Lucene search
Copyright (C) 2009 Greenbone Networks GmbHOPENVAS:850099HistoryJan 28, 2009 - 12:00 a.m.
SuSE Update for xpdf, kdegraphics3-pdf, koffice, libextractor, SUSE-SA:2007:060
2009-01-2800:00:00
Copyright (C) 2009 Greenbone Networks GmbH
plugins.openvas.org
32
EPSS
0.3
Percentile
97.0%
Check for the Version of xpdf, kdegraphics3-pdf, koffice, libextractor,
###############################################################################
# OpenVAS Vulnerability Test
# $Id: gb_suse_2007_060.nasl 8050 2017-12-08 09:34:29Z santu $
#
# SuSE Update for xpdf, kdegraphics3-pdf, koffice, libextractor, SUSE-SA:2007:060
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
include("revisions-lib.inc");
tag_insight = "Secunia Research reported three security bugs in xpdf.
The first problem occurs while indexing an array in DCTStream::
readProgressiveDataUnit() and is tracked by CVE-2007-4352. Another method
in the same class named reset() is vulnerable to an integer overflow which
leads to an overflow on the heap, CVE-2007-5392. The last bug also causes
an overflow on the heap but this time in method lookChar() of class
CCITTFaxStream, CVE-2007-5393.
All three bugs can be exploited remotely with a crafted PDF file with user-
assistance only.
These bugs do not only affect xpdf but also the following packages:
kdegraphics3-pdf, koffice, libextractor, poppler, gpdf, cups, pdf, pdftohtml";
tag_impact = "remote code execution";
tag_affected = "xpdf, kdegraphics3-pdf, koffice, libextractor, on SUSE LINUX 10.1, openSUSE 10.2, openSUSE 10.3, SuSE Linux Enterprise Server 8, SUSE SLES 9, Novell Linux Desktop 9, Open Enterprise Server, Novell Linux POS 9, SUSE Linux Enterprise Desktop 10 SP1, SLE SDK 10 SP1, SUSE Linux Enterprise Server 10 SP1";
tag_solution = "Please Install the Updated Packages.";
if(description)
{
script_id(850099);
script_version("$Revision: 8050 $");
script_tag(name:"last_modification", value:"$Date: 2017-12-08 10:34:29 +0100 (Fri, 08 Dec 2017) $");
script_tag(name:"creation_date", value:"2009-01-28 13:40:10 +0100 (Wed, 28 Jan 2009)");
script_tag(name:"cvss_base", value:"9.3");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_xref(name: "SUSE-SA", value: "2007-060");
script_cve_id("CVE-2007-4352", "CVE-2007-5392", "CVE-2007-5393");
script_name( "SuSE Update for xpdf, kdegraphics3-pdf, koffice, libextractor, SUSE-SA:2007:060");
script_summary("Check for the Version of xpdf, kdegraphics3-pdf, koffice, libextractor,");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2009 Greenbone Networks GmbH");
script_family("SuSE Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/suse", "ssh/login/rpms");
script_tag(name : "impact" , value : tag_impact);
script_tag(name : "affected" , value : tag_affected);
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "insight" , value : tag_insight);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-rpm.inc");
release = get_kb_item("ssh/login/release");
res = "";
if(release == NULL){
exit(0);
}
if(release == "openSUSE10.3")
{
if ((res = isrpmvuln(pkg:"koffice", rpm:"koffice~1.6.3~51.3", rls:"openSUSE10.3")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"koffice-database", rpm:"koffice-database~1.6.3~51.3", rls:"openSUSE10.3")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"koffice-database-mysql", rpm:"koffice-database-mysql~1.6.3~51.3", rls:"openSUSE10.3")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"koffice-database-psql", rpm:"koffice-database-psql~1.6.3~51.3", rls:"openSUSE10.3")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"koffice-devel", rpm:"koffice-devel~1.6.3~51.3", rls:"openSUSE10.3")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"koffice-extra", rpm:"koffice-extra~1.6.3~51.3", rls:"openSUSE10.3")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"koffice-illustration", rpm:"koffice-illustration~1.6.3~51.3", rls:"openSUSE10.3")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"koffice-planning", rpm:"koffice-planning~1.6.3~51.3", rls:"openSUSE10.3")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"koffice-presentation", rpm:"koffice-presentation~1.6.3~51.3", rls:"openSUSE10.3")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"koffice-python", rpm:"koffice-python~1.6.3~51.3", rls:"openSUSE10.3")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"koffice-ruby", rpm:"koffice-ruby~1.6.3~51.3", rls:"openSUSE10.3")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"koffice-spreadsheet", rpm:"koffice-spreadsheet~1.6.3~51.3", rls:"openSUSE10.3")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"koffice-wordprocessing", rpm:"koffice-wordprocessing~1.6.3~51.3", rls:"openSUSE10.3")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups", rpm:"cups~1.2.12~22.4", rls:"openSUSE10.3")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-client", rpm:"cups-client~1.2.12~22.4", rls:"openSUSE10.3")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-devel", rpm:"cups-devel~1.2.12~22.4", rls:"openSUSE10.3")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-libs", rpm:"cups-libs~1.2.12~22.4", rls:"openSUSE10.3")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kdegraphics3-pdf", rpm:"kdegraphics3-pdf~3.5.7~60.3", rls:"openSUSE10.3")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"poppler", rpm:"poppler~0.5.4~101.2", rls:"openSUSE10.3")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"poppler-devel", rpm:"poppler-devel~0.5.4~101.2", rls:"openSUSE10.3")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"poppler-doc", rpm:"poppler-doc~0.5.4~101.2", rls:"openSUSE10.3")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"poppler-glib", rpm:"poppler-glib~0.5.4~101.2", rls:"openSUSE10.3")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"poppler-qt", rpm:"poppler-qt~0.5.4~101.2", rls:"openSUSE10.3")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"poppler-qt4", rpm:"poppler-qt4~0.5.4~101.2", rls:"openSUSE10.3")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"poppler-tools", rpm:"poppler-tools~0.5.4~101.2", rls:"openSUSE10.3")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"xpdf", rpm:"xpdf~3.02~19.2", rls:"openSUSE10.3")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"xpdf-tools", rpm:"xpdf-tools~3.02~19.2", rls:"openSUSE10.3")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-libs-32bit", rpm:"cups-libs-32bit~1.2.12~22.4", rls:"openSUSE10.3")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "openSUSE10.2")
{
if ((res = isrpmvuln(pkg:"cups", rpm:"cups~1.2.7~12.7", rls:"openSUSE10.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-client", rpm:"cups-client~1.2.7~12.7", rls:"openSUSE10.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-devel", rpm:"cups-devel~1.2.7~12.7", rls:"openSUSE10.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-libs", rpm:"cups-libs~1.2.7~12.7", rls:"openSUSE10.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"gpdf", rpm:"gpdf~2.10.0~82.4", rls:"openSUSE10.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"koffice", rpm:"koffice~1.6.0~0.5", rls:"openSUSE10.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"koffice-database", rpm:"koffice-database~1.6.0~0.5", rls:"openSUSE10.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"koffice-database-mysql", rpm:"koffice-database-mysql~1.6.0~0.5", rls:"openSUSE10.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"koffice-database-psql", rpm:"koffice-database-psql~1.6.0~0.5", rls:"openSUSE10.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"koffice-devel", rpm:"koffice-devel~1.6.0~0.5", rls:"openSUSE10.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"koffice-extra", rpm:"koffice-extra~1.6.0~0.5", rls:"openSUSE10.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"koffice-illustration", rpm:"koffice-illustration~1.6.0~0.5", rls:"openSUSE10.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"koffice-planning", rpm:"koffice-planning~1.6.0~0.5", rls:"openSUSE10.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"koffice-presentation", rpm:"koffice-presentation~1.6.0~0.5", rls:"openSUSE10.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"koffice-python", rpm:"koffice-python~1.6.0~0.5", rls:"openSUSE10.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"koffice-ruby", rpm:"koffice-ruby~1.6.0~0.5", rls:"openSUSE10.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"koffice-spreadsheet", rpm:"koffice-spreadsheet~1.6.0~0.5", rls:"openSUSE10.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"koffice-wordprocessing", rpm:"koffice-wordprocessing~1.6.0~0.5", rls:"openSUSE10.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"poppler", rpm:"poppler~0.5.4~33.5", rls:"openSUSE10.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"poppler-devel", rpm:"poppler-devel~0.5.4~33.5", rls:"openSUSE10.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"poppler-glib", rpm:"poppler-glib~0.5.4~33.5", rls:"openSUSE10.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"poppler-qt", rpm:"poppler-qt~0.5.4~33.5", rls:"openSUSE10.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"poppler-tools", rpm:"poppler-tools~0.5.4~33.5", rls:"openSUSE10.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kdegraphics3-pdf", rpm:"kdegraphics3-pdf~3.5.5~43.5", rls:"openSUSE10.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"xpdf", rpm:"xpdf~3.01~58.5", rls:"openSUSE10.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"xpdf-tools", rpm:"xpdf-tools~3.01~58.5", rls:"openSUSE10.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-libs-32bit", rpm:"cups-libs-32bit~1.2.7~12.7", rls:"openSUSE10.2")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "SLESSr8")
{
if ((res = isrpmvuln(pkg:"cups", rpm:"cups~1.1.20~108.44", rls:"SLESSr8")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-client", rpm:"cups-client~1.1.20~108.44", rls:"SLESSr8")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-devel", rpm:"cups-devel~1.1.20~108.44", rls:"SLESSr8")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-libs", rpm:"cups-libs~1.1.20~108.44", rls:"SLESSr8")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups", rpm:"cups~1.1.15~208", rls:"SLESSr8")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-client", rpm:"cups-client~1.1.15~208", rls:"SLESSr8")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-devel", rpm:"cups-devel~1.1.15~208", rls:"SLESSr8")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-libs", rpm:"cups-libs~1.1.15~208", rls:"SLESSr8")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups", rpm:"cups~1.1.23~40.32", rls:"SLESSr8")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-client", rpm:"cups-client~1.1.23~40.32", rls:"SLESSr8")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-devel", rpm:"cups-devel~1.1.23~40.32", rls:"SLESSr8")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-libs", rpm:"cups-libs~1.1.23~40.32", rls:"SLESSr8")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-libs-32bit", rpm:"cups-libs-32bit~1.1.23~40.32", rls:"SLESSr8")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "SLESDK10SP1")
{
if ((res = isrpmvuln(pkg:"xpdf", rpm:"xpdf~3.01~21.13", rls:"SLESDK10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"xpdf", rpm:"xpdf~3.00~64.46", rls:"SLESDK10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"xpdf-config", rpm:"xpdf-config~3.00~64.46", rls:"SLESDK10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"xpdf-tools", rpm:"xpdf-tools~3.01~21.13", rls:"SLESDK10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"poppler-devel", rpm:"poppler-devel~0.4.4~19.15", rls:"SLESDK10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"poppler", rpm:"poppler~0.4.4~19.15", rls:"SLESDK10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"poppler-glib", rpm:"poppler-glib~0.4.4~19.15", rls:"SLESDK10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"poppler-qt", rpm:"poppler-qt~0.4.4~19.15", rls:"SLESDK10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "OES")
{
if ((res = isrpmvuln(pkg:"cups", rpm:"cups~1.1.20~108.44", rls:"OES")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-client", rpm:"cups-client~1.1.20~108.44", rls:"OES")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-devel", rpm:"cups-devel~1.1.20~108.44", rls:"OES")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-libs", rpm:"cups-libs~1.1.20~108.44", rls:"OES")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups", rpm:"cups~1.1.15~208", rls:"OES")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-client", rpm:"cups-client~1.1.15~208", rls:"OES")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-devel", rpm:"cups-devel~1.1.15~208", rls:"OES")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-libs", rpm:"cups-libs~1.1.15~208", rls:"OES")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups", rpm:"cups~1.1.23~40.32", rls:"OES")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-client", rpm:"cups-client~1.1.23~40.32", rls:"OES")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-devel", rpm:"cups-devel~1.1.23~40.32", rls:"OES")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-libs", rpm:"cups-libs~1.1.23~40.32", rls:"OES")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-libs-32bit", rpm:"cups-libs-32bit~1.1.23~40.32", rls:"OES")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "SLES9")
{
if ((res = isrpmvuln(pkg:"cups", rpm:"cups~1.1.20~108.44", rls:"SLES9")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-client", rpm:"cups-client~1.1.20~108.44", rls:"SLES9")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-devel", rpm:"cups-devel~1.1.20~108.44", rls:"SLES9")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-libs", rpm:"cups-libs~1.1.20~108.44", rls:"SLES9")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups", rpm:"cups~1.1.15~208", rls:"SLES9")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-client", rpm:"cups-client~1.1.15~208", rls:"SLES9")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-devel", rpm:"cups-devel~1.1.15~208", rls:"SLES9")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-libs", rpm:"cups-libs~1.1.15~208", rls:"SLES9")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups", rpm:"cups~1.1.23~40.32", rls:"SLES9")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-client", rpm:"cups-client~1.1.23~40.32", rls:"SLES9")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-devel", rpm:"cups-devel~1.1.23~40.32", rls:"SLES9")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-libs", rpm:"cups-libs~1.1.23~40.32", rls:"SLES9")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-libs-32bit", rpm:"cups-libs-32bit~1.1.23~40.32", rls:"SLES9")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "LES10SP1")
{
if ((res = isrpmvuln(pkg:"kdegraphics3-pdf", rpm:"kdegraphics3-pdf~3.5.1~23.20", rls:"LES10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups", rpm:"cups~1.1.20~108.44", rls:"LES10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-client", rpm:"cups-client~1.1.20~108.44", rls:"LES10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-devel", rpm:"cups-devel~1.1.20~108.44", rls:"LES10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-libs", rpm:"cups-libs~1.1.20~108.44", rls:"LES10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups", rpm:"cups~1.1.15~208", rls:"LES10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-client", rpm:"cups-client~1.1.15~208", rls:"LES10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-devel", rpm:"cups-devel~1.1.15~208", rls:"LES10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-libs", rpm:"cups-libs~1.1.15~208", rls:"LES10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups", rpm:"cups~1.1.23~40.32", rls:"LES10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-client", rpm:"cups-client~1.1.23~40.32", rls:"LES10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-devel", rpm:"cups-devel~1.1.23~40.32", rls:"LES10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-libs", rpm:"cups-libs~1.1.23~40.32", rls:"LES10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-libs-32bit", rpm:"cups-libs-32bit~1.1.23~40.32", rls:"LES10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"xpdf", rpm:"xpdf~3.01~21.13", rls:"LES10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"xpdf", rpm:"xpdf~3.00~64.46", rls:"LES10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"xpdf-config", rpm:"xpdf-config~3.00~64.46", rls:"LES10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"xpdf-tools", rpm:"xpdf-tools~3.01~21.13", rls:"LES10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"poppler-devel", rpm:"poppler-devel~0.4.4~19.15", rls:"LES10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"poppler", rpm:"poppler~0.4.4~19.15", rls:"LES10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"poppler-glib", rpm:"poppler-glib~0.4.4~19.15", rls:"LES10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"poppler-qt", rpm:"poppler-qt~0.4.4~19.15", rls:"LES10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "NLDk9")
{
if ((res = isrpmvuln(pkg:"cups", rpm:"cups~1.1.20~108.44", rls:"NLDk9")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-client", rpm:"cups-client~1.1.20~108.44", rls:"NLDk9")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-devel", rpm:"cups-devel~1.1.20~108.44", rls:"NLDk9")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-libs", rpm:"cups-libs~1.1.20~108.44", rls:"NLDk9")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups", rpm:"cups~1.1.15~208", rls:"NLDk9")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-client", rpm:"cups-client~1.1.15~208", rls:"NLDk9")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-devel", rpm:"cups-devel~1.1.15~208", rls:"NLDk9")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-libs", rpm:"cups-libs~1.1.15~208", rls:"NLDk9")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups", rpm:"cups~1.1.23~40.32", rls:"NLDk9")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-client", rpm:"cups-client~1.1.23~40.32", rls:"NLDk9")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-devel", rpm:"cups-devel~1.1.23~40.32", rls:"NLDk9")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-libs", rpm:"cups-libs~1.1.23~40.32", rls:"NLDk9")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-libs-32bit", rpm:"cups-libs-32bit~1.1.23~40.32", rls:"NLDk9")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "SLESDk10SP1")
{
if ((res = isrpmvuln(pkg:"kdegraphics3-pdf", rpm:"kdegraphics3-pdf~3.5.1~23.20", rls:"SLESDk10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups", rpm:"cups~1.1.20~108.44", rls:"SLESDk10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-client", rpm:"cups-client~1.1.20~108.44", rls:"SLESDk10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-devel", rpm:"cups-devel~1.1.20~108.44", rls:"SLESDk10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-libs", rpm:"cups-libs~1.1.20~108.44", rls:"SLESDk10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups", rpm:"cups~1.1.15~208", rls:"SLESDk10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-client", rpm:"cups-client~1.1.15~208", rls:"SLESDk10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-devel", rpm:"cups-devel~1.1.15~208", rls:"SLESDk10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-libs", rpm:"cups-libs~1.1.15~208", rls:"SLESDk10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups", rpm:"cups~1.1.23~40.32", rls:"SLESDk10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-client", rpm:"cups-client~1.1.23~40.32", rls:"SLESDk10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-devel", rpm:"cups-devel~1.1.23~40.32", rls:"SLESDk10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-libs", rpm:"cups-libs~1.1.23~40.32", rls:"SLESDk10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-libs-32bit", rpm:"cups-libs-32bit~1.1.23~40.32", rls:"SLESDk10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"xpdf", rpm:"xpdf~3.01~21.13", rls:"SLESDk10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"xpdf", rpm:"xpdf~3.00~64.46", rls:"SLESDk10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"xpdf-config", rpm:"xpdf-config~3.00~64.46", rls:"SLESDk10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"xpdf-tools", rpm:"xpdf-tools~3.01~21.13", rls:"SLESDk10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"poppler-devel", rpm:"poppler-devel~0.4.4~19.15", rls:"SLESDk10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"poppler", rpm:"poppler~0.4.4~19.15", rls:"SLESDk10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"poppler-glib", rpm:"poppler-glib~0.4.4~19.15", rls:"SLESDk10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"poppler-qt", rpm:"poppler-qt~0.4.4~19.15", rls:"SLESDk10SP1")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "SL10.1")
{
if ((res = isrpmvuln(pkg:"cups", rpm:"cups~1.1.23~40.32", rls:"SL10.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-client", rpm:"cups-client~1.1.23~40.32", rls:"SL10.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-devel", rpm:"cups-devel~1.1.23~40.32", rls:"SL10.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-libs", rpm:"cups-libs~1.1.23~40.32", rls:"SL10.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"gpdf", rpm:"gpdf~2.10.0~40.5", rls:"SL10.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kdegraphics3-pdf", rpm:"kdegraphics3-pdf~3.5.1~23.20", rls:"SL10.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"koffice", rpm:"koffice~1.4.2~25.6", rls:"SL10.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"koffice-database", rpm:"koffice-database~1.4.2~25.6", rls:"SL10.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"koffice-devel", rpm:"koffice-devel~1.4.2~25.6", rls:"SL10.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"koffice-extra", rpm:"koffice-extra~1.4.2~25.6", rls:"SL10.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"koffice-illustration", rpm:"koffice-illustration~1.4.2~25.6", rls:"SL10.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"koffice-presentation", rpm:"koffice-presentation~1.4.2~25.6", rls:"SL10.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"koffice-spreadsheet", rpm:"koffice-spreadsheet~1.4.2~25.6", rls:"SL10.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"koffice-wordprocessing", rpm:"koffice-wordprocessing~1.4.2~25.6", rls:"SL10.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libextractor", rpm:"libextractor~0.5.10~12.8", rls:"SL10.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libextractor-devel", rpm:"libextractor-devel~0.5.10~12.8", rls:"SL10.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"pdftohtml", rpm:"pdftohtml~0.36~145.7", rls:"SL10.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"poppler", rpm:"poppler~0.4.4~19.15", rls:"SL10.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"poppler-devel", rpm:"poppler-devel~0.4.4~19.15", rls:"SL10.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"poppler-glib", rpm:"poppler-glib~0.4.4~19.15", rls:"SL10.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"poppler-qt", rpm:"poppler-qt~0.4.4~19.15", rls:"SL10.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"xpdf", rpm:"xpdf~3.01~21.13", rls:"SL10.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"xpdf-tools", rpm:"xpdf-tools~3.01~21.13", rls:"SL10.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "NLPOS9")
{
if ((res = isrpmvuln(pkg:"cups", rpm:"cups~1.1.20~108.44", rls:"NLPOS9")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-client", rpm:"cups-client~1.1.20~108.44", rls:"NLPOS9")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-devel", rpm:"cups-devel~1.1.20~108.44", rls:"NLPOS9")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-libs", rpm:"cups-libs~1.1.20~108.44", rls:"NLPOS9")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups", rpm:"cups~1.1.15~208", rls:"NLPOS9")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-client", rpm:"cups-client~1.1.15~208", rls:"NLPOS9")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-devel", rpm:"cups-devel~1.1.15~208", rls:"NLPOS9")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-libs", rpm:"cups-libs~1.1.15~208", rls:"NLPOS9")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups", rpm:"cups~1.1.23~40.32", rls:"NLPOS9")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-client", rpm:"cups-client~1.1.23~40.32", rls:"NLPOS9")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-devel", rpm:"cups-devel~1.1.23~40.32", rls:"NLPOS9")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-libs", rpm:"cups-libs~1.1.23~40.32", rls:"NLPOS9")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"cups-libs-32bit", rpm:"cups-libs-32bit~1.1.23~40.32", rls:"NLPOS9")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
References
Related
freebsd
freebsd
xpdf -- multiple remote Stream.CC vulnerabilities
2007-11-07 00:00:00
nessus
nessus
RHEL 5 : cups (RHSA-2007:1021)
2007-11-08 00:00:00
Mandrake Linux Security Advisory : xpdf (MDKSA-2007:219)
2009-04-23 00:00:00
Oracle Linux 5 : poppler (ELSA-2007-1026)
2013-07-12 00:00:00
gentoo
gentoo
Poppler, KDE: User-assisted execution of arbitrary code
2007-11-18 00:00:00
openvas
openvas
Fedora Update for kdeartwork FEDORA-2007-2985
2009-02-27 00:00:00
Mandriva Update for cups MDKSA-2007:228 (cups)
2009-04-09 00:00:00
Fedora Update for kde-i18n FEDORA-2007-2985
2009-02-27 00:00:00
ubuntu
ubuntu
KOffice vulnerabilities
2007-11-15 00:00:00
poppler vulnerabilities
2007-11-14 00:00:00
debian
debian
[SECURITY] [DSA 1537-1] New xpdf packages fix multiple vulnerabilities
2008-04-02 21:25:32
[SECURITY] [DSA 1480-1] New poppler packages fix several vulnerabilities
2008-02-05 17:13:47
[SECURITY] [DSA 1537-1] New xpdf packages fix multiple vulnerabilities
2008-04-02 21:25:32
fedora
fedora
[SECURITY] Fedora 7 Update: kdetoys-3.5.8-1.fc7
2007-11-13 00:05:02
[SECURITY] Fedora 7 Update: xpdf-3.02-4.fc7
2007-11-09 23:43:53
[SECURITY] Fedora 8 Update: koffice-1.6.3-13.fc8
2007-11-09 23:50:51
redhat
redhat
(RHSA-2007:1024) Important: kdegraphics security update
2007-11-12 00:00:00
(RHSA-2007:1029) Important: xpdf security update
2007-11-07 00:00:00
(RHSA-2007:1021) Important: cups security update
2007-11-07 00:00:00
centos
centos
kdegraphics security update
2007-11-12 16:32:18
gpdf security update
2007-11-07 19:57:28
xpdf security update
2007-11-07 19:58:17
osv
osv
poppler - several vulnerabilities
2008-02-05 00:00:00
koffice - multiple vulnerabilities
2008-02-25 00:00:00
xpdf
2008-04-02 00:00:00
suse
suse
remote code execution in xpdf, kdegraphics3-pdf, koffice, libextractor,
2007-11-14 16:50:40
securityvulns
securityvulns
Xpdf multiple security vulnerabilities
2007-11-08 00:00:00
Secunia Research: Xpdf "Stream.cc" Multiple Vulnerabilities
2007-11-08 00:00:00
oraclelinux
oraclelinux
Important: poppler security update
2007-11-23 00:00:00
Important: kdegraphics security update
2007-11-12 00:00:00
Important: xpdf security update
2007-11-07 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 5 package xpdf version 3.02-alt3
2007-11-12 00:00:00
slackware
slackware
[slackware-security] xpdf/poppler/koffice/kdegraphics
2007-11-12 09:06:02