-5393"], "description": "Secunia Research reported three security bugs in xpdf. The first problem occurs while indexing an array in DCTStream:: readProgressiveDataUnit() and is tracked by CVE-2007-4352. Another method in the same class named reset() is vulnerable to an integer overflow which leads to an overflow on the heap, CVE-2007-5392. The last bug also causes an overflow on the heap but this time in method lookChar() of class CCITTFaxStream, CVE-2007-5393. All three bugs can be exploited remotely with a crafted PDF file with user- assistance only. These bugs do not only affect xpdf but also the following packages: kdegraphics3-pdf, koffice, libextractor, poppler, gpdf, cups, pdf, pdftohtml\n#### Solution\nThere is no work-around kown.", "edition": 1, "modified": "2007-11-14T16:50:40", "published": "2007-11-14T16:50:40", "id": "SUSE-SA:2007:060", "href": "http://lists.opensuse.org/opensuse-security-announce/2007-11/msg00001.html", "title": "remote code execution in xpdf, kdegraphics3-pdf, koffice, libextractor,", "type": "suse", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "freebsd": [{"lastseen": "2019-05-29T18:34:30", "bulletinFamily": "unix", "cvelist": ["CVE-2007-5392", "CVE-2007-4352", "CVE-2007-5393"], "description": "\nSecunia Research reports:\n\nSecunia Research has discovered some vulnerabilities in Xpdf,\n\t which can be exploited by malicious people to compromise a user's\n\t system.\n\nAn array indexing error within the\n\t \"DCTStream::readProgressiveDataUnit()\" method in xpdf/Stream.cc\n\t can be exploited to corrupt memory via a specially crafted PDF\n\t file.\nAn integer overflow error within the \"DCTStream::reset()\"\n\t method in xpdf/Stream.cc can be exploited to cause a heap-based\n\t buffer overflow via a specially crafted PDF file.\nA boundary error within the \"CCITTFaxStream::lookChar()\" method\n\t in xpdf/Stream.cc can be exploited to cause a heap-based buffer\n\t overflow by tricking a user into opening a PDF file containing a\n\t specially crafted \"CCITTFaxDecode\" filter.\n\nSuccessful exploitation may allow execution of arbitrary code.\n\n", "edition": 4, "modified": "2007-11-14T00:00:00", "published": "2007-11-07T00:00:00", "id": "2747FC39-915B-11DC-9239-001C2514716C", "href": "https://vuxml.freebsd.org/freebsd/2747fc39-915b-11dc-9239-001c2514716c.html", "title": "xpdf -- multiple remote Stream.CC vulnerabilities", "type": "freebsd", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "ubuntu": [{"lastseen": "2020-07-08T23:39:36", "bulletinFamily": "unix", "cvelist": ["CVE-2007-5392", "CVE-2007-4352", "CVE-2007-5393"], "description": "USN-542-1 fixed a vulnerability in poppler. This update provides the \ncorresponding updates for KWord, part of KOffice.\n\nOriginal advisory details:\n\nSecunia Research discovered several vulnerabilities in poppler. If a \nuser were tricked into loading a specially crafted PDF file, a remote \nattacker could cause a denial of service or possibly execute arbitrary \ncode with the user's privileges in applications linked against poppler.", "edition": 5, "modified": "2007-11-15T00:00:00", "published": "2007-11-15T00:00:00", "id": "USN-542-2", "href": "https://ubuntu.com/security/notices/USN-542-2", "title": "KOffice vulnerabilities", "type": "ubuntu", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:24", "bulletinFamily": "software", "cvelist": ["CVE-2007-5392", "CVE-2007-4352", "CVE-2007-5393"], "description": "====================================================================== \r\n\r\n Secunia Research 07/11/2007\r\n\r\n - Xpdf "Stream.cc" Multiple Vulnerabilities -\r\n\r\n====================================================================== \r\nTable of Contents\r\n\r\nAffected Software....................................................1\r\nSeverity.............................................................2\r\nVendor's Description of Software.....................................3\r\nDescription of Vulnerability.........................................4\r\nSolution.............................................................5\r\nTime Table...........................................................6\r\nCredits..............................................................7\r\nReferences...........................................................8\r\nAbout Secunia........................................................9\r\nVerification........................................................10\r\n\r\n====================================================================== \r\n1) Affected Software \r\n\r\n* Xpdf 3.02 with xpdf-3.02pl1.patch.\r\n\r\nNOTE: Other versions may also be affected.\r\n\r\n====================================================================== \r\n2) Severity \r\n\r\nRating: Highly critical\r\nImpact: System access\r\nWhere: Remote\r\n\r\n====================================================================== \r\n3) Vendor's Description of Software \r\n\r\n"Xpdf is an open source viewer for Portable Document Format (PDF)\r\nfiles. (These are also sometimes also called 'Acrobat' files, from the\r\nname of Adobe's PDF software.) The Xpdf project also includes a PDF\r\ntext extractor, PDF-to-PostScript converter, and various other\r\nutilities.".\r\n\r\nProduct Link:\r\nhttp://www.foolabs.com/xpdf/\r\n\r\n====================================================================== \r\n4) Description of Vulnerabilities\r\n\r\nSecunia Research has discovered some vulnerabilities in Xpdf, which can\r\nbe exploited by malicious people to compromise a user's system.\r\n\r\n1) An array indexing error within the\r\n"DCTStream::readProgressiveDataUnit()" method in xpdf/Stream.cc can be\r\nexploited to corrupt memory via a specially crafted PDF file.\r\n\r\n2) An integer overflow error within the "DCTStream::reset()" method in\r\nxpdf/Stream.cc can be exploited to cause a heap-based buffer overflow\r\nvia a specially crafted PDF file.\r\n\r\n3) A boundary error within the "CCITTFaxStream::lookChar()" method in\r\nxpdf/Stream.cc can be exploited to cause a heap-based buffer overflow\r\nby tricking a user into opening a PDF file containing a specially\r\ncrafted "CCITTFaxDecode" filter.\r\n\r\nSuccessful exploitation may allow execution of arbitrary code.\r\n\r\n====================================================================== \r\n5) Solution \r\n\r\nDo not open untrusted PDF files.\r\n\r\nThe vendor is reportedly working on a patch.\r\n\r\n====================================================================== \r\n6) Time Table \r\n\r\n17/10/2007 - Vendor notified.\r\n22/10/2007 - vendor-sec notified.\r\n19/10/2007 - Vendor response.\r\n07/11/2007 - Public disclosure.\r\n\r\n====================================================================== \r\n7) Credits \r\n\r\nDiscovered by Alin Rad Pop, Secunia Research.\r\n\r\n====================================================================== \r\n8) References\r\n\r\nThe Common Vulnerabilities and Exposures (CVE) project has assigned the\r\nfollowing CVE identifiers:\r\n* CVE-2007-4352 ("DCTStream::readProgressiveDataUnit()")\r\n* CVE-2007-5392 ("DCTStream::reset()")\r\n* CVE-2007-5393 ("CCITTFaxStream::lookChar()")\r\n\r\n====================================================================== \r\n9) About Secunia\r\n\r\nSecunia offers vulnerability management solutions to corporate\r\ncustomers with verified and reliable vulnerability intelligence\r\nrelevant to their specific system configuration:\r\n\r\nhttp://corporate.secunia.com/\r\n\r\nSecunia also provides a publicly accessible and comprehensive advisory\r\ndatabase as a service to the security community and private \r\nindividuals, who are interested in or concerned about IT-security.\r\n\r\nhttp://secunia.com/\r\n\r\nSecunia believes that it is important to support the community and to\r\ndo active vulnerability research in order to aid improving the \r\nsecurity and reliability of software in general:\r\n\r\nhttp://corporate.secunia.com/secunia_research/33/\r\n\r\nSecunia regularly hires new skilled team members. Check the URL below\r\nto see currently vacant positions:\r\n\r\nhttp://secunia.com/secunia_vacancies/\r\n\r\nSecunia offers a FREE mailing list called Secunia Security Advisories:\r\n\r\nhttp://secunia.com/secunia_security_advisories/ \r\n\r\n====================================================================== \r\n10) Verification \r\n\r\nPlease verify this advisory by visiting the Secunia website:\r\nhttp://secunia.com/secunia_research/2007-88/\r\n\r\nComplete list of vulnerability reports published by Secunia Research:\r\nhttp://secunia.com/secunia_research/\r\n\r\n======================================================================", "edition": 1, "modified": "2007-11-08T00:00:00", "published": "2007-11-08T00:00:00", "id": "SECURITYVULNS:DOC:18373", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:18373", "title": "Secunia Research: Xpdf "Stream.cc" Multiple Vulnerabilities", "type": "securityvulns", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}