Lucene search

K

CentOS Update for xpdf CESA-2008:0240 centos4 x86_64

๐Ÿ—“๏ธย 27 Feb 2009ย 00:00:00Reported byย Copyright (C) 2009 Greenbone Networks GmbHTypeย 
openvas
ย openvas
๐Ÿ”—ย plugins.openvas.org๐Ÿ‘ย 14ย Views

CentOS Update for xpdf CESA-2008:0240 centos4 x86_64. Xpdf is an X Window System-based viewer for Portable Document Format (PDF) files. Kees Cook discovered a flaw in the way xpdf displayed malformed fonts embedded in PDF files. Users are advised to upgrade to these updated packages, which contain backported patches to resolve this issue

Show more
Related
Refs
Code
###############################################################################
# OpenVAS Vulnerability Test
#
# CentOS Update for xpdf CESA-2008:0240 centos4 x86_64
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

include("revisions-lib.inc");
tag_insight = "Xpdf is an X Window System-based viewer for Portable Document Format (PDF)
  files.

  Kees Cook discovered a flaw in the way xpdf displayed malformed fonts
  embedded in PDF files. An attacker could create a malicious PDF file that
  would cause xpdf to crash, or, potentially, execute arbitrary code when
  opened. (CVE-2008-1693)
  
  Users are advised to upgrade to these updated packages, which contain
  backported patches to resolve this issue.";

tag_affected = "xpdf on CentOS 4";
tag_solution = "Please Install the Updated Packages.";



if(description)
{
  script_xref(name : "URL" , value : "http://lists.centos.org/pipermail/centos-announce/2008-April/014846.html");
  script_id(880005);
  script_version("$Revision: 6651 $");
  script_tag(name:"last_modification", value:"$Date: 2017-07-10 13:45:21 +0200 (Mon, 10 Jul 2017) $");
  script_tag(name:"creation_date", value:"2009-02-27 09:02:20 +0100 (Fri, 27 Feb 2009)");
  script_tag(name:"cvss_base", value:"6.8");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:P/I:P/A:P");
  script_xref(name: "CESA", value: "2008:0240");
  script_cve_id("CVE-2008-1693");
  script_name( "CentOS Update for xpdf CESA-2008:0240 centos4 x86_64");

  script_summary("Check for the Version of xpdf");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2009 Greenbone Networks GmbH");
  script_family("CentOS Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/centos", "ssh/login/rpms");
  script_tag(name : "affected" , value : tag_affected);
  script_tag(name : "solution" , value : tag_solution);
  script_tag(name : "insight" , value : tag_insight);
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");
  exit(0);
}


include("pkg-lib-rpm.inc");

release = get_kb_item("ssh/login/release");


res = "";
if(release == NULL){
  exit(0);
}

if(release == "CentOS4")
{

  if ((res = isrpmvuln(pkg:"xpdf", rpm:"xpdf~3.00~16.el4", rls:"CentOS4")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contactย us for a demo andย discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo