{"cve": [{"lastseen": "2018-10-18T15:06:10", "bulletinFamily": "NVD", "description": "Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf before 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote attackers to execute arbitrary code via a crafted PDF file that triggers a stack-based buffer overflow in the StreamPredictor::getNextLine function.", "modified": "2018-10-16T12:48:57", "published": "2007-07-30T19:17:00", "id": "CVE-2007-3387", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-3387", "title": "CVE-2007-3387", "type": "cve", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "debian": [{"lastseen": "2018-10-16T22:13:00", "bulletinFamily": "unix", "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 1349-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nAugust 5th, 2007 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : libextractor\nVulnerability : integer overflow\nProblem type : local (remote)\nDebian-specific: no\nCVE ID : CVE-2007-3387\n\nIt was discovered that an integer overflow in the xpdf PDF viewer may lead\nto the execution of arbitrary code if a malformed PDF file is opened.\n\nlibextractor includes a copy of the xpdf code and required an update\nas well.\n\nFor the oldstable distribution (sarge) this problem has been fixed in\nversion 0.4.2-2sarge6.\n\nThe stable distribution (etch) isn't affected by this problem.\n\nThe unstable distribution (sid) isn't affected by this problem.\n\nWe recommend that you upgrade your libextractor packages.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given at the end of this advisory:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/libe/libextractor/libextractor_0.4.2-2sarge6.dsc\n Size/MD5 checksum: 778 fbcbd62c772674dc96a26373e5aa6e01\n http://security.debian.org/pool/updates/main/libe/libextractor/libextractor_0.4.2-2sarge6.diff.gz\n Size/MD5 checksum: 9063 bb026f68189fd93686e5fd94b6cda88e\n http://security.debian.org/pool/updates/main/libe/libextractor/libextractor_0.4.2.orig.tar.gz\n Size/MD5 checksum: 5887095 d99e1b13a017d39700e376a0edbf7ba2\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/libe/libextractor/extract_0.4.2-2sarge6_alpha.deb\n Size/MD5 checksum: 19690 01b435b2688d03f3459c79526954925c\n http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge6_alpha.deb\n Size/MD5 checksum: 5810714 dd23f39e0b388296b1fc271739712ebe\n http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1-dev_0.4.2-2sarge6_alpha.deb\n Size/MD5 checksum: 19484 7f05a34e53fd43830028912e14d2328f\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/libe/libextractor/extract_0.4.2-2sarge6_amd64.deb\n Size/MD5 checksum: 18346 b0630efe8af750547c51f18e2b37e56c\n http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge6_amd64.deb\n Size/MD5 checksum: 5641608 6cc4c3570ed2c3319944d2dadeb32df2\n http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1-dev_0.4.2-2sarge6_amd64.deb\n Size/MD5 checksum: 17618 b03292795065cdd0c9444343f216a058\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/libe/libextractor/extract_0.4.2-2sarge6_arm.deb\n Size/MD5 checksum: 17726 b7d8e767fdec15d9f1dd42a4d287d093\n http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge6_arm.deb\n Size/MD5 checksum: 5710926 010de9d5ca245ecde20850f2077ec525\n http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1-dev_0.4.2-2sarge6_arm.deb\n Size/MD5 checksum: 17034 70da5564ca690372c8ff2f920e3145e7\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/libe/libextractor/extract_0.4.2-2sarge6_i386.deb\n Size/MD5 checksum: 17870 34c81aebd99358f6a6668e6a6e766dcf\n http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge6_i386.deb\n Size/MD5 checksum: 5713546 59647b99f778803ae7dd04b8a3ef4f69\n http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1-dev_0.4.2-2sarge6_i386.deb\n Size/MD5 checksum: 16796 f6a61702be519be0de6ba5254a8d2bc1\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/libe/libextractor/extract_0.4.2-2sarge6_ia64.deb\n Size/MD5 checksum: 20664 abbab8aca9823e749ce8f56ba180605a\n http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge6_ia64.deb\n Size/MD5 checksum: 5905678 6c4fae9ee6f98f8a2b04dfc8bb1e6c77\n http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1-dev_0.4.2-2sarge6_ia64.deb\n Size/MD5 checksum: 19402 7217989cd00aa203703636a12b73ef1c\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/libe/libextractor/extract_0.4.2-2sarge6_m68k.deb\n Size/MD5 checksum: 17432 ad4ed814052b2b16a980916e8c26b4d5\n http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge6_m68k.deb\n Size/MD5 checksum: 5708490 4456e64e983995cdaada1b8003b87de9\n http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1-dev_0.4.2-2sarge6_m68k.deb\n Size/MD5 checksum: 16664 8d0a17ffea00ef3a8dd84ad1ef751382\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/libe/libextractor/extract_0.4.2-2sarge6_mips.deb\n Size/MD5 checksum: 18672 ca896e1b783faaa7fd4f0b16bd5b679f\n http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge6_mips.deb\n Size/MD5 checksum: 5729468 b4369a7e90e9378aaf16c22e6ee8ba23\n http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1-dev_0.4.2-2sarge6_mips.deb\n Size/MD5 checksum: 17960 adf6c5dadd298f2cbfb129b329cbd396\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/libe/libextractor/extract_0.4.2-2sarge6_mipsel.deb\n Size/MD5 checksum: 18720 24b4c8c7394ca7600b5d56ff6756ced0\n http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge6_mipsel.deb\n Size/MD5 checksum: 5727182 0d3c4b40711cd5ff424d9c3509abc959\n http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1-dev_0.4.2-2sarge6_mipsel.deb\n Size/MD5 checksum: 17990 2bfd506c4227ba2b51128ed229d05737\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/libe/libextractor/extract_0.4.2-2sarge6_powerpc.deb\n Size/MD5 checksum: 19840 965842771a493480a596d23219240384\n http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge6_powerpc.deb\n Size/MD5 checksum: 5678172 d9b4e7d752db6ca53ce6adddd1c8963b\n http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1-dev_0.4.2-2sarge6_powerpc.deb\n Size/MD5 checksum: 17802 9d4275a87460db16bf31e112f8a7be72\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/libe/libextractor/extract_0.4.2-2sarge6_s390.deb\n Size/MD5 checksum: 18220 218a8b4f648ee49543981dd7a418a86b\n http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge6_s390.deb\n Size/MD5 checksum: 5768298 367428e42de8d1af622d02d64f4fb027\n http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1-dev_0.4.2-2sarge6_s390.deb\n Size/MD5 checksum: 18166 98cb43003a7a95dbfd121cf615f73bc8\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/libe/libextractor/extract_0.4.2-2sarge6_sparc.deb\n Size/MD5 checksum: 17728 f9220d2e7654b273448c0880374f59d4\n http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1_0.4.2-2sarge6_sparc.deb\n Size/MD5 checksum: 5752498 5c5bcdf9c749506310e95137ae80550c\n http://security.debian.org/pool/updates/main/libe/libextractor/libextractor1-dev_0.4.2-2sarge6_sparc.deb\n Size/MD5 checksum: 16938 b90780181aeb323dbcc4dfa11db7bcd0\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n\n", "modified": "2007-08-05T00:00:00", "published": "2007-08-05T00:00:00", "id": "DEBIAN:DSA-1349-1:C4FE1", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00111.html", "title": "[SECURITY] [DSA 1349-1] New libextractor packages fix arbitrary code execution", "type": "debian", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-10-16T22:14:40", "bulletinFamily": "unix", "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 1352-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nAugust 7th, 2007 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : pdfkit.framework\nVulnerability : integer overflow\nProblem type : local (remote)\nDebian-specific: no\nCVE ID : CVE-2007-3387\n\nIt was discovered that an integer overflow in the xpdf PDF viewer may lead\nto the execution of arbitrary code if a malformed PDF file is opened.\n\npdfkit.framework includes a copy of the xpdf code and required an update\nas well.\n\nFor the oldstable distribution (sarge) this problem has been fixed in\nversion 0.8-2sarge4.\n\nThe package from the stable distribution (etch) links dynamically\nagainst libpoppler and doesn't require a separate update.\n\nThe package from the unstable distribution (sid) links dynamically\nagainst libpoppler and doesn't require a separate update.\n\nWe recommend that you upgrade your pdfkit.framework packages.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given at the end of this advisory:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge4.dsc\n Size/MD5 checksum: 725 bfe8bf57eeadaeeaa5ba33a458a8e185\n http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge4.diff.gz\n Size/MD5 checksum: 7077 a9e6dc46fa95a2763e865999b3789e50\n http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8.orig.tar.gz\n Size/MD5 checksum: 1780533 7676643ff78a0602c10bfb97fe0bd448\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge4_alpha.deb\n Size/MD5 checksum: 1822590 0f097258e91f1d7eabf3384ecb10b3e8\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge4_amd64.deb\n Size/MD5 checksum: 1797204 534d18691bdd0729af9e854311408460\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge4_hppa.deb\n Size/MD5 checksum: 1863092 764d3796d34c879af9a5594c4f50e5e9\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge4_i386.deb\n Size/MD5 checksum: 1750926 fd435c2d7270d324c74aa054c7230e96\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge4_ia64.deb\n Size/MD5 checksum: 1981838 c7a18c58ea887fb5b0f2194659ccdd77\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge4_m68k.deb\n Size/MD5 checksum: 1786348 3b4885f47d0d55dad0e70aa20e42c73d\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge4_mips.deb\n Size/MD5 checksum: 1769560 9f0071e086fa239f2068d426f9dddae9\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge4_mipsel.deb\n Size/MD5 checksum: 1755228 cda830fc73806bc80e1104359fea752a\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge4_powerpc.deb\n Size/MD5 checksum: 1771430 1d2fb8df07e688855b1c716123c2213d\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge4_s390.deb\n Size/MD5 checksum: 1805290 78cfaa378a73eae337978d3df379be99\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/p/pdfkit.framework/pdfkit.framework_0.8-2sarge4_sparc.deb\n Size/MD5 checksum: 1780538 cb9824fd6a64b10257f79d0df7c1a474\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n\n", "modified": "2007-08-07T00:00:00", "published": "2007-08-07T00:00:00", "id": "DEBIAN:DSA-1352-1:75289", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00114.html", "title": "[SECURITY] [DSA 1352-1] New pdfkit.framework packages fix arbitrary code\texecution", "type": "debian", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-10-16T22:14:36", "bulletinFamily": "unix", "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 1350-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nAugust 6th, 2007 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : tetex-bin\nVulnerability : integer overflow\nProblem type : local (remote)\nDebian-specific: no\nCVE ID : CVE-2007-3387\n\nIt was discovered that an integer overflow in the xpdf PDF viewer may lead\nto the execution of arbitrary code if a malformed PDF file is opened.\n\ntetex-bin includes a copy of the xpdf code and required an update as\nwell.\n\nFor the oldstable distribution (sarge) this problem has been fixed in\nversion 2.0.2-30sarge5.\n\nThe package from the stable distribution (etch) links dynamically\nagainst libpoppler and doesn't require a separate update.\n\nThe package from the unstable distribution (sid) links dynamically\nagainst libpoppler and doesn't require a separate update.\n\nWe recommend that you upgrade your tetex-bin packages.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given at the end of this advisory:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_2.0.2-30sarge5.dsc\n Size/MD5 checksum: 1004 408dc2085cdba46890456dd0994466ed\n http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_2.0.2-30sarge5.diff.gz\n Size/MD5 checksum: 162289 af8ba42d1ba901a866f8a9a3be169a8d\n http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_2.0.2.orig.tar.gz\n Size/MD5 checksum: 11677169 8f02d5940bf02072ce5fe05429c90e63\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_2.0.2-30sarge5_alpha.deb\n Size/MD5 checksum: 90938 d8159c21d95fe23977f3f04293e05d2b\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_2.0.2-30sarge5_alpha.deb\n Size/MD5 checksum: 65658 8499ce76230803e3e8ca57f74d3ddc1a\n http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_2.0.2-30sarge5_alpha.deb\n Size/MD5 checksum: 5191902 e59ace42020339489e5dce272346937d\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_2.0.2-30sarge5_amd64.deb\n Size/MD5 checksum: 72760 c74b0d671d1e598133ccbabba4b055d0\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_2.0.2-30sarge5_amd64.deb\n Size/MD5 checksum: 61976 18539f87cc4ca768e94812dd82a4ba92\n http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_2.0.2-30sarge5_amd64.deb\n Size/MD5 checksum: 4357092 c343a5100fa62f02fea94cb8298d1dfe\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_2.0.2-30sarge5_arm.deb\n Size/MD5 checksum: 67792 56ead90cbac34f20bbd3a9c561d8e766\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_2.0.2-30sarge5_arm.deb\n Size/MD5 checksum: 58222 9615aad9835cf82cda04c2270b23bcc6\n http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_2.0.2-30sarge5_arm.deb\n Size/MD5 checksum: 4300932 797d1b12e5c33b994b54ea3ed0e56605\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_2.0.2-30sarge5_hppa.deb\n Size/MD5 checksum: 78298 b02ebc84baf40bdf85bdd095259a6fc0\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_2.0.2-30sarge5_hppa.deb\n Size/MD5 checksum: 66718 fc8516836487be2143681dde8a547afa\n http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_2.0.2-30sarge5_hppa.deb\n Size/MD5 checksum: 4613010 8a86c1ff20b5e7d796f4729688b38846\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_2.0.2-30sarge5_i386.deb\n Size/MD5 checksum: 66214 9cdb34e878a67780bb6495585ef14db7\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_2.0.2-30sarge5_i386.deb\n Size/MD5 checksum: 59248 591ed69f05d3a395c0e438bbe046db12\n http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_2.0.2-30sarge5_i386.deb\n Size/MD5 checksum: 3939528 d352ae38e2349e355e5da81651fcbb81\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_2.0.2-30sarge5_ia64.deb\n Size/MD5 checksum: 89818 194a8c9d3fdbdb2de3a1132cfc5fefd8\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_2.0.2-30sarge5_ia64.deb\n Size/MD5 checksum: 73578 98b1887daec4d21c5f6541a4857f2765\n http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_2.0.2-30sarge5_ia64.deb\n Size/MD5 checksum: 5909754 72b1fc89df3534e940f0c276ac30e834\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_2.0.2-30sarge5_m68k.deb\n Size/MD5 checksum: 63570 c28eb2d915d1993744a07c6110634370\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_2.0.2-30sarge5_m68k.deb\n Size/MD5 checksum: 58802 e5c73af748d2c66f038b5f52929d938a\n http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_2.0.2-30sarge5_m68k.deb\n Size/MD5 checksum: 3601196 49dd7766842ec386c1a62685079c80ed\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_2.0.2-30sarge5_mips.deb\n Size/MD5 checksum: 75566 e8c8a8f53f4aab6029f7e92b5994247d\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_2.0.2-30sarge5_mips.deb\n Size/MD5 checksum: 59274 2ec0a1573e3e1aa68a7f71177616b61b\n http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_2.0.2-30sarge5_mips.deb\n Size/MD5 checksum: 4603054 b05d0400b14e006284b383364dcdb609\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_2.0.2-30sarge5_mipsel.deb\n Size/MD5 checksum: 75536 342424bab48f7baa4a28dd033ade7a89\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_2.0.2-30sarge5_mipsel.deb\n Size/MD5 checksum: 59504 aa940915c0a195a5fa6bc7dcdcddd796\n http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_2.0.2-30sarge5_mipsel.deb\n Size/MD5 checksum: 4559858 1c2999179723139ef15ce8fac0094ab3\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_2.0.2-30sarge5_powerpc.deb\n Size/MD5 checksum: 74908 827173cc664bccc030eb1e8607f2e5de\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_2.0.2-30sarge5_powerpc.deb\n Size/MD5 checksum: 63436 b53beaa55824df5c86230ee76a58f46a\n http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_2.0.2-30sarge5_powerpc.deb\n Size/MD5 checksum: 4382190 19f6451563e03f4847cf7b548b822273\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_2.0.2-30sarge5_s390.deb\n Size/MD5 checksum: 71830 7f4ab010974b161ebb3e43e4fa946571\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_2.0.2-30sarge5_s390.deb\n Size/MD5 checksum: 63692 21ba0cfb5d848ee8db9a84c0d1d90cbc\n http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_2.0.2-30sarge5_s390.deb\n Size/MD5 checksum: 4269382 8d527032ff17054e05f2030e76e0d20f\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea-dev_2.0.2-30sarge5_sparc.deb\n Size/MD5 checksum: 70016 db4e0ff13dc82882a8af0ab231439d80\n http://security.debian.org/pool/updates/main/t/tetex-bin/libkpathsea3_2.0.2-30sarge5_sparc.deb\n Size/MD5 checksum: 61066 715b8af76681d9d491f538011b75fa26\n http://security.debian.org/pool/updates/main/t/tetex-bin/tetex-bin_2.0.2-30sarge5_sparc.deb\n Size/MD5 checksum: 4157218 e2f76ec4340abd8f99aa44c941a87dea\n\n\n These files will probably be moved into the oldstable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n\n", "modified": "2007-08-06T00:00:00", "published": "2007-08-06T00:00:00", "id": "DEBIAN:DSA-1350-1:11A12", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00112.html", "title": "[SECURITY] [DSA 1350-1] New tetex-bin packages fix arbitrary code execution", "type": "debian", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-10-16T22:13:26", "bulletinFamily": "unix", "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 1357-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nAugust 19th, 2007 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : kdegraphics\nVulnerability : integer overflow\nProblem type : local (remote)\nDebian-specific: no\nCVE ID : CVE-2007-3387\n\nIt was discovered that an integer overflow in the xpdf PDF viewer may lead\nto the execution of arbitrary code if a malformed PDF file is opened.\n\nkoffice includes a copy of the xpdf code and required an update as well.\n\nThe oldstable distribution (sarge) will be fixed later.\n\nFor the stable distribution (etch) this problem has been fixed in\nversion 1.6.1-2etch1.\n\nFor the unstable distribution (sid) this problem has been fixed in\nversion 1.6.3-2.\n\nWe recommend that you upgrade your koffice packages.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given at the end of this advisory:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/k/koffice/koffice_1.6.1-2etch1.dsc\n Size/MD5 checksum: 1472 8803903f046a6dc4dedd4ac56c65946e\n http://security.debian.org/pool/updates/main/k/koffice/koffice_1.6.1-2etch1.diff.gz\n Size/MD5 checksum: 475994 1824b9ef1447a01ee8c66967e438a480\n http://security.debian.org/pool/updates/main/k/koffice/koffice_1.6.1.orig.tar.gz\n Size/MD5 checksum: 63070725 46ac2a71f5826a6ed149a62d501dacec\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/k/koffice/kivio-data_1.6.1-2etch1_all.deb\n Size/MD5 checksum: 682624 2e69c6bcc9ed69aa0e5e02d03dabbbb8\n http://security.debian.org/pool/updates/main/k/koffice/koffice-data_1.6.1-2etch1_all.deb\n Size/MD5 checksum: 749178 53f5b7797feabd74638ab3d1c40de3c8\n http://security.debian.org/pool/updates/main/k/koffice/koffice-doc-html_1.6.1-2etch1_all.deb\n Size/MD5 checksum: 521862 6f89297c5f78585a3195b4f1dfa4d8e0\n http://security.debian.org/pool/updates/main/k/koffice/koffice-doc_1.6.1-2etch1_all.deb\n Size/MD5 checksum: 93980342 117c06038c2415622487cb8eca90105e\n http://security.debian.org/pool/updates/main/k/koffice/koffice_1.6.1-2etch1_all.deb\n Size/MD5 checksum: 24142 d16c0268b5baea99c12d618820407f47\n http://security.debian.org/pool/updates/main/k/koffice/kpresenter-data_1.6.1-2etch1_all.deb\n Size/MD5 checksum: 1899294 c265feaf7147b76a8b08dc5163099707\n http://security.debian.org/pool/updates/main/k/koffice/krita-data_1.6.1-2etch1_all.deb\n Size/MD5 checksum: 28298660 7002f36839d7235f7930a9aebb61d8b8\n http://security.debian.org/pool/updates/main/k/koffice/kword-data_1.6.1-2etch1_all.deb\n Size/MD5 checksum: 1771432 0d196375a5d78c46761cb594957998bc\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/k/koffice/karbon_1.6.1-2etch1_alpha.deb\n Size/MD5 checksum: 1108642 c0a9748e6a8b06bd4760337c50fb4bc9\n http://security.debian.org/pool/updates/main/k/koffice/kchart_1.6.1-2etch1_alpha.deb\n Size/MD5 checksum: 1416526 63d10e6b0413276f4984c6ee1a1f7ef4\n http://security.debian.org/pool/updates/main/k/koffice/kexi_1.6.1-2etch1_alpha.deb\n Size/MD5 checksum: 3685836 4cd52cf0279ead62c5c27b4ba4748690\n http://security.debian.org/pool/updates/main/k/koffice/kformula_1.6.1-2etch1_alpha.deb\n Size/MD5 checksum: 1042606 5860acbde8964312a642d95248521dd1\n http://security.debian.org/pool/updates/main/k/koffice/kivio_1.6.1-2etch1_alpha.deb\n Size/MD5 checksum: 644290 ae2ae1362979dc473a01cc387d5c35e4\n http://security.debian.org/pool/updates/main/k/koffice/koffice-dbg_1.6.1-2etch1_alpha.deb\n Size/MD5 checksum: 57351116 68a6d38ed08a13bb277edd0510713d13\n http://security.debian.org/pool/updates/main/k/koffice/koffice-dev_1.6.1-2etch1_alpha.deb\n Size/MD5 checksum: 410176 0ade2fb236e1a4de272293183dced082\n http://security.debian.org/pool/updates/main/k/koffice/koffice-libs_1.6.1-2etch1_alpha.deb\n Size/MD5 checksum: 2851426 74b50c0dce747020b0fa60a7b6ae09d7\n http://security.debian.org/pool/updates/main/k/koffice/koshell_1.6.1-2etch1_alpha.deb\n Size/MD5 checksum: 196564 0b33033532bdbdaec98ebc6359336507\n http://security.debian.org/pool/updates/main/k/koffice/kplato_1.6.1-2etch1_alpha.deb\n Size/MD5 checksum: 973152 558c8de17270e700b684bdea3dc0538e\n http://security.debian.org/pool/updates/main/k/koffice/kpresenter_1.6.1-2etch1_alpha.deb\n Size/MD5 checksum: 1400282 9c6f0fa4c63d87c4b6a4abbb42e73d4d\n http://security.debian.org/pool/updates/main/k/koffice/krita_1.6.1-2etch1_alpha.deb\n Size/MD5 checksum: 3527402 40ea5a3879538efa216d0d042dd1da8f\n http://security.debian.org/pool/updates/main/k/koffice/kspread_1.6.1-2etch1_alpha.deb\n Size/MD5 checksum: 2830608 b2782512c085831fcdf1bada564aa2f4\n http://security.debian.org/pool/updates/main/k/koffice/kthesaurus_1.6.1-2etch1_alpha.deb\n Size/MD5 checksum: 328838 8ef162f834ede62f020cd5b305db1dff\n http://security.debian.org/pool/updates/main/k/koffice/kugar_1.6.1-2etch1_alpha.deb\n Size/MD5 checksum: 471756 d65c24860d6ff6deee63fc371112e328\n http://security.debian.org/pool/updates/main/k/koffice/kword_1.6.1-2etch1_alpha.deb\n Size/MD5 checksum: 2992058 246a8d6ca6d5c322272ef01951a03ae7\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/k/koffice/karbon_1.6.1-2etch1_amd64.deb\n Size/MD5 checksum: 1051618 99268309b6e291808bd39fd1aa5923c5\n http://security.debian.org/pool/updates/main/k/koffice/kchart_1.6.1-2etch1_amd64.deb\n Size/MD5 checksum: 1364144 78da532e23bfa76ba089e2c33827697e\n http://security.debian.org/pool/updates/main/k/koffice/kexi_1.6.1-2etch1_amd64.deb\n Size/MD5 checksum: 3455106 bac873079a141581d9ee7b1089a9ce58\n http://security.debian.org/pool/updates/main/k/koffice/kformula_1.6.1-2etch1_amd64.deb\n Size/MD5 checksum: 1038562 b214ed1b66c230575392726a44031b81\n http://security.debian.org/pool/updates/main/k/koffice/kivio_1.6.1-2etch1_amd64.deb\n Size/MD5 checksum: 607892 a6fd0f9037ecc2ba70733d50e5902c35\n http://security.debian.org/pool/updates/main/k/koffice/koffice-dbg_1.6.1-2etch1_amd64.deb\n Size/MD5 checksum: 57305368 e697d967371e2439b902fcb5166395ce\n http://security.debian.org/pool/updates/main/k/koffice/koffice-dev_1.6.1-2etch1_amd64.deb\n Size/MD5 checksum: 385972 cb1579eaf143000144f43743114b447d\n http://security.debian.org/pool/updates/main/k/koffice/koffice-libs_1.6.1-2etch1_amd64.deb\n Size/MD5 checksum: 2651560 428862af9ba3242872c371621607b00e\n http://security.debian.org/pool/updates/main/k/koffice/koshell_1.6.1-2etch1_amd64.deb\n Size/MD5 checksum: 195242 e739a63b63a23cbeede895ed2f0a931c\n http://security.debian.org/pool/updates/main/k/koffice/kplato_1.6.1-2etch1_amd64.deb\n Size/MD5 checksum: 922860 2ccf49f64bbbc32bb4223ea526199caa\n http://security.debian.org/pool/updates/main/k/koffice/kpresenter_1.6.1-2etch1_amd64.deb\n Size/MD5 checksum: 1326902 e375c794f932e6e60d65d9dc37069f8d\n http://security.debian.org/pool/updates/main/k/koffice/krita_1.6.1-2etch1_amd64.deb\n Size/MD5 checksum: 3315994 87643f89d09beabf45c69cfeb378963e\n http://security.debian.org/pool/updates/main/k/koffice/kspread_1.6.1-2etch1_amd64.deb\n Size/MD5 checksum: 2681396 88e55be28dc902c7f4268d011bdb86a0\n http://security.debian.org/pool/updates/main/k/koffice/kthesaurus_1.6.1-2etch1_amd64.deb\n Size/MD5 checksum: 328690 f9fb605a9f6db4163b412e3a46ad8fa3\n http://security.debian.org/pool/updates/main/k/koffice/kugar_1.6.1-2etch1_amd64.deb\n Size/MD5 checksum: 456674 ef4896881ce5620f6cc0aa8b83a3dc83\n http://security.debian.org/pool/updates/main/k/koffice/kword_1.6.1-2etch1_amd64.deb\n Size/MD5 checksum: 2825902 1fc38774ab3d5032d63dd7adecb42d11\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/k/koffice/karbon_1.6.1-2etch1_arm.deb\n Size/MD5 checksum: 920358 e5b94e799a52210da01b652bb909020a\n http://security.debian.org/pool/updates/main/k/koffice/kchart_1.6.1-2etch1_arm.deb\n Size/MD5 checksum: 1290422 fd552f230e4694299407330ce4d97075\n http://security.debian.org/pool/updates/main/k/koffice/kexi_1.6.1-2etch1_arm.deb\n Size/MD5 checksum: 3688574 3e2c8d373960dfc33c45c973ad39a6e8\n http://security.debian.org/pool/updates/main/k/koffice/kformula_1.6.1-2etch1_arm.deb\n Size/MD5 checksum: 1028370 e49723ac5a31dac06820fd374eb2203f\n http://security.debian.org/pool/updates/main/k/koffice/kivio_1.6.1-2etch1_arm.deb\n Size/MD5 checksum: 523940 7d549e5bd27227b375c10231dfdc9ba1\n http://security.debian.org/pool/updates/main/k/koffice/koffice-dbg_1.6.1-2etch1_arm.deb\n Size/MD5 checksum: 93035104 0249038d77592ed6273bc19e70e690d2\n http://security.debian.org/pool/updates/main/k/koffice/koffice-dev_1.6.1-2etch1_arm.deb\n Size/MD5 checksum: 409496 fd079c72bbb1cb53f35b9ecf03526c64\n http://security.debian.org/pool/updates/main/k/koffice/koffice-libs_1.6.1-2etch1_arm.deb\n Size/MD5 checksum: 2590168 dc543a0068f87cee0dca2df28408b096\n http://security.debian.org/pool/updates/main/k/koffice/koshell_1.6.1-2etch1_arm.deb\n Size/MD5 checksum: 186912 03455accf8e8eebc358abc5e422892d9\n http://security.debian.org/pool/updates/main/k/koffice/kplato_1.6.1-2etch1_arm.deb\n Size/MD5 checksum: 841936 8ab2f2fd1ced4dbd6f9a5acb4eb08a0e\n http://security.debian.org/pool/updates/main/k/koffice/kpresenter_1.6.1-2etch1_arm.deb\n Size/MD5 checksum: 1175522 afed6782754624635529f46f1c8e7981\n http://security.debian.org/pool/updates/main/k/koffice/krita_1.6.1-2etch1_arm.deb\n Size/MD5 checksum: 3000812 98f7ae8f90816ac7fca4822b24c1fb37\n http://security.debian.org/pool/updates/main/k/koffice/kspread_1.6.1-2etch1_arm.deb\n Size/MD5 checksum: 2464376 04e344a5ff8c638a5b9527f78ebf34d8\n http://security.debian.org/pool/updates/main/k/koffice/kthesaurus_1.6.1-2etch1_arm.deb\n Size/MD5 checksum: 323212 74d5083c47034c965c9cdda377b2efdb\n http://security.debian.org/pool/updates/main/k/koffice/kugar_1.6.1-2etch1_arm.deb\n Size/MD5 checksum: 459322 973cb0dbd0e550e2b4bba846b9918fc6\n http://security.debian.org/pool/updates/main/k/koffice/kword_1.6.1-2etch1_arm.deb\n Size/MD5 checksum: 2540184 ffa4896689ac97a98f49330364b59135\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/k/koffice/karbon_1.6.1-2etch1_hppa.deb\n Size/MD5 checksum: 1140186 f4a24ad7541186d141760983038dd957\n http://security.debian.org/pool/updates/main/k/koffice/kchart_1.6.1-2etch1_hppa.deb\n Size/MD5 checksum: 1422950 bcde7a62ad9e6b186be429402c3e081b\n http://security.debian.org/pool/updates/main/k/koffice/kexi_1.6.1-2etch1_hppa.deb\n Size/MD5 checksum: 3881236 c4cc616475bb6d0b84d9eb775fe8a720\n http://security.debian.org/pool/updates/main/k/koffice/kformula_1.6.1-2etch1_hppa.deb\n Size/MD5 checksum: 1044450 b43dc90b143a0500d0e00d2961f28081\n http://security.debian.org/pool/updates/main/k/koffice/kivio_1.6.1-2etch1_hppa.deb\n Size/MD5 checksum: 672616 a38b965d7e4ac4b754c6ebf270263507\n http://security.debian.org/pool/updates/main/k/koffice/koffice-dbg_1.6.1-2etch1_hppa.deb\n Size/MD5 checksum: 58455432 d7f7b7b821cb513ca41c996315aa7d47\n http://security.debian.org/pool/updates/main/k/koffice/koffice-dev_1.6.1-2etch1_hppa.deb\n Size/MD5 checksum: 386048 ba6ae4b5faba3d0cec6be0551335463d\n http://security.debian.org/pool/updates/main/k/koffice/koffice-libs_1.6.1-2etch1_hppa.deb\n Size/MD5 checksum: 2908712 96922d60cd17540719756cf4af3c92b9\n http://security.debian.org/pool/updates/main/k/koffice/koshell_1.6.1-2etch1_hppa.deb\n Size/MD5 checksum: 199034 29f78b930cd6dfe392b522c30bb213d1\n http://security.debian.org/pool/updates/main/k/koffice/kplato_1.6.1-2etch1_hppa.deb\n Size/MD5 checksum: 984478 f54eba9971ba7078232a9626e1c3ee47\n http://security.debian.org/pool/updates/main/k/koffice/kpresenter_1.6.1-2etch1_hppa.deb\n Size/MD5 checksum: 1416410 72673729092a5b4212016ef2055ed452\n http://security.debian.org/pool/updates/main/k/koffice/krita_1.6.1-2etch1_hppa.deb\n Size/MD5 checksum: 3689546 7419c3fdf2d7201277c39fdf5377c2ff\n http://security.debian.org/pool/updates/main/k/koffice/kspread_1.6.1-2etch1_hppa.deb\n Size/MD5 checksum: 2802504 3e5960f4c15a76ca9c179691dd5ab3e8\n http://security.debian.org/pool/updates/main/k/koffice/kthesaurus_1.6.1-2etch1_hppa.deb\n Size/MD5 checksum: 330684 ae8d445ed64e95ff681231bc0534fd42\n http://security.debian.org/pool/updates/main/k/koffice/kugar_1.6.1-2etch1_hppa.deb\n Size/MD5 checksum: 485828 9feaabcd6416cffcbc27bd4dde74963c\n http://security.debian.org/pool/updates/main/k/koffice/kword_1.6.1-2etch1_hppa.deb\n Size/MD5 checksum: 3029036 8cea29337457b83c32f6297339a494c6\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/k/koffice/karbon_1.6.1-2etch1_i386.deb\n Size/MD5 checksum: 980190 f4be81a8009f863bf6721e4f3a16b93c\n http://security.debian.org/pool/updates/main/k/koffice/kchart_1.6.1-2etch1_i386.deb\n Size/MD5 checksum: 1326084 0c9ab14a8b8dc6da4cb529809f699f1c\n http://security.debian.org/pool/updates/main/k/koffice/kexi_1.6.1-2etch1_i386.deb\n Size/MD5 checksum: 3398144 e271073c83edd8f47b67c3d554ef7e9b\n http://security.debian.org/pool/updates/main/k/koffice/kformula_1.6.1-2etch1_i386.deb\n Size/MD5 checksum: 1034216 d7613a66429bb1fc843635267c41a63b\n http://security.debian.org/pool/updates/main/k/koffice/kivio_1.6.1-2etch1_i386.deb\n Size/MD5 checksum: 568798 bd21fb4cdcb38df87a9ee4b0ca64d240\n http://security.debian.org/pool/updates/main/k/koffice/koffice-dbg_1.6.1-2etch1_i386.deb\n Size/MD5 checksum: 56006598 52d23597986042f8f337591ed502fe56\n http://security.debian.org/pool/updates/main/k/koffice/koffice-dev_1.6.1-2etch1_i386.deb\n Size/MD5 checksum: 386000 0ed91fbbd600e7cb42eb5efb9d85d72a\n http://security.debian.org/pool/updates/main/k/koffice/koffice-libs_1.6.1-2etch1_i386.deb\n Size/MD5 checksum: 2506782 fb93057f49c40a3acf783d2f9426e62a\n http://security.debian.org/pool/updates/main/k/koffice/koshell_1.6.1-2etch1_i386.deb\n Size/MD5 checksum: 191696 cca27a7d7d5bef8ccb9a5d53cbe58119\n http://security.debian.org/pool/updates/main/k/koffice/kplato_1.6.1-2etch1_i386.deb\n Size/MD5 checksum: 885662 0879e687ca4802a0151193ca8afbddcc\n http://security.debian.org/pool/updates/main/k/koffice/kpresenter_1.6.1-2etch1_i386.deb\n Size/MD5 checksum: 1268928 fb27d21e132b3ea1fb247ad519a132b7\n http://security.debian.org/pool/updates/main/k/koffice/krita_1.6.1-2etch1_i386.deb\n Size/MD5 checksum: 3055260 b6ff3e3397e0b0465480e04415e8fdf9\n http://security.debian.org/pool/updates/main/k/koffice/kspread_1.6.1-2etch1_i386.deb\n Size/MD5 checksum: 2593466 432572717307289bfdc872ba717c2df1\n http://security.debian.org/pool/updates/main/k/koffice/kthesaurus_1.6.1-2etch1_i386.deb\n Size/MD5 checksum: 326194 a368f1c66a5528ce46737b7e1ca7e333\n http://security.debian.org/pool/updates/main/k/koffice/kugar_1.6.1-2etch1_i386.deb\n Size/MD5 checksum: 446722 0c4c8e17ecb63803aff7bae8fafe849f\n http://security.debian.org/pool/updates/main/k/koffice/kword_1.6.1-2etch1_i386.deb\n Size/MD5 checksum: 2675546 4e058b6cc5b90595815d9dbda7a59306\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/k/koffice/karbon_1.6.1-2etch1_ia64.deb\n Size/MD5 checksum: 1323456 925aad4ebeafc66f4998de915ae09860\n http://security.debian.org/pool/updates/main/k/koffice/kchart_1.6.1-2etch1_ia64.deb\n Size/MD5 checksum: 1584732 d17d5fbedffdd10e93a3b7d86358ce52\n http://security.debian.org/pool/updates/main/k/koffice/kexi_1.6.1-2etch1_ia64.deb\n Size/MD5 checksum: 4251520 ab78624f2d08dac200c3e20b5bf19eba\n http://security.debian.org/pool/updates/main/k/koffice/kformula_1.6.1-2etch1_ia64.deb\n Size/MD5 checksum: 1056238 a3a52ddfea47d46de458d59352bb6b24\n http://security.debian.org/pool/updates/main/k/koffice/kivio_1.6.1-2etch1_ia64.deb\n Size/MD5 checksum: 771540 6690f408ba8fa4ef4ecd1a73b4772c15\n http://security.debian.org/pool/updates/main/k/koffice/koffice-dbg_1.6.1-2etch1_ia64.deb\n Size/MD5 checksum: 56365486 7125b77704bb8e2b304ea164f7585ac0\n http://security.debian.org/pool/updates/main/k/koffice/koffice-dev_1.6.1-2etch1_ia64.deb\n Size/MD5 checksum: 386000 4b49d0fc87fe7a03cbfc6712627f56ef\n http://security.debian.org/pool/updates/main/k/koffice/koffice-libs_1.6.1-2etch1_ia64.deb\n Size/MD5 checksum: 3391526 2683fc3675c8e793464ad87ca3f93f2d\n http://security.debian.org/pool/updates/main/k/koffice/koshell_1.6.1-2etch1_ia64.deb\n Size/MD5 checksum: 208120 9756fafdaecfdc668912210fa044fe90\n http://security.debian.org/pool/updates/main/k/koffice/kplato_1.6.1-2etch1_ia64.deb\n Size/MD5 checksum: 1152768 6117dfc1f358b2d2db6c8c5d92909236\n http://security.debian.org/pool/updates/main/k/koffice/kpresenter_1.6.1-2etch1_ia64.deb\n Size/MD5 checksum: 1726202 2fedc322afbbee28524a3c1f6e91341f\n http://security.debian.org/pool/updates/main/k/koffice/krita_1.6.1-2etch1_ia64.deb\n Size/MD5 checksum: 4290248 2a15eab4658fb05c696018b4bb8a3e3a\n http://security.debian.org/pool/updates/main/k/koffice/kspread_1.6.1-2etch1_ia64.deb\n Size/MD5 checksum: 3304152 2d4563e06a85b7062db5101cbcd70336\n http://security.debian.org/pool/updates/main/k/koffice/kthesaurus_1.6.1-2etch1_ia64.deb\n Size/MD5 checksum: 336316 1490d6f70aba215735834db4e1edac25\n http://security.debian.org/pool/updates/main/k/koffice/kugar_1.6.1-2etch1_ia64.deb\n Size/MD5 checksum: 502308 e50fc18dc135f51528d013393068f908\n http://security.debian.org/pool/updates/main/k/koffice/kword_1.6.1-2etch1_ia64.deb\n Size/MD5 checksum: 3612916 bbb901204646c24a3f21b22ef057c825\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/k/koffice/karbon_1.6.1-2etch1_mips.deb\n Size/MD5 checksum: 958510 7442498bc1b82f80f7b38d1aa1e902df\n http://security.debian.org/pool/updates/main/k/koffice/kchart_1.6.1-2etch1_mips.deb\n Size/MD5 checksum: 1287690 0dfe593418fefc7103955777578e2a00\n http://security.debian.org/pool/updates/main/k/koffice/kexi_1.6.1-2etch1_mips.deb\n Size/MD5 checksum: 3241864 ddc50e396f3394c6b3df81bb774f632b\n http://security.debian.org/pool/updates/main/k/koffice/kformula_1.6.1-2etch1_mips.deb\n Size/MD5 checksum: 1030578 fd20281121242266beb235ddbc1885ac\n http://security.debian.org/pool/updates/main/k/koffice/kivio_1.6.1-2etch1_mips.deb\n Size/MD5 checksum: 548568 c0e2f32aee7f20c1a74ef828ba6e0934\n http://security.debian.org/pool/updates/main/k/koffice/koffice-dbg_1.6.1-2etch1_mips.deb\n Size/MD5 checksum: 59053876 8b841923347da07b80273f6290ab4d7f\n http://security.debian.org/pool/updates/main/k/koffice/koffice-dev_1.6.1-2etch1_mips.deb\n Size/MD5 checksum: 386028 fabfdbd1538fbeb4ec2fce871cbb7184\n http://security.debian.org/pool/updates/main/k/koffice/koffice-libs_1.6.1-2etch1_mips.deb\n Size/MD5 checksum: 2359828 44d5ff2615b9e57a70fe4863642d8e2c\n http://security.debian.org/pool/updates/main/k/koffice/koshell_1.6.1-2etch1_mips.deb\n Size/MD5 checksum: 190270 ae6e24a914527051ead4bee9c38b7971\n http://security.debian.org/pool/updates/main/k/koffice/kplato_1.6.1-2etch1_mips.deb\n Size/MD5 checksum: 819092 82dfb56ae00edd29ccca6745c1f6a75e\n http://security.debian.org/pool/updates/main/k/koffice/kpresenter_1.6.1-2etch1_mips.deb\n Size/MD5 checksum: 1163638 a7c0c84109ffc6e840c0fe727db68e6c\n http://security.debian.org/pool/updates/main/k/koffice/krita_1.6.1-2etch1_mips.deb\n Size/MD5 checksum: 3027964 fd10c7ea92ae22c46d47bbb74a33cb09\n http://security.debian.org/pool/updates/main/k/koffice/kspread_1.6.1-2etch1_mips.deb\n Size/MD5 checksum: 2389540 361a1addd403469ab65500b6a564160e\n http://security.debian.org/pool/updates/main/k/koffice/kthesaurus_1.6.1-2etch1_mips.deb\n Size/MD5 checksum: 322876 b4929e89a649eac069b3a980a6260f1a\n http://security.debian.org/pool/updates/main/k/koffice/kugar_1.6.1-2etch1_mips.deb\n Size/MD5 checksum: 417726 3256ec7a0dc1288258beba132545d5e7\n http://security.debian.org/pool/updates/main/k/koffice/kword_1.6.1-2etch1_mips.deb\n Size/MD5 checksum: 2552384 968119fb5d1161714a573aaa4f954394\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/k/koffice/karbon_1.6.1-2etch1_mipsel.deb\n Size/MD5 checksum: 953254 7f19a8b262df1722fc47458bcb7e430e\n http://security.debian.org/pool/updates/main/k/koffice/kchart_1.6.1-2etch1_mipsel.deb\n Size/MD5 checksum: 1270304 85ab4899a87db84aea99ee9be0d9adfa\n http://security.debian.org/pool/updates/main/k/koffice/kexi_1.6.1-2etch1_mipsel.deb\n Size/MD5 checksum: 3189052 18aef5788347fed174587cc52d66a549\n http://security.debian.org/pool/updates/main/k/koffice/kformula_1.6.1-2etch1_mipsel.deb\n Size/MD5 checksum: 1029818 4ad49862f52766652cc82b86a3d62dbc\n http://security.debian.org/pool/updates/main/k/koffice/kivio_1.6.1-2etch1_mipsel.deb\n Size/MD5 checksum: 540902 73ea464420bba4307eb3f5aada0c87f5\n http://security.debian.org/pool/updates/main/k/koffice/koffice-dbg_1.6.1-2etch1_mipsel.deb\n Size/MD5 checksum: 57158446 7e5f54707e11bf3dfbfefe762f093ef0\n http://security.debian.org/pool/updates/main/k/koffice/koffice-dev_1.6.1-2etch1_mipsel.deb\n Size/MD5 checksum: 386028 f40359cd2cb7903eff7c7a68b96262bf\n http://security.debian.org/pool/updates/main/k/koffice/koffice-libs_1.6.1-2etch1_mipsel.deb\n Size/MD5 checksum: 2320508 cf93f84747b6c65c31e374eb6ede2500\n http://security.debian.org/pool/updates/main/k/koffice/koshell_1.6.1-2etch1_mipsel.deb\n Size/MD5 checksum: 189704 bd5662c1ecaf3a3fe7ddb9a7926573c6\n http://security.debian.org/pool/updates/main/k/koffice/kplato_1.6.1-2etch1_mipsel.deb\n Size/MD5 checksum: 808498 fe192f9a64cd4fd2c641caa354911216\n http://security.debian.org/pool/updates/main/k/koffice/kpresenter_1.6.1-2etch1_mipsel.deb\n Size/MD5 checksum: 1146604 59424f1e782b84468ddffcf7dce47196\n http://security.debian.org/pool/updates/main/k/koffice/krita_1.6.1-2etch1_mipsel.deb\n Size/MD5 checksum: 3003312 b1f9de7486def2643e1cb2d2e9bdb6e5\n http://security.debian.org/pool/updates/main/k/koffice/kspread_1.6.1-2etch1_mipsel.deb\n Size/MD5 checksum: 2371280 1e2902447a38d776d43682aca475d896\n http://security.debian.org/pool/updates/main/k/koffice/kthesaurus_1.6.1-2etch1_mipsel.deb\n Size/MD5 checksum: 322764 4ed9ada93ae1031734128b8e21e5b396\n http://security.debian.org/pool/updates/main/k/koffice/kugar_1.6.1-2etch1_mipsel.deb\n Size/MD5 checksum: 414920 fe4c9c1da30f2e28c97decb100692645\n http://security.debian.org/pool/updates/main/k/koffice/kword_1.6.1-2etch1_mipsel.deb\n Size/MD5 checksum: 2525352 8b75c3cc94fd3ddc77ec65483e79e6da\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/k/koffice/karbon_1.6.1-2etch1_sparc.deb\n Size/MD5 checksum: 968956 db3737c32053b080375d1bab34869006\n http://security.debian.org/pool/updates/main/k/koffice/kchart_1.6.1-2etch1_sparc.deb\n Size/MD5 checksum: 1311628 500d5274d14c85015ff79f384cd5e9e7\n http://security.debian.org/pool/updates/main/k/koffice/kexi_1.6.1-2etch1_sparc.deb\n Size/MD5 checksum: 3306582 03236bc94677c9f1cbefd868ba8c2582\n http://security.debian.org/pool/updates/main/k/koffice/kformula_1.6.1-2etch1_sparc.deb\n Size/MD5 checksum: 1031196 d5b423ac9375207c93868a54dd1e2f17\n http://security.debian.org/pool/updates/main/k/koffice/kivio_1.6.1-2etch1_sparc.deb\n Size/MD5 checksum: 566984 67a0fe729fe1bb295faf1bb16e593dfc\n http://security.debian.org/pool/updates/main/k/koffice/koffice-dbg_1.6.1-2etch1_sparc.deb\n Size/MD5 checksum: 55037420 8704c92d881cb66edf18a977a5d2a8b9\n http://security.debian.org/pool/updates/main/k/koffice/koffice-dev_1.6.1-2etch1_sparc.deb\n Size/MD5 checksum: 386024 e17227b6d5f0a8a40a17f8c61c60ce0c\n http://security.debian.org/pool/updates/main/k/koffice/koffice-libs_1.6.1-2etch1_sparc.deb\n Size/MD5 checksum: 2458452 7359da294ab7739d92314cb35cc8712c\n http://security.debian.org/pool/updates/main/k/koffice/koshell_1.6.1-2etch1_sparc.deb\n Size/MD5 checksum: 189892 6ae71030836bf1eae327ed4de88459bc\n http://security.debian.org/pool/updates/main/k/koffice/kplato_1.6.1-2etch1_sparc.deb\n Size/MD5 checksum: 863754 d82e5a9117735135e08f033715928b7b\n http://security.debian.org/pool/updates/main/k/koffice/kpresenter_1.6.1-2etch1_sparc.deb\n Size/MD5 checksum: 1242202 f9f41831f5384e2f27300a3337dd1caa\n http://security.debian.org/pool/updates/main/k/koffice/krita_1.6.1-2etch1_sparc.deb\n Size/MD5 checksum: 3070384 f8dc0a40f3a9675a986146ef4439a8ce\n http://security.debian.org/pool/updates/main/k/koffice/kspread_1.6.1-2etch1_sparc.deb\n Size/MD5 checksum: 2542754 3152bc7240739a15551ee6fd7e9fd24e\n http://security.debian.org/pool/updates/main/k/koffice/kthesaurus_1.6.1-2etch1_sparc.deb\n Size/MD5 checksum: 324992 b06f7fde6b64e6a3d35e22e5e8ca7285\n http://security.debian.org/pool/updates/main/k/koffice/kugar_1.6.1-2etch1_sparc.deb\n Size/MD5 checksum: 448896 40876dccfa3a328cd1afa620b782f890\n http://security.debian.org/pool/updates/main/k/koffice/kword_1.6.1-2etch1_sparc.deb\n Size/MD5 checksum: 2634778 a7a1f117b54a9a97a3e272e5a3e75c73\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n\n", "modified": "2007-08-19T00:00:00", "published": "2007-08-19T00:00:00", "id": "DEBIAN:DSA-1357-1:579E3", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00119.html", "title": "[SECURITY] [DSA 1357-1] New koffice packages fix arbitrary code execution", "type": "debian", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "freebsd": [{"lastseen": "2018-08-31T01:15:40", "bulletinFamily": "unix", "description": "\nThe KDE Team reports:\n\nkpdf, the KDE pdf viewer, shares code with xpdf. xpdf contains\n\t a vulnerability that can cause a stack based buffer overflow\n\t via a PDF file that exploits an integer overflow in\n\t StreamPredictor::StreamPredictor(). Remotely supplied\n\t pdf files can be used to disrupt the kpdf viewer on\n\t the client machine and possibly execute arbitrary code.\n\n", "modified": "2009-04-29T00:00:00", "published": "2007-07-30T00:00:00", "id": "0E43A14D-3F3F-11DC-A79A-0016179B2DD5", "href": "https://vuxml.freebsd.org/freebsd/0e43a14d-3f3f-11dc-a79a-0016179b2dd5.html", "title": "xpdf -- stack based buffer overflow", "type": "freebsd", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:23", "bulletinFamily": "software", "description": "=========================================================== \r\nUbuntu Security Notice USN-496-1 August 03, 2007\r\nkoffice vulnerability\r\nCVE-2007-3387\r\n===========================================================\r\n\r\nA security issue affects the following Ubuntu releases:\r\n\r\nUbuntu 6.06 LTS\r\nUbuntu 6.10\r\nUbuntu 7.04\r\n\r\nThis advisory also applies to the corresponding versions of\r\nKubuntu, Edubuntu, and Xubuntu.\r\n\r\nThe problem can be corrected by upgrading your system to the\r\nfollowing package versions:\r\n\r\nUbuntu 6.06 LTS:\r\n kword 1:1.5.0-0ubuntu9.2\r\n\r\nUbuntu 6.10:\r\n kword 1:1.5.2-0ubuntu2.2\r\n\r\nUbuntu 7.04:\r\n kword 1:1.6.2-0ubuntu1.1\r\n\r\nAfter a standard system upgrade you need to restart KWord to effect\r\nthe necessary changes.\r\n\r\nDetails follow:\r\n\r\nDerek Noonburg discovered an integer overflow in the Xpdf function\r\nStreamPredictor::StreamPredictor(). By importing a specially crafted\r\nPDF file into KWord, this could be exploited to run arbitrary code\r\nwith the user's privileges.\r\n\r\n\r\nUpdated packages for Ubuntu 6.06 LTS:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice_1.5.0-0ubuntu9.2.diff.gz\r\n Size/MD5: 300835 16c7582e14982568803321cea7a34f11\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice_1.5.0-0ubuntu9.2.dsc\r\n Size/MD5: 1448 fdadcad8df27cd7b9fabdd6bf93c2243\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice_1.5.0.orig.tar.gz\r\n Size/MD5: 41765094 096962d7a25ec9063510b9340f18f152\r\n\r\n Architecture independent packages:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kivio-data_1.5.0-0ubuntu9.2_all.deb\r\n Size/MD5: 681940 a41c0cf57dbb9e758fed02a7fd5f5f10\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-data_1.5.0-0ubuntu9.2_all.deb\r\n Size/MD5: 747852 4cb1bc23d7a67c0144d1dbe0943cf3f3\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-doc-html_1.5.0-0ubuntu9.2_all.deb\r\n Size/MD5: 464520 7cbc419080f709ec4d82f208b8ccb832\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-doc_1.5.0-0ubuntu9.2_all.deb\r\n Size/MD5: 88042092 e3e3f4a3f740d971bd6625d908fb972d\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice_1.5.0-0ubuntu9.2_all.deb\r\n Size/MD5: 24274 b09c7b32d679bf28f1fc15fbf9dbdfcf\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kpresenter-data_1.5.0-0ubuntu9.2_all.deb\r\n Size/MD5: 1893562 9ade0cb468aef115c13e84f6c1937a8d\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/krita-data_1.5.0-0ubuntu9.2_all.deb\r\n Size/MD5: 9816996 5b74ea5c2ebe28c7bafcb8e516d9ae56\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kword-data_1.5.0-0ubuntu9.2_all.deb\r\n Size/MD5: 1590282 316855e7fac0273faf31af39bc0315b8\r\n\r\n amd64 architecture (Athlon64, Opteron, EM64T Xeon)\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/karbon_1.5.0-0ubuntu9.2_amd64.deb\r\n Size/MD5: 1053202 bbee94bb191ffbaac28ca90f3be56d6c\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kchart_1.5.0-0ubuntu9.2_amd64.deb\r\n Size/MD5: 1305082 eae293a8a2d788021a24ba3205de73ba\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kexi_1.5.0-0ubuntu9.2_amd64.deb\r\n Size/MD5: 3097380 baad146bd7bb1537c508c5e0bf6bd8c2\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kformula_1.5.0-0ubuntu9.2_amd64.deb\r\n Size/MD5: 419496 9a4920191a23268794d67dc7307c791d\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kivio_1.5.0-0ubuntu9.2_amd64.deb\r\n Size/MD5: 609614 06a614654e282f4c94d9fed46adf0f1f\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-dbg_1.5.0-0ubuntu9.2_amd64.deb\r\n Size/MD5: 52548050 a8d5edd29aa9e6d455cc2a6cdc97f7fc\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-dev_1.5.0-0ubuntu9.2_amd64.deb\r\n Size/MD5: 360390 67c1c3923884b5c277cec42645edacd2\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-libs_1.5.0-0ubuntu9.2_amd64.deb\r\n Size/MD5: 2565144 7650f9b98e7bff7116ec2199d3d97255\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koshell_1.5.0-0ubuntu9.2_amd64.deb\r\n Size/MD5: 201256 813cc360b442cc3dcc9abe5d7787da80\r\n http://security.ubuntu.com/ubuntu/pool/universe/k/koffice/kplato_1.5.0-0ubuntu9.2_amd64.deb\r\n Size/MD5: 919800 97ddb98f77504aa094086fcf68681432\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kpresenter_1.5.0-0ubuntu9.2_amd64.deb\r\n Size/MD5: 1415034 1c1cb0c9fc2190c07b7501f67da49553\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/krita_1.5.0-0ubuntu9.2_amd64.deb\r\n Size/MD5: 2914594 9fc42fec80237c0951c6dc899d5d5bf1\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kspread_1.5.0-0ubuntu9.2_amd64.deb\r\n Size/MD5: 2461008 e395c28931e88395e8be151617ee11e4\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kthesaurus_1.5.0-0ubuntu9.2_amd64.deb\r\n Size/MD5: 328556 43e8b7c9da265d19c53ba8d7bce4593b\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kugar_1.5.0-0ubuntu9.2_amd64.deb\r\n Size/MD5: 457654 d357b1a8f97d83419d0ad694039d7309\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kword_1.5.0-0ubuntu9.2_amd64.deb\r\n Size/MD5: 2797184 c60ef574f6927e1053a029c9aaaa3174\r\n\r\n i386 architecture (x86 compatible Intel/AMD)\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/karbon_1.5.0-0ubuntu9.2_i386.deb\r\n Size/MD5: 929832 14b9265f3a3ea764742827912e11a195\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kchart_1.5.0-0ubuntu9.2_i386.deb\r\n Size/MD5: 1232078 5c9ae96116afe9612b728b844d38b6ee\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kexi_1.5.0-0ubuntu9.2_i386.deb\r\n Size/MD5: 2917478 35d9d9cd65723e5cdb570cd935d9b0d9\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kformula_1.5.0-0ubuntu9.2_i386.deb\r\n Size/MD5: 411644 5dbad337484621e7277d696838c71dbe\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kivio_1.5.0-0ubuntu9.2_i386.deb\r\n Size/MD5: 539644 97212d46395319118d412309db8fca3e\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-dbg_1.5.0-0ubuntu9.2_i386.deb\r\n Size/MD5: 47137776 a5e4876a3531be6b9068149d13c5e995\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-dev_1.5.0-0ubuntu9.2_i386.deb\r\n Size/MD5: 360308 2c4edffb90368ad87cef49365ec3634f\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-libs_1.5.0-0ubuntu9.2_i386.deb\r\n Size/MD5: 2315462 61a15e99af55c72a68b28bc96c05cbf5\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koshell_1.5.0-0ubuntu9.2_i386.deb\r\n Size/MD5: 195314 83b423063ebce37cc7c9156f1ec9fd88\r\n http://security.ubuntu.com/ubuntu/pool/universe/k/koffice/kplato_1.5.0-0ubuntu9.2_i386.deb\r\n Size/MD5: 842736 f76134a09b0c5f1608ba0d8bcd80e7a7\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kpresenter_1.5.0-0ubuntu9.2_i386.deb\r\n Size/MD5: 1277164 a7111f5085f6e8e995e64fe06fe17984\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/krita_1.5.0-0ubuntu9.2_i386.deb\r\n Size/MD5: 2578010 3d034f9662eea3a8a8bc04482379d384\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kspread_1.5.0-0ubuntu9.2_i386.deb\r\n Size/MD5: 2276114 924a6310325364152c87930dcc3701f8\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kthesaurus_1.5.0-0ubuntu9.2_i386.deb\r\n Size/MD5: 324430 3f627f5c963a7b133f06cc2ebf0a2ec1\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kugar_1.5.0-0ubuntu9.2_i386.deb\r\n Size/MD5: 436856 14a675182b77274f0cbd4012d93702e9\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kword_1.5.0-0ubuntu9.2_i386.deb\r\n Size/MD5: 2521956 b28caf6d8f9ba3e0873d610d6429ad79\r\n\r\n powerpc architecture (Apple Macintosh G3/G4/G5)\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/karbon_1.5.0-0ubuntu9.2_powerpc.deb\r\n Size/MD5: 1006372 f0b2462500bcf01a1c830bb715b6e13d\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kchart_1.5.0-0ubuntu9.2_powerpc.deb\r\n Size/MD5: 1279634 24c1e5af966707bdc551a8e474623413\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kexi_1.5.0-0ubuntu9.2_powerpc.deb\r\n Size/MD5: 3024006 39972bd7014abef97f7769b5e1bf8a5b\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kformula_1.5.0-0ubuntu9.2_powerpc.deb\r\n Size/MD5: 418116 3f61fd5752220f354ff261d61f177e4e\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kivio_1.5.0-0ubuntu9.2_powerpc.deb\r\n Size/MD5: 580676 2fb8251be3c56cb1967b421b35cad7e2\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-dbg_1.5.0-0ubuntu9.2_powerpc.deb\r\n Size/MD5: 53356706 dc7cf63ad4bc4cf897f3aa48e0b99cfe\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-dev_1.5.0-0ubuntu9.2_powerpc.deb\r\n Size/MD5: 360412 f343e3bf0651cec1ce7ed9c02351fbb1\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-libs_1.5.0-0ubuntu9.2_powerpc.deb\r\n Size/MD5: 2446030 ede24c59320491471880f8620982e99e\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koshell_1.5.0-0ubuntu9.2_powerpc.deb\r\n Size/MD5: 200568 1d88507875916e05f785f262696afef9\r\n http://security.ubuntu.com/ubuntu/pool/universe/k/koffice/kplato_1.5.0-0ubuntu9.2_powerpc.deb\r\n Size/MD5: 865728 eed30a47e2bdd9caf29db6d4582a78c3\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kpresenter_1.5.0-0ubuntu9.2_powerpc.deb\r\n Size/MD5: 1334030 88a949860af59d090cf684e06997096d\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/krita_1.5.0-0ubuntu9.2_powerpc.deb\r\n Size/MD5: 2826012 460d0a28b59ed8f1d02fc0350df08a42\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kspread_1.5.0-0ubuntu9.2_powerpc.deb\r\n Size/MD5: 2347594 332a6804f7fdc669379a7f7211bd19b2\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kthesaurus_1.5.0-0ubuntu9.2_powerpc.deb\r\n Size/MD5: 330132 0e3a50a8c00f49822996bd9e950e0fbd\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kugar_1.5.0-0ubuntu9.2_powerpc.deb\r\n Size/MD5: 454312 1097958c81d9715875288e45f95754df\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kword_1.5.0-0ubuntu9.2_powerpc.deb\r\n Size/MD5: 2667628 00f8bff3362ac171663381a5ce6b330a\r\n\r\n sparc architecture (Sun SPARC/UltraSPARC)\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/karbon_1.5.0-0ubuntu9.2_sparc.deb\r\n Size/MD5: 963216 44d48e7f9fc70e2e58369ace2efd710e\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kchart_1.5.0-0ubuntu9.2_sparc.deb\r\n Size/MD5: 1252996 b3ac313e240f0e938eec1bc7f50965e3\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kexi_1.5.0-0ubuntu9.2_sparc.deb\r\n Size/MD5: 2920098 8620db2b3b88283b90d0893f11aaa748\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kformula_1.5.0-0ubuntu9.2_sparc.deb\r\n Size/MD5: 411694 2558eef1f28abf66b31e1a48e0835f65\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kivio_1.5.0-0ubuntu9.2_sparc.deb\r\n Size/MD5: 560518 122bb033ea2bc23b0d923851d9fdd60e\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-dbg_1.5.0-0ubuntu9.2_sparc.deb\r\n Size/MD5: 48838146 55129d9b55af835c83db25254fd8c8fe\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-dev_1.5.0-0ubuntu9.2_sparc.deb\r\n Size/MD5: 360448 78fbb9bacca98517b6f7cfe8743c05ca\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-libs_1.5.0-0ubuntu9.2_sparc.deb\r\n Size/MD5: 2353478 fad310421f90467b495cc35058e15e1c\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koshell_1.5.0-0ubuntu9.2_sparc.deb\r\n Size/MD5: 195550 b186a3f8d6c73144480eee3dacf46a04\r\n http://security.ubuntu.com/ubuntu/pool/universe/k/koffice/kplato_1.5.0-0ubuntu9.2_sparc.deb\r\n Size/MD5: 857670 72a5aba50e11ed4ded3fb3844f21b49f\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kpresenter_1.5.0-0ubuntu9.2_sparc.deb\r\n Size/MD5: 1311440 b5186f9f2a0293ebece17dae7c0db444\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/krita_1.5.0-0ubuntu9.2_sparc.deb\r\n Size/MD5: 2669090 45ba3c743837014b6c7430b3fb1edf6a\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kspread_1.5.0-0ubuntu9.2_sparc.deb\r\n Size/MD5: 2319908 ea5bab5d859fe4af3d24d2df837aef1e\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kthesaurus_1.5.0-0ubuntu9.2_sparc.deb\r\n Size/MD5: 324898 d25c0b0bc1c270db246892146f50f472\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kugar_1.5.0-0ubuntu9.2_sparc.deb\r\n Size/MD5: 432346 56b605f14a8b93c48742624650c237f3\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kword_1.5.0-0ubuntu9.2_sparc.deb\r\n Size/MD5: 2587492 1f91245f127ad4661d1a499a735c3aac\r\n\r\nUpdated packages for Ubuntu 6.10:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice_1.5.2-0ubuntu2.2.diff.gz\r\n Size/MD5: 292142 a76842190ddabfd23f9cc5a6128acddf\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice_1.5.2-0ubuntu2.2.dsc\r\n Size/MD5: 1450 c3513b092c30286bbb3ccf952843ce37\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice_1.5.2.orig.tar.gz\r\n Size/MD5: 41680992 9ec947e0de1b33df5ca0995fd02087dd\r\n\r\n Architecture independent packages:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kivio-data_1.5.2-0ubuntu2.2_all.deb\r\n Size/MD5: 683036 df0775342a7af9197cf44841027216fc\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-data_1.5.2-0ubuntu2.2_all.deb\r\n Size/MD5: 748754 f2819895ed44a622ed9d0666e89eab8f\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-doc-html_1.5.2-0ubuntu2.2_all.deb\r\n Size/MD5: 467476 c80a8767e9f45b00c4397dfa702ca1eb\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-doc_1.5.2-0ubuntu2.2_all.deb\r\n Size/MD5: 88593522 dd28b76a071e125db68b855d705fc022\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice_1.5.2-0ubuntu2.2_all.deb\r\n Size/MD5: 24612 153a7c2012da751788bfca59a36815f4\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kpresenter-data_1.5.2-0ubuntu2.2_all.deb\r\n Size/MD5: 1896748 4b942db845c1d1990c9147b2e6f23443\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/krita-data_1.5.2-0ubuntu2.2_all.deb\r\n Size/MD5: 9821274 791ad4cc0b9ab19a1d8e9ceb5e051aff\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kword-data_1.5.2-0ubuntu2.2_all.deb\r\n Size/MD5: 1593902 62684e5b591be119f84aacfc6332c117\r\n\r\n amd64 architecture (Athlon64, Opteron, EM64T Xeon)\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/karbon_1.5.2-0ubuntu2.2_amd64.deb\r\n Size/MD5: 1052792 c46cff7a650ae217ed77e208fbd9c9fd\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kchart_1.5.2-0ubuntu2.2_amd64.deb\r\n Size/MD5: 1305436 d4dff76009b756dacf8aa11c34c16918\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kexi_1.5.2-0ubuntu2.2_amd64.deb\r\n Size/MD5: 3098146 8a3975779427b69955980df0cce73133\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kformula_1.5.2-0ubuntu2.2_amd64.deb\r\n Size/MD5: 419306 530f15ba0f9ab303eaf4b57d85486680\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kivio_1.5.2-0ubuntu2.2_amd64.deb\r\n Size/MD5: 609270 097944d1207a32f0d4f4f080900d5f52\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-dbg_1.5.2-0ubuntu2.2_amd64.deb\r\n Size/MD5: 53496798 2ad388220baf403a6f1ab10a066b9f1b\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-dev_1.5.2-0ubuntu2.2_amd64.deb\r\n Size/MD5: 368350 1fa556a00b1a2be8a20d52666296be94\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-libs_1.5.2-0ubuntu2.2_amd64.deb\r\n Size/MD5: 2603700 8750658e971960b583736f38bd209bb3\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koshell_1.5.2-0ubuntu2.2_amd64.deb\r\n Size/MD5: 195570 41c2e6140fbb419c6b7cb823152266c5\r\n http://security.ubuntu.com/ubuntu/pool/universe/k/koffice/kplato_1.5.2-0ubuntu2.2_amd64.deb\r\n Size/MD5: 919668 e86eef0338157263732c922bfd9ee34d\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kpresenter_1.5.2-0ubuntu2.2_amd64.deb\r\n Size/MD5: 1409116 614d17d9c0a3210d47b1fb08909b6f07\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/krita_1.5.2-0ubuntu2.2_amd64.deb\r\n Size/MD5: 2867340 b2007277c85e0cf45e381ad4e5ed3985\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kspread_1.5.2-0ubuntu2.2_amd64.deb\r\n Size/MD5: 2468888 22fd20c60a1ccb4642c04547c3a582dd\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kthesaurus_1.5.2-0ubuntu2.2_amd64.deb\r\n Size/MD5: 329360 731c2de990493166417a16f6ff8d6610\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kugar_1.5.2-0ubuntu2.2_amd64.deb\r\n Size/MD5: 457542 3f1c8a5854eeae995703699818b47566\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kword_1.5.2-0ubuntu2.2_amd64.deb\r\n Size/MD5: 2823676 e51021f5c43466dc641ddc705f4fa90b\r\n\r\n i386 architecture (x86 compatible Intel/AMD)\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/karbon_1.5.2-0ubuntu2.2_i386.deb\r\n Size/MD5: 964862 af7afdee2badbab01847ee1e7116ea69\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kchart_1.5.2-0ubuntu2.2_i386.deb\r\n Size/MD5: 1254012 be4ef4a3c37b333d017f0c2da1706e99\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kexi_1.5.2-0ubuntu2.2_i386.deb\r\n Size/MD5: 2996286 7b338a87aa0d9493a29665e4b96a3ce8\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kformula_1.5.2-0ubuntu2.2_i386.deb\r\n Size/MD5: 413310 9a3410a50832fd786bc4d4767e8683a9\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kivio_1.5.2-0ubuntu2.2_i386.deb\r\n Size/MD5: 556908 4d85511f6f85ea5c656150b461768f71\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-dbg_1.5.2-0ubuntu2.2_i386.deb\r\n Size/MD5: 52105034 585bef4dc35789a3279b8288a613bca6\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-dev_1.5.2-0ubuntu2.2_i386.deb\r\n Size/MD5: 368382 612d429e3bb41046e5b960d099f8f037\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-libs_1.5.2-0ubuntu2.2_i386.deb\r\n Size/MD5: 2419110 657c9c67fcbeaad9d6b3ad84ea3760e7\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koshell_1.5.2-0ubuntu2.2_i386.deb\r\n Size/MD5: 191298 a664ad364dde385f901b105cd0a4cd5d\r\n http://security.ubuntu.com/ubuntu/pool/universe/k/koffice/kplato_1.5.2-0ubuntu2.2_i386.deb\r\n Size/MD5: 865234 b33c142c8993b1f7fa9814e6f30bcfd3\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kpresenter_1.5.2-0ubuntu2.2_i386.deb\r\n Size/MD5: 1313550 6791d6cb78f5f05b3620b8eca302f12b\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/krita_1.5.2-0ubuntu2.2_i386.deb\r\n Size/MD5: 2603880 d546468eedf079d4880b3ecb789e4652\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kspread_1.5.2-0ubuntu2.2_i386.deb\r\n Size/MD5: 2339698 a5332738bac0b713236c79dcfadc1a87\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kthesaurus_1.5.2-0ubuntu2.2_i386.deb\r\n Size/MD5: 325978 085c24555730be735558e740f20aa99c\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kugar_1.5.2-0ubuntu2.2_i386.deb\r\n Size/MD5: 442476 8bb0f26bd7301a11db36a94ed01e6675\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kword_1.5.2-0ubuntu2.2_i386.deb\r\n Size/MD5: 2632222 86f0c86abec86238df3df34c96908111\r\n\r\n powerpc architecture (Apple Macintosh G3/G4/G5)\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/karbon_1.5.2-0ubuntu2.2_powerpc.deb\r\n Size/MD5: 1016840 09c9e6fff21837aeb95e4dbfb19e7de7\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kchart_1.5.2-0ubuntu2.2_powerpc.deb\r\n Size/MD5: 1283746 993658d0e3172a0a70189f8904a0ac1c\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kexi_1.5.2-0ubuntu2.2_powerpc.deb\r\n Size/MD5: 3047984 12b6726b2e9dcdb1959ffa6fb94bb7c6\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kformula_1.5.2-0ubuntu2.2_powerpc.deb\r\n Size/MD5: 418140 3602d58e3984905d159fd8542ab5e257\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kivio_1.5.2-0ubuntu2.2_powerpc.deb\r\n Size/MD5: 585972 9a3bee7e3c4e733ab5f398475c5cc907\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-dbg_1.5.2-0ubuntu2.2_powerpc.deb\r\n Size/MD5: 55180624 de22dbecc01bbbba126d63e5e339bed7\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-dev_1.5.2-0ubuntu2.2_powerpc.deb\r\n Size/MD5: 368376 2ef60ec228389700966a9023c494baf8\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-libs_1.5.2-0ubuntu2.2_powerpc.deb\r\n Size/MD5: 2496830 67029e3095f56fc2b069b24d8dadbfbf\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koshell_1.5.2-0ubuntu2.2_powerpc.deb\r\n Size/MD5: 194432 9ca5c6798c68ad5012ebd3b2efc2e4ea\r\n http://security.ubuntu.com/ubuntu/pool/universe/k/koffice/kplato_1.5.2-0ubuntu2.2_powerpc.deb\r\n Size/MD5: 868370 b2774643a52fa223006b054821cf400c\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kpresenter_1.5.2-0ubuntu2.2_powerpc.deb\r\n Size/MD5: 1341348 68f341ceab24129a669432431381784d\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/krita_1.5.2-0ubuntu2.2_powerpc.deb\r\n Size/MD5: 2787150 453dcfc46bfb3ceef8d12a83bb36cd1f\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kspread_1.5.2-0ubuntu2.2_powerpc.deb\r\n Size/MD5: 2366586 e873f1336960fb243b5a7929f7ab573f\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kthesaurus_1.5.2-0ubuntu2.2_powerpc.deb\r\n Size/MD5: 330940 a3e3edaad84cab1f48cd4e5f687cb6f7\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kugar_1.5.2-0ubuntu2.2_powerpc.deb\r\n Size/MD5: 455356 9163b5fac890d66069f4b1a760b157b2\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kword_1.5.2-0ubuntu2.2_powerpc.deb\r\n Size/MD5: 2720094 284546c4ab8fa1de424ff1dbd4b0b95f\r\n\r\n sparc architecture (Sun SPARC/UltraSPARC)\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/karbon_1.5.2-0ubuntu2.2_sparc.deb\r\n Size/MD5: 970192 01a17dc36ae6cd9f69334c588ad09f2b\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kchart_1.5.2-0ubuntu2.2_sparc.deb\r\n Size/MD5: 1256084 2863464f5f97936c802cca5fa2ebd16c\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kexi_1.5.2-0ubuntu2.2_sparc.deb\r\n Size/MD5: 2929136 747ae0c6798ca7634c0bef599cbd5252\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kformula_1.5.2-0ubuntu2.2_sparc.deb\r\n Size/MD5: 411530 461f246e0518fe5c4fcfd7f4e431cd14\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kivio_1.5.2-0ubuntu2.2_sparc.deb\r\n Size/MD5: 567296 2cf82073efa93ec257fbd86cc1831898\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-dbg_1.5.2-0ubuntu2.2_sparc.deb\r\n Size/MD5: 51179966 2f941dd7c0aa6236e97b7433ce46e78f\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-dev_1.5.2-0ubuntu2.2_sparc.deb\r\n Size/MD5: 368378 f80c7d042506d6c96d9715c636f3f6dc\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-libs_1.5.2-0ubuntu2.2_sparc.deb\r\n Size/MD5: 2392682 66de8552c8b6de96e7808b3d6f4d80a0\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koshell_1.5.2-0ubuntu2.2_sparc.deb\r\n Size/MD5: 190284 f40d6ddf175d743d2192f736cc2ebce8\r\n http://security.ubuntu.com/ubuntu/pool/universe/k/koffice/kplato_1.5.2-0ubuntu2.2_sparc.deb\r\n Size/MD5: 856372 92f1c5e2aea37690df79a8739d2033a4\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kpresenter_1.5.2-0ubuntu2.2_sparc.deb\r\n Size/MD5: 1315434 0b4a4d40defd5c6dc98bb6a2fc6a9795\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/krita_1.5.2-0ubuntu2.2_sparc.deb\r\n Size/MD5: 2648980 c461a128c1a91427c7545be52f543e56\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kspread_1.5.2-0ubuntu2.2_sparc.deb\r\n Size/MD5: 2330486 78e829259fc84be8ba81f0261e94520a\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kthesaurus_1.5.2-0ubuntu2.2_sparc.deb\r\n Size/MD5: 325644 38bcaa30470f37ad702579420a2ff159\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kugar_1.5.2-0ubuntu2.2_sparc.deb\r\n Size/MD5: 446622 b235b4a0d20be528cae99ff56f009efd\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kword_1.5.2-0ubuntu2.2_sparc.deb\r\n Size/MD5: 2630664 f332670382f81ced2072ca267da4171e\r\n\r\nUpdated packages for Ubuntu 7.04:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice_1.6.2-0ubuntu1.1.diff.gz\r\n Size/MD5: 1072220 568dcf4ea970404f550f36dc2a8cee37\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice_1.6.2-0ubuntu1.1.dsc\r\n Size/MD5: 1558 28845f2eb6da98327c4f0b9c1deaca06\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice_1.6.2.orig.tar.gz\r\n Size/MD5: 63327839 cae5ffd9966bc474a28dcab9f590b657\r\n\r\n Architecture independent packages:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kivio-data_1.6.2-0ubuntu1.1_all.deb\r\n Size/MD5: 684918 fe45745280faca2ca788d93ff18890ce\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-data_1.6.2-0ubuntu1.1_all.deb\r\n Size/MD5: 751448 adfca2b8086dc8a0c1ff322c1e0af469\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-doc-html_1.6.2-0ubuntu1.1_all.deb\r\n Size/MD5: 524412 956d13f27ff1a8970235ebcd7a9910a6\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-doc_1.6.2-0ubuntu1.1_all.deb\r\n Size/MD5: 94365858 0a05dfdc71cbc3436e868a0bfd31796c\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice_1.6.2-0ubuntu1.1_all.deb\r\n Size/MD5: 25368 2bfb781306f46225dec61f7a162dc21d\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kpresenter-data_1.6.2-0ubuntu1.1_all.deb\r\n Size/MD5: 1904508 e4926a630c19ab9e2a8594dd209a3e58\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/krita-data_1.6.2-0ubuntu1.1_all.deb\r\n Size/MD5: 29001516 251f79c308e4f3109abbf36316922f54\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kword-data_1.6.2-0ubuntu1.1_all.deb\r\n Size/MD5: 1775460 6dc84bf3f39f29947e21861d6d91f5a9\r\n\r\n amd64 architecture (Athlon64, Opteron, EM64T Xeon)\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/karbon_1.6.2-0ubuntu1.1_amd64.deb\r\n Size/MD5: 1086280 97f0c5371b524503b8fdf83506d400b9\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kchart_1.6.2-0ubuntu1.1_amd64.deb\r\n Size/MD5: 1382918 33494c5614720f4a9a400e31c0e18daa\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kexi_1.6.2-0ubuntu1.1_amd64.deb\r\n Size/MD5: 3574032 8ee92f68ab062cac500f78179f83a63a\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kformula_1.6.2-0ubuntu1.1_amd64.deb\r\n Size/MD5: 1043308 66b215b304b29b13a909d6b98d972c3b\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kivio_1.6.2-0ubuntu1.1_amd64.deb\r\n Size/MD5: 631776 5d6e8c76ecf3b8c913180d063d94b2f0\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-dbg_1.6.2-0ubuntu1.1_amd64.deb\r\n Size/MD5: 57109266 6cf2381229ac605ae52c554f82fce48d\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-dev_1.6.2-0ubuntu1.1_amd64.deb\r\n Size/MD5: 408398 222c1fa8ac923c0cef80a160a9ff96f4\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-libs_1.6.2-0ubuntu1.1_amd64.deb\r\n Size/MD5: 2752480 1e75d78d6676c07b2ef3fe1bac81599a\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koshell_1.6.2-0ubuntu1.1_amd64.deb\r\n Size/MD5: 198078 3bad98e696d72e13456836e184f6a763\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kplato_1.6.2-0ubuntu1.1_amd64.deb\r\n Size/MD5: 961374 bac36b01123d9fa1f8311ee8876f47b2\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kpresenter_1.6.2-0ubuntu1.1_amd64.deb\r\n Size/MD5: 1369222 1a3efae458f1f4782552bac052ebee6e\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/krita_1.6.2-0ubuntu1.1_amd64.deb\r\n Size/MD5: 3431336 ff18851b253182337b087b7889d43571\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kspread_1.6.2-0ubuntu1.1_amd64.deb\r\n Size/MD5: 2755208 5c244823872e49b877a1d27021867cb5\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kthesaurus_1.6.2-0ubuntu1.1_amd64.deb\r\n Size/MD5: 330536 4a0d4869dbc43ed05851c8dbaf1b4e80\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kugar_1.6.2-0ubuntu1.1_amd64.deb\r\n Size/MD5: 467842 a396bc540e4220f7d97fcacd046319e2\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kword_1.6.2-0ubuntu1.1_amd64.deb\r\n Size/MD5: 2916454 17ff56affc8533cba237203beb70201f\r\n\r\n i386 architecture (x86 compatible Intel/AMD)\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/karbon_1.6.2-0ubuntu1.1_i386.deb\r\n Size/MD5: 995572 c80be409fae3911fd6a0f0ca4e1da9e6\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kchart_1.6.2-0ubuntu1.1_i386.deb\r\n Size/MD5: 1326330 d6d40a0170c9872cad68caf56ad5ac2c\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kexi_1.6.2-0ubuntu1.1_i386.deb\r\n Size/MD5: 3469162 1e7c52b0184213d0876671681d477c9b\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kformula_1.6.2-0ubuntu1.1_i386.deb\r\n Size/MD5: 1037524 576a9f273b77bf44bc321d3bfb0ef342\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kivio_1.6.2-0ubuntu1.1_i386.deb\r\n Size/MD5: 578174 0c8520fe9ecd713c29d327180daeba71\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-dbg_1.6.2-0ubuntu1.1_i386.deb\r\n Size/MD5: 55638590 0051d2b54ba49c214f9eae96081bd19f\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-dev_1.6.2-0ubuntu1.1_i386.deb\r\n Size/MD5: 408404 98c56a23e567aa739c24d43ec1c74266\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-libs_1.6.2-0ubuntu1.1_i386.deb\r\n Size/MD5: 2555174 eaebd95c4d1d504b7d7405afe314f859\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koshell_1.6.2-0ubuntu1.1_i386.deb\r\n Size/MD5: 193972 87182cbd6d30a6a4bf7b9342eac1b80f\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kplato_1.6.2-0ubuntu1.1_i386.deb\r\n Size/MD5: 904348 3d53a02508c047eda9516a7c4b1938bb\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kpresenter_1.6.2-0ubuntu1.1_i386.deb\r\n Size/MD5: 1276110 153fc722ca52ce085df634d5a19e663b\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/krita_1.6.2-0ubuntu1.1_i386.deb\r\n Size/MD5: 3116052 cdeddb67760144c8983c0a01d8a71094\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kspread_1.6.2-0ubuntu1.1_i386.deb\r\n Size/MD5: 2619850 d7482a2b3af49b3f2df0090f87e5c598\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kthesaurus_1.6.2-0ubuntu1.1_i386.deb\r\n Size/MD5: 327380 5d75dc13269f597e495e31dc3ffbb39a\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kugar_1.6.2-0ubuntu1.1_i386.deb\r\n Size/MD5: 452796 732c77e1447f4935fe11a617e73036d9\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kword_1.6.2-0ubuntu1.1_i386.deb\r\n Size/MD5: 2719190 05928600d581598c31004ea7b8abda70\r\n\r\n powerpc architecture (Apple Macintosh G3/G4/G5)\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/karbon_1.6.2-0ubuntu1.1_powerpc.deb\r\n Size/MD5: 1111208 1fbdfb3a723455452efb05aa894a0bdc\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kchart_1.6.2-0ubuntu1.1_powerpc.deb\r\n Size/MD5: 1388198 abf8e3430628fdd78c284a5601bd5213\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kexi_1.6.2-0ubuntu1.1_powerpc.deb\r\n Size/MD5: 3675590 176624bd28b3c1da385c12322b5097bf\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kformula_1.6.2-0ubuntu1.1_powerpc.deb\r\n Size/MD5: 1048940 4615b69c508b2a960b5b8918b022c7da\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kivio_1.6.2-0ubuntu1.1_powerpc.deb\r\n Size/MD5: 645948 42163720a8d5f14d0794830d6fa7d9a3\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-dbg_1.6.2-0ubuntu1.1_powerpc.deb\r\n Size/MD5: 58946426 0704e89f19df6fa2c1293406c587b4bb\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-dev_1.6.2-0ubuntu1.1_powerpc.deb\r\n Size/MD5: 408428 32f51fc3f780bbb3e256ce74d9b12a60\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-libs_1.6.2-0ubuntu1.1_powerpc.deb\r\n Size/MD5: 2778204 d33fd4e0b2fc8bde5e9bdb14e276258d\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koshell_1.6.2-0ubuntu1.1_powerpc.deb\r\n Size/MD5: 201780 3fb3556fbcac80b10036716157e04ca1\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kplato_1.6.2-0ubuntu1.1_powerpc.deb\r\n Size/MD5: 942816 7aa3318c8547289b5a9b7d6be0c00210\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kpresenter_1.6.2-0ubuntu1.1_powerpc.deb\r\n Size/MD5: 1370840 415a386f5804963dc1a72c5189eff29d\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/krita_1.6.2-0ubuntu1.1_powerpc.deb\r\n Size/MD5: 3570404 577d4275a3006da5d279873e23698bfa\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kspread_1.6.2-0ubuntu1.1_powerpc.deb\r\n Size/MD5: 2748922 3ad18073fc79ceb796e6f7cdb9753fa0\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kthesaurus_1.6.2-0ubuntu1.1_powerpc.deb\r\n Size/MD5: 336120 d790a93dd267b4a47b33d32262061f1a\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kugar_1.6.2-0ubuntu1.1_powerpc.deb\r\n Size/MD5: 483528 b3366968b71a564cf8cd7e6226069e8d\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kword_1.6.2-0ubuntu1.1_powerpc.deb\r\n Size/MD5: 2927694 62d3b2ad859e8d621f7fdacc67527621\r\n\r\n sparc architecture (Sun SPARC/UltraSPARC)\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/karbon_1.6.2-0ubuntu1.1_sparc.deb\r\n Size/MD5: 1003146 aab89dfcc9d1bb8e1ecc80a03f4d92fb\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kchart_1.6.2-0ubuntu1.1_sparc.deb\r\n Size/MD5: 1329992 676f2b96772fa229ac466f742d31205b\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kexi_1.6.2-0ubuntu1.1_sparc.deb\r\n Size/MD5: 3414326 0ff0f42fc47759682daa468875d5ff66\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kformula_1.6.2-0ubuntu1.1_sparc.deb\r\n Size/MD5: 1035824 577c9373b48afd6e5d5d579bab61a72c\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kivio_1.6.2-0ubuntu1.1_sparc.deb\r\n Size/MD5: 589152 99daf5ee36b9ffbe9fe2048d8dadd659\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-dbg_1.6.2-0ubuntu1.1_sparc.deb\r\n Size/MD5: 54778912 1602f3423fd85b56d5e22f6d4d75a516\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-dev_1.6.2-0ubuntu1.1_sparc.deb\r\n Size/MD5: 408442 2a8b73e503e84243700b561de10c6000\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koffice-libs_1.6.2-0ubuntu1.1_sparc.deb\r\n Size/MD5: 2549200 24da8029874f4295a95195c1ba24191a\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/koshell_1.6.2-0ubuntu1.1_sparc.deb\r\n Size/MD5: 192864 bf7f6ddc6ed493382b44afd54424045d\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kplato_1.6.2-0ubuntu1.1_sparc.deb\r\n Size/MD5: 898574 5c836d1af84c6bf0544c55aec6fc9205\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kpresenter_1.6.2-0ubuntu1.1_sparc.deb\r\n Size/MD5: 1283842 8b5cc78786a65fa5831894a46afeb9ae\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/krita_1.6.2-0ubuntu1.1_sparc.deb\r\n Size/MD5: 3174718 c26c8f7b9544f877fcff3a9a225931c7\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kspread_1.6.2-0ubuntu1.1_sparc.deb\r\n Size/MD5: 2610398 5a7eb696d9620466ff3655fe192b39f7\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kthesaurus_1.6.2-0ubuntu1.1_sparc.deb\r\n Size/MD5: 327090 4424f9581aa382ad89427d255b0861e3\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kugar_1.6.2-0ubuntu1.1_sparc.deb\r\n Size/MD5: 456384 b1ad370d466ebe6b5c03dc8f55d512dd\r\n http://security.ubuntu.com/ubuntu/pool/main/k/koffice/kword_1.6.2-0ubuntu1.1_sparc.deb\r\n Size/MD5: 2712696 51ea150f553b3df79e85c6cca1cb591a", "modified": "2007-08-03T00:00:00", "published": "2007-08-03T00:00:00", "id": "SECURITYVULNS:DOC:17685", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:17685", "title": "[USN-496-1] koffice vulnerability", "type": "securityvulns", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:40", "bulletinFamily": "unix", "description": "### Background\n\nPDFKit is a framework for rendering of PDF content in GNUstep applications. ImageKits is a collection of frameworks to support imaging in GNUstep applications. \n\n### Description\n\nMaurycy Prodeus discovered an integer overflow vulnerability possibly leading to a stack-based buffer overflow in the XPDF code which PDFKit is based on. ImageKits also contains a copy of PDFKit. \n\n### Impact\n\nBy enticing a user to view a specially crafted PDF file with a viewer based on ImageKits or PDFKit such as Gentoo's ViewPDF, a remote attacker could cause an overflow, potentially resulting in the execution of arbitrary code with the privileges of the user running the application. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nPDFKit and ImageKits are not maintained upstream, so the packages were masked in Portage. We recommend that users unmerge PDFKit and ImageKits: \n \n \n # emerge --unmerge gnustep-libs/pdfkit\n # emerge --unmerge gnustep-libs/imagekits\n\nAs an alternative, users should upgrade their systems to use PopplerKit instead of PDFKit and Vindaloo instead of ViewPDF.", "modified": "2007-10-18T00:00:00", "published": "2007-10-18T00:00:00", "id": "GLSA-200710-20", "href": "https://security.gentoo.org/glsa/200710-20", "type": "gentoo", "title": "PDFKit, ImageKits: Buffer overflow", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-06T19:46:32", "bulletinFamily": "unix", "description": "### Background\n\nKOffice is an integrated office suite for KDE. KWord is the KOffice word processor. KPDF is a KDE-based PDF viewer included in the kdegraphics package. \n\n### Description\n\nKPDF includes code from xpdf that is vulnerable to an integer overflow in the StreamPredictor::StreamPredictor() function. \n\n### Impact\n\nA remote attacker could entice a user to open a specially crafted PDF file in KWord or KPDF that would exploit the integer overflow to cause a stack-based buffer overflow in the StreamPredictor::getNextLine() function, possibly resulting in the execution of arbitrary code with the privileges of the user running the application. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll KOffice users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-office/koffice-1.6.3-r1\"\n\nAll KWord users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-office/kword-1.6.3-r1\"\n\nAll KDE Graphics Libraries users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=kde-base/kdegraphics-3.5.7-r1\"\n\nAll KPDF users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=kde-base/kpdf-3.5.7-r1\"", "modified": "2007-10-09T00:00:00", "published": "2007-10-09T00:00:00", "id": "GLSA-200710-08", "href": "https://security.gentoo.org/glsa/200710-08", "type": "gentoo", "title": "KOffice, KWord, KPDF, KDE Graphics Libraries: Stack-based buffer overflow", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "ubuntu": [{"lastseen": "2019-01-29T20:34:01", "bulletinFamily": "unix", "description": "USN-496-1 fixed a vulnerability in koffice. This update provides the corresponding updates for poppler, the library used for PDF handling in Gnome.\n\nOriginal advisory details:\n\nDerek Noonburg discovered an integer overflow in the Xpdf function StreamPredictor::StreamPredictor(). By importing a specially crafted PDF file into KWord, this could be exploited to run arbitrary code with the user\u2019s privileges.", "modified": "2007-08-07T00:00:00", "published": "2007-08-07T00:00:00", "id": "USN-496-2", "href": "https://usn.ubuntu.com/496-2/", "title": "poppler vulnerability", "type": "ubuntu", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-01-29T20:34:09", "bulletinFamily": "unix", "description": "Derek Noonburg discovered an integer overflow in the Xpdf function StreamPredictor::StreamPredictor(). By importing a specially crafted PDF file into KWord, this could be exploited to run arbitrary code with the user\u2019s privileges.", "modified": "2007-08-03T00:00:00", "published": "2007-08-03T00:00:00", "id": "USN-496-1", "href": "https://usn.ubuntu.com/496-1/", "title": "koffice vulnerability", "type": "ubuntu", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "oraclelinux": [{"lastseen": "2018-08-31T01:42:58", "bulletinFamily": "unix", "description": " [2.0.2-22.0.1.EL4.8]\n - backport upstream fix for xpdf integer overflow CVE-2007-3387 (#248207)\n Resolves: #248207 ", "modified": "2007-08-01T00:00:00", "published": "2007-08-01T00:00:00", "id": "ELSA-2007-0731", "href": "http://linux.oracle.com/errata/ELSA-2007-0731.html", "title": "Important: tetex security update ", "type": "oraclelinux", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T01:45:03", "bulletinFamily": "unix", "description": " [0.5.4-4.1]\n - Add patch to fix CVE-2007-3387 (#248212). ", "modified": "2007-07-30T00:00:00", "published": "2007-07-30T00:00:00", "id": "ELSA-2007-0732", "href": "http://linux.oracle.com/errata/ELSA-2007-0732.html", "title": "Important: poppler security update ", "type": "oraclelinux", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T01:44:23", "bulletinFamily": "unix", "description": " [3.00-12.RHEL4]\n - Resolves: bz#248199, CVE-2007-3387 xpdf integer overflow ", "modified": "2007-07-30T00:00:00", "published": "2007-07-30T00:00:00", "id": "ELSA-2007-0735", "href": "http://linux.oracle.com/errata/ELSA-2007-0735.html", "title": "Important: xpdf security update ", "type": "oraclelinux", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T01:40:19", "bulletinFamily": "unix", "description": " [1.1.22-0.rc1.9.20.2]\n - Better patch for CVE-2007-3387 (bug #248220).\n \n [1.1.22-0.rc1.9.20.1]\n - Applied patch to fix CVE-2007-3387 (bug #248220). ", "modified": "2007-07-30T00:00:00", "published": "2007-07-30T00:00:00", "id": "ELSA-2007-0720", "href": "http://linux.oracle.com/errata/ELSA-2007-0720.html", "title": "Important: cups security update ", "type": "oraclelinux", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:36", "bulletinFamily": "software", "description": "## Solution Description\nUpgrade to version 0.3.2 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## References:\n[Secunia Advisory ID:26627](https://secuniaresearch.flexerasoftware.com/advisories/26627/)\nOther Advisory URL: http://sourceforge.net/project/shownotes.php?release_id=535497\n[CVE-2007-3387](https://vulners.com/cve/CVE-2007-3387)\n", "modified": "2007-08-29T16:18:51", "published": "2007-08-29T16:18:51", "href": "https://vulners.com/osvdb/OSVDB:40127", "id": "OSVDB:40127", "title": "PDFedit StreamPredictor::StreamPredictor() PDF Handling Overflow", "type": "osvdb", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "openvas": [{"lastseen": "2018-09-28T18:25:42", "bulletinFamily": "scanner", "description": "Oracle Linux Local Security Checks ELSA-2007-0731", "modified": "2018-09-28T00:00:00", "published": "2015-10-08T00:00:00", "id": "OPENVAS:1361412562310122668", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122668", "title": "Oracle Linux Local Check: ELSA-2007-0731", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2007-0731.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122668\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-08 14:50:43 +0300 (Thu, 08 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2007-0731\");\n script_tag(name:\"insight\", value:\"ELSA-2007-0731 - Important: tetex security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2007-0731\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2007-0731.html\");\n script_cve_id(\"CVE-2007-3387\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"tetex\", rpm:\"tetex~3.0~33.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tetex-afm\", rpm:\"tetex-afm~3.0~33.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tetex-doc\", rpm:\"tetex-doc~3.0~33.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tetex-dvips\", rpm:\"tetex-dvips~3.0~33.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tetex-fonts\", rpm:\"tetex-fonts~3.0~33.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tetex-latex\", rpm:\"tetex-latex~3.0~33.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"tetex-xdvi\", rpm:\"tetex-xdvi~3.0~33.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:49:52", "bulletinFamily": "scanner", "description": "The remote host is missing updates announced in\nadvisory GLSA 200710-08.", "modified": "2017-07-07T00:00:00", "published": "2008-09-24T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=58656", "id": "OPENVAS:58656", "title": "Gentoo Security Advisory GLSA 200710-08 (koffice, kword, kdegraphics, kpdf)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"KPDF includes code from xpdf that is vulnerable to a stack-based buffer\noverflow.\";\ntag_solution = \"All KOffice users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-office/koffice-1.6.3-r1'\n\nAll KWord users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-office/kword-1.6.3-r1'\n\nAll KDE Graphics Libraries users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=kde-base/kdegraphics-3.5.7-r1'\n\nAll KPDF users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=kde-base/kpdf-3.5.7-r1'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200710-08\nhttp://bugs.gentoo.org/show_bug.cgi?id=187139\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200710-08.\";\n\n \n\nif(description)\n{\n script_id(58656);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2007-3387\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Gentoo Security Advisory GLSA 200710-08 (koffice, kword, kdegraphics, kpdf)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"app-office/koffice\", unaffected: make_list(\"ge 1.6.3-r1\"), vulnerable: make_list(\"lt 1.6.3-r1\"))) != NULL) {\n report += res;\n}\nif ((res = ispkgvuln(pkg:\"app-office/kword\", unaffected: make_list(\"ge 1.6.3-r1\"), vulnerable: make_list(\"lt 1.6.3-r1\"))) != NULL) {\n report += res;\n}\nif ((res = ispkgvuln(pkg:\"kde-base/kdegraphics\", unaffected: make_list(\"ge 3.5.7-r1\"), vulnerable: make_list(\"lt 3.5.7-r1\"))) != NULL) {\n report += res;\n}\nif ((res = ispkgvuln(pkg:\"kde-base/kpdf\", unaffected: make_list(\"ge 3.5.7-r1\"), vulnerable: make_list(\"lt 3.5.7-r1\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:50:05", "bulletinFamily": "scanner", "description": "The remote host is missing an update to xpdf\nannounced via advisory DSA 1347-1.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=58517", "id": "OPENVAS:58517", "title": "Debian Security Advisory DSA 1347-1 (xpdf)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1347_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1347-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that an integer overflow in the xpdf PDF viewer may lead\nto the execution of arbitrary code if a malformed PDF file is opened.\n\nFor the oldstable distribution (sarge) this problem has been fixed in\nversion 3.00-13.7.\n\nFor the stable distribution (etch) this problem has been fixed in\nversion 3.01-9etch1.\n\nFor the unstable distribution (sid) this problem will be fixed soon.\n\nWe recommend that you upgrade your xpdf packages.\";\ntag_summary = \"The remote host is missing an update to xpdf\nannounced via advisory DSA 1347-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201347-1\";\n\nif(description)\n{\n script_id(58517);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 23:19:52 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2007-3387\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Debian Security Advisory DSA 1347-1 (xpdf)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"xpdf-common\", ver:\"3.00-13.7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xpdf\", ver:\"3.00-13.7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xpdf-reader\", ver:\"3.00-13.7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xpdf-utils\", ver:\"3.00-13.7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xpdf-common\", ver:\"3.01-9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xpdf\", ver:\"3.01-9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xpdf-reader\", ver:\"3.01-9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xpdf-utils\", ver:\"3.01-9etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:50:02", "bulletinFamily": "scanner", "description": "The remote host is missing an update to pdfkit.framework\nannounced via advisory DSA 1352-1.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=58523", "id": "OPENVAS:58523", "title": "Debian Security Advisory DSA 1352-1 (pdfkit.framework)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1352_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1352-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that an integer overflow in the xpdf PDF viewer may lead\nto the execution of arbitrary code if a malformed PDF file is opened.\n\npdfkit.framework includes a copy of the xpdf code and required an update\nas well.\n\nFor the oldstable distribution (sarge) this problem has been fixed in\nversion 0.8-2sarge4.\n\nThe package from the stable distribution (etch) links dynamically\nagainst libpoppler and doesn't require a separate update.\n\nThe package from the unstable distribution (sid) links dynamically\nagainst libpoppler and doesn't require a separate update.\n\nWe recommend that you upgrade your pdfkit.framework packages.\";\ntag_summary = \"The remote host is missing an update to pdfkit.framework\nannounced via advisory DSA 1352-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201352-1\";\n\nif(description)\n{\n script_id(58523);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 23:19:52 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2007-3387\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Debian Security Advisory DSA 1352-1 (pdfkit.framework)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"pdfkit.framework\", ver:\"0.8-2sarge4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:10:27", "bulletinFamily": "scanner", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "modified": "2016-10-05T00:00:00", "published": "2008-09-04T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=58817", "id": "OPENVAS:58817", "title": "FreeBSD Ports: xpdf, zh-xpdf, ja-xpdf, ko-xpdf", "type": "openvas", "sourceData": "#\n#VID 0e43a14d-3f3f-11dc-a79a-0016179b2dd5\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from vuxml or freebsd advisories\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n xpdf\n zh-xpdf\n ja-xpdf\n ko-xpdf\n kdegraphics\n cups-base\n gpdf\n pdftohtml\n poppler\n\n=====\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.kde.org/info/security/advisory-20070730-1.txt\nhttp://www.vuxml.org/freebsd/0e43a14d-3f3f-11dc-a79a-0016179b2dd5.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\nif(description)\n{\n script_id(58817);\n script_version(\"$Revision: 4218 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-10-05 16:20:48 +0200 (Wed, 05 Oct 2016) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)\");\n script_cve_id(\"CVE-2007-3387\");\n script_bugtraq_id(25124);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"FreeBSD Ports: xpdf, zh-xpdf, ja-xpdf, ko-xpdf\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"xpdf\");\nif(!isnull(bver) && revcomp(a:bver, b:\"3.02_2\")<0) {\n txt += 'Package xpdf version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"zh-xpdf\");\nif(!isnull(bver) && revcomp(a:bver, b:\"3.02_2\")<0) {\n txt += 'Package zh-xpdf version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"ja-xpdf\");\nif(!isnull(bver) && revcomp(a:bver, b:\"3.02_2\")<0) {\n txt += 'Package ja-xpdf version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"ko-xpdf\");\nif(!isnull(bver) && revcomp(a:bver, b:\"3.02_2\")<0) {\n txt += 'Package ko-xpdf version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"kdegraphics\");\nif(!isnull(bver) && revcomp(a:bver, b:\"3.5.7_1\")<0) {\n txt += 'Package kdegraphics version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"cups-base\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.2.11_3\")<0) {\n txt += 'Package cups-base version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"gpdf\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0\")>0) {\n txt += 'Package gpdf version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"pdftohtml\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0\")>0) {\n txt += 'Package pdftohtml version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"poppler\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.5.9_4\")<0) {\n txt += 'Package poppler version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:18", "bulletinFamily": "scanner", "description": "Check for the Version of cups", "modified": "2017-07-10T00:00:00", "published": "2009-02-27T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=861052", "id": "OPENVAS:861052", "title": "Fedora Update for cups FEDORA-2007-1541", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for cups FEDORA-2007-1541\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"cups on Fedora 7\";\ntag_insight = \"The Common UNIX Printing System provides a portable printing layer for\n UNIX\u00ae operating systems. It has been developed by Easy Software Products\n to promote a standard printing solution for all UNIX vendors and users.\n CUPS provides the System V and Berkeley command-line interfaces.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2007-August/msg00153.html\");\n script_id(861052);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 15:48:41 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2007-1541\");\n script_cve_id(\"CVE-2007-3387\");\n script_name( \"Fedora Update for cups FEDORA-2007-1541\");\n\n script_summary(\"Check for the Version of cups\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.2.12~4.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-devel\", rpm:\"cups-devel~1.2.12~4.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-libs\", rpm:\"cups-libs~1.2.12~4.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-debuginfo\", rpm:\"cups-debuginfo~1.2.12~4.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-lpd\", rpm:\"cups-lpd~1.2.12~4.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.2.12~4.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-libs\", rpm:\"cups-libs~1.2.12~4.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-debuginfo\", rpm:\"cups-debuginfo~1.2.12~4.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.2.12~4.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-devel\", rpm:\"cups-devel~1.2.12~4.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-lpd\", rpm:\"cups-lpd~1.2.12~4.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:56:22", "bulletinFamily": "scanner", "description": "Check for the Version of cups", "modified": "2017-07-06T00:00:00", "published": "2009-04-09T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=830083", "id": "OPENVAS:830083", "title": "Mandriva Update for cups MDKSA-2007:165 (cups)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for cups MDKSA-2007:165 (cups)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Maurycy Prodeus found an integer overflow vulnerability in the way\n various PDF viewers processed PDF files. An attacker could create\n a malicious PDF file that could cause cups to crash and possibly\n execute arbitrary code open a user opening the file.\n\n This update provides packages which are patched to prevent these\n issues.\";\n\ntag_affected = \"cups on Mandriva Linux 2007.0,\n Mandriva Linux 2007.0/X86_64,\n Mandriva Linux 2007.1,\n Mandriva Linux 2007.1/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2007-08/msg00007.php\");\n script_id(830083);\n script_version(\"$Revision: 6568 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:04:21 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 13:57:01 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"MDKSA\", value: \"2007:165\");\n script_cve_id(\"CVE-2007-3387\");\n script_name( \"Mandriva Update for cups MDKSA-2007:165 (cups)\");\n\n script_summary(\"Check for the Version of cups\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2007.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.2.10~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-common\", rpm:\"cups-common~1.2.10~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-serial\", rpm:\"cups-serial~1.2.10~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libcups2\", rpm:\"libcups2~1.2.10~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libcups2-devel\", rpm:\"libcups2-devel~1.2.10~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cups\", rpm:\"php-cups~1.2.10~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64cups2\", rpm:\"lib64cups2~1.2.10~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64cups2-devel\", rpm:\"lib64cups2-devel~1.2.10~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2007.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"cups\", rpm:\"cups~1.2.4~1.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-common\", rpm:\"cups-common~1.2.4~1.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cups-serial\", rpm:\"cups-serial~1.2.4~1.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libcups2\", rpm:\"libcups2~1.2.4~1.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libcups2-devel\", rpm:\"libcups2-devel~1.2.4~1.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"php-cups\", rpm:\"php-cups~1.2.4~1.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64cups2\", rpm:\"lib64cups2~1.2.4~1.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64cups2-devel\", rpm:\"lib64cups2-devel~1.2.4~1.3mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:57:06", "bulletinFamily": "scanner", "description": "Check for the Version of koffice", "modified": "2017-07-06T00:00:00", "published": "2009-04-09T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=830011", "id": "OPENVAS:830011", "title": "Mandriva Update for koffice MDKSA-2007:163 (koffice)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for koffice MDKSA-2007:163 (koffice)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Maurycy Prodeus found an integer overflow vulnerability in the way\n various PDF viewers processed PDF files. An attacker could create\n a malicious PDF file that could cause koffice to crash and possibly\n execute arbitrary code open a user opening the file.\n\n This update provides packages which are patched to prevent these\n issues.\";\n\ntag_affected = \"koffice on Mandriva Linux 2007.0,\n Mandriva Linux 2007.0/X86_64,\n Mandriva Linux 2007.1,\n Mandriva Linux 2007.1/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2007-08/msg00004.php\");\n script_id(830011);\n script_version(\"$Revision: 6568 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:04:21 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 13:57:01 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"MDKSA\", value: \"2007:163\");\n script_cve_id(\"CVE-2007-3387\");\n script_name( \"Mandriva Update for koffice MDKSA-2007:163 (koffice)\");\n\n script_summary(\"Check for the Version of koffice\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2007.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"koffice\", rpm:\"koffice~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-karbon\", rpm:\"koffice-karbon~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kexi\", rpm:\"koffice-kexi~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kformula\", rpm:\"koffice-kformula~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kivio\", rpm:\"koffice-kivio~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-koshell\", rpm:\"koffice-koshell~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kplato\", rpm:\"koffice-kplato~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kpresenter\", rpm:\"koffice-kpresenter~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-krita\", rpm:\"koffice-krita~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kspread\", rpm:\"koffice-kspread~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kugar\", rpm:\"koffice-kugar~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kword\", rpm:\"koffice-kword~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-progs\", rpm:\"koffice-progs~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkoffice2-karbon\", rpm:\"libkoffice2-karbon~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkoffice2-karbon-devel\", rpm:\"libkoffice2-karbon-devel~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkoffice2-kexi\", rpm:\"libkoffice2-kexi~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkoffice2-kexi-devel\", rpm:\"libkoffice2-kexi-devel~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkoffice2-kformula\", rpm:\"libkoffice2-kformula~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkoffice2-kformula-devel\", rpm:\"libkoffice2-kformula-devel~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkoffice2-kivio\", rpm:\"libkoffice2-kivio~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkoffice2-kivio-devel\", rpm:\"libkoffice2-kivio-devel~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkoffice2-koshell\", rpm:\"libkoffice2-koshell~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkoffice2-kplato\", rpm:\"libkoffice2-kplato~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkoffice2-kpresenter\", rpm:\"libkoffice2-kpresenter~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkoffice2-kpresenter-devel\", rpm:\"libkoffice2-kpresenter-devel~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkoffice2-krita\", rpm:\"libkoffice2-krita~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkoffice2-krita-devel\", rpm:\"libkoffice2-krita-devel~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkoffice2-kspread\", rpm:\"libkoffice2-kspread~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkoffice2-kspread-devel\", rpm:\"libkoffice2-kspread-devel~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkoffice2-kugar\", rpm:\"libkoffice2-kugar~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkoffice2-kugar-devel\", rpm:\"libkoffice2-kugar-devel~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkoffice2-kword\", rpm:\"libkoffice2-kword~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkoffice2-kword-devel\", rpm:\"libkoffice2-kword-devel~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkoffice2-progs\", rpm:\"libkoffice2-progs~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkoffice2-progs-devel\", rpm:\"libkoffice2-progs-devel~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64koffice2-karbon\", rpm:\"lib64koffice2-karbon~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64koffice2-karbon-devel\", rpm:\"lib64koffice2-karbon-devel~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64koffice2-kexi\", rpm:\"lib64koffice2-kexi~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64koffice2-kexi-devel\", rpm:\"lib64koffice2-kexi-devel~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64koffice2-kformula\", rpm:\"lib64koffice2-kformula~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64koffice2-kformula-devel\", rpm:\"lib64koffice2-kformula-devel~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64koffice2-kivio\", rpm:\"lib64koffice2-kivio~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64koffice2-kivio-devel\", rpm:\"lib64koffice2-kivio-devel~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64koffice2-koshell\", rpm:\"lib64koffice2-koshell~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64koffice2-kplato\", rpm:\"lib64koffice2-kplato~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64koffice2-kpresenter\", rpm:\"lib64koffice2-kpresenter~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64koffice2-kpresenter-devel\", rpm:\"lib64koffice2-kpresenter-devel~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64koffice2-krita\", rpm:\"lib64koffice2-krita~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64koffice2-krita-devel\", rpm:\"lib64koffice2-krita-devel~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64koffice2-kspread\", rpm:\"lib64koffice2-kspread~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64koffice2-kspread-devel\", rpm:\"lib64koffice2-kspread-devel~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64koffice2-kugar\", rpm:\"lib64koffice2-kugar~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64koffice2-kugar-devel\", rpm:\"lib64koffice2-kugar-devel~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64koffice2-kword\", rpm:\"lib64koffice2-kword~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64koffice2-kword-devel\", rpm:\"lib64koffice2-kword-devel~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64koffice2-progs\", rpm:\"lib64koffice2-progs~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64koffice2-progs-devel\", rpm:\"lib64koffice2-progs-devel~1.6.2~2.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2007.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"koffice\", rpm:\"koffice~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-karbon\", rpm:\"koffice-karbon~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kexi\", rpm:\"koffice-kexi~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kformula\", rpm:\"koffice-kformula~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kivio\", rpm:\"koffice-kivio~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-koshell\", rpm:\"koffice-koshell~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kplato\", rpm:\"koffice-kplato~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kpresenter\", rpm:\"koffice-kpresenter~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-krita\", rpm:\"koffice-krita~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kspread\", rpm:\"koffice-kspread~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kugar\", rpm:\"koffice-kugar~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kword\", rpm:\"koffice-kword~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-progs\", rpm:\"koffice-progs~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkoffice2-karbon\", rpm:\"libkoffice2-karbon~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkoffice2-karbon-devel\", rpm:\"libkoffice2-karbon-devel~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkoffice2-kexi\", rpm:\"libkoffice2-kexi~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkoffice2-kexi-devel\", rpm:\"libkoffice2-kexi-devel~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkoffice2-kformula\", rpm:\"libkoffice2-kformula~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkoffice2-kformula-devel\", rpm:\"libkoffice2-kformula-devel~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkoffice2-kivio\", rpm:\"libkoffice2-kivio~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkoffice2-kivio-devel\", rpm:\"libkoffice2-kivio-devel~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkoffice2-koshell\", rpm:\"libkoffice2-koshell~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkoffice2-kplato\", rpm:\"libkoffice2-kplato~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkoffice2-kpresenter\", rpm:\"libkoffice2-kpresenter~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkoffice2-kpresenter-devel\", rpm:\"libkoffice2-kpresenter-devel~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkoffice2-krita\", rpm:\"libkoffice2-krita~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkoffice2-krita-devel\", rpm:\"libkoffice2-krita-devel~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkoffice2-kspread\", rpm:\"libkoffice2-kspread~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkoffice2-kspread-devel\", rpm:\"libkoffice2-kspread-devel~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkoffice2-kugar\", rpm:\"libkoffice2-kugar~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkoffice2-kugar-devel\", rpm:\"libkoffice2-kugar-devel~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkoffice2-kword\", rpm:\"libkoffice2-kword~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkoffice2-kword-devel\", rpm:\"libkoffice2-kword-devel~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkoffice2-progs\", rpm:\"libkoffice2-progs~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libkoffice2-progs-devel\", rpm:\"libkoffice2-progs-devel~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64koffice2-karbon\", rpm:\"lib64koffice2-karbon~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64koffice2-karbon-devel\", rpm:\"lib64koffice2-karbon-devel~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64koffice2-kexi\", rpm:\"lib64koffice2-kexi~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64koffice2-kexi-devel\", rpm:\"lib64koffice2-kexi-devel~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64koffice2-kformula\", rpm:\"lib64koffice2-kformula~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64koffice2-kformula-devel\", rpm:\"lib64koffice2-kformula-devel~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64koffice2-kivio\", rpm:\"lib64koffice2-kivio~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64koffice2-kivio-devel\", rpm:\"lib64koffice2-kivio-devel~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64koffice2-koshell\", rpm:\"lib64koffice2-koshell~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64koffice2-kplato\", rpm:\"lib64koffice2-kplato~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64koffice2-kpresenter\", rpm:\"lib64koffice2-kpresenter~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64koffice2-kpresenter-devel\", rpm:\"lib64koffice2-kpresenter-devel~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64koffice2-krita\", rpm:\"lib64koffice2-krita~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64koffice2-krita-devel\", rpm:\"lib64koffice2-krita-devel~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64koffice2-kspread\", rpm:\"lib64koffice2-kspread~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64koffice2-kspread-devel\", rpm:\"lib64koffice2-kspread-devel~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64koffice2-kugar\", rpm:\"lib64koffice2-kugar~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64koffice2-kugar-devel\", rpm:\"lib64koffice2-kugar-devel~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64koffice2-kword\", rpm:\"lib64koffice2-kword~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64koffice2-kword-devel\", rpm:\"lib64koffice2-kword-devel~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64koffice2-progs\", rpm:\"lib64koffice2-progs~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64koffice2-progs-devel\", rpm:\"lib64koffice2-progs-devel~1.5.91~3.4mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:50:21", "bulletinFamily": "scanner", "description": "The remote host is missing updates announced in\nadvisory GLSA 200710-20.", "modified": "2017-07-07T00:00:00", "published": "2008-09-24T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=58699", "id": "OPENVAS:58699", "title": "Gentoo Security Advisory GLSA 200710-20 (pdfkit imagekits)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PDFKit and ImageKits are vulnerable to an integer overflow and a stack\noverflow allowing for the user-assisted execution of arbitrary code.\";\ntag_solution = \"PDFKit and ImageKits are not maintained upstream, so the packages were\nmasked in Portage. We recommend that users unmerge PDFKit and ImageKits:\n\n # emerge --unmerge gnustep-libs/pdfkit\n # emerge --unmerge gnustep-libs/imagekits\n\nAs an alternative, users should upgrade their systems to use PopplerKit\ninstead of PDFKit and Vindaloo instead of ViewPDF.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200710-20\nhttp://bugs.gentoo.org/show_bug.cgi?id=188185\nhttp://www.gentoo.org/security/en/glsa/glsa-200709-12.xml\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200710-20.\";\n\n \n\nif(description)\n{\n script_id(58699);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2007-3387\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Gentoo Security Advisory GLSA 200710-20 (pdfkit imagekits)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"gnustep-libs/pdfkit\", unaffected: make_list(), vulnerable: make_list(\"le 0.9_pre062906\"))) != NULL) {\n report += res;\n}\nif ((res = ispkgvuln(pkg:\"gnustep-libs/imagekits\", unaffected: make_list(), vulnerable: make_list(\"le 0.6\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:06", "bulletinFamily": "scanner", "description": "Check for the Version of koffice", "modified": "2017-07-10T00:00:00", "published": "2009-02-27T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=861039", "id": "OPENVAS:861039", "title": "Fedora Update for koffice FEDORA-2007-1614", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for koffice FEDORA-2007-1614\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"koffice on Fedora 7\";\ntag_insight = \"KOffice - Integrated Office Suite\n KOffice is a free, integrated office suite for KDE, the K Desktop Environment.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2007-August/msg00213.html\");\n script_id(861039);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-27 15:48:41 +0100 (Fri, 27 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2007-1614\");\n script_cve_id(\"CVE-2007-3387\");\n script_name( \"Fedora Update for koffice FEDORA-2007-1614\");\n\n script_summary(\"Check for the Version of koffice\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC7\")\n{\n\n if ((res = isrpmvuln(pkg:\"koffice\", rpm:\"koffice~1.6.3~9.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kugar\", rpm:\"koffice-kugar~1.6.3~9.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kivio\", rpm:\"koffice-kivio~1.6.3~9.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kexi-driver-pgsql\", rpm:\"koffice-kexi-driver-pgsql~1.6.3~9.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-filters\", rpm:\"koffice-filters~1.6.3~9.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-karbon\", rpm:\"koffice-karbon~1.6.3~9.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kexi\", rpm:\"koffice-kexi~1.6.3~9.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kword\", rpm:\"koffice-kword~1.6.3~9.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-libs\", rpm:\"koffice-libs~1.6.3~9.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kformula\", rpm:\"koffice-kformula~1.6.3~9.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kspread\", rpm:\"koffice-kspread~1.6.3~9.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-devel\", rpm:\"koffice-devel~1.6.3~9.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kpresenter\", rpm:\"koffice-kpresenter~1.6.3~9.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-suite\", rpm:\"koffice-suite~1.6.3~9.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-debuginfo\", rpm:\"koffice-debuginfo~1.6.3~9.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kplato\", rpm:\"koffice-kplato~1.6.3~9.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-core\", rpm:\"koffice-core~1.6.3~9.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kexi-driver-mysql\", rpm:\"koffice-kexi-driver-mysql~1.6.3~9.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kchart\", rpm:\"koffice-kchart~1.6.3~9.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-krita\", rpm:\"koffice-krita~1.6.3~9.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-debuginfo\", rpm:\"koffice-debuginfo~1.6.3~9.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-filters\", rpm:\"koffice-filters~1.6.3~9.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kivio\", rpm:\"koffice-kivio~1.6.3~9.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kspread\", rpm:\"koffice-kspread~1.6.3~9.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-suite\", rpm:\"koffice-suite~1.6.3~9.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-karbon\", rpm:\"koffice-karbon~1.6.3~9.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kformula\", rpm:\"koffice-kformula~1.6.3~9.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kpresenter\", rpm:\"koffice-kpresenter~1.6.3~9.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kugar\", rpm:\"koffice-kugar~1.6.3~9.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-devel\", rpm:\"koffice-devel~1.6.3~9.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-libs\", rpm:\"koffice-libs~1.6.3~9.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kexi-driver-mysql\", rpm:\"koffice-kexi-driver-mysql~1.6.3~9.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kexi\", rpm:\"koffice-kexi~1.6.3~9.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kword\", rpm:\"koffice-kword~1.6.3~9.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kplato\", rpm:\"koffice-kplato~1.6.3~9.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-krita\", rpm:\"koffice-krita~1.6.3~9.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kexi-driver-pgsql\", rpm:\"koffice-kexi-driver-pgsql~1.6.3~9.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-kchart\", rpm:\"koffice-kchart~1.6.3~9.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"koffice-core\", rpm:\"koffice-core~1.6.3~9.fc7\", rls:\"FC7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2019-01-16T20:07:25", "bulletinFamily": "scanner", "description": "Updated tetex packages that fix a security issue in PDF handling are\nnow available for Red Hat Enterprise Linux 2.1, 3, 4, and 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nTeTeX is an implementation of TeX. TeX takes a text file and a set of\nformatting commands as input and creates a typesetter-independent .dvi\n(DeVice Independent) file as output.\n\nMaurycy Prodeus discovered an integer overflow flaw in the processing\nof PDF files. An attacker could create a malicious PDF file that would\ncause TeTeX to crash or potentially execute arbitrary code when\nopened. (CVE-2007-3387)\n\nAll users of TeTeX should upgrade to these updated packages, which\ncontain a backported patch to resolve this issue.", "modified": "2018-11-16T00:00:00", "published": "2007-08-01T00:00:00", "id": "REDHAT-RHSA-2007-0731.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=25829", "title": "RHEL 2.1 / 3 / 4 / 5 : tetex (RHSA-2007:0731)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2007:0731. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(25829);\n script_version (\"1.23\");\n script_cvs_date(\"Date: 2018/11/16 15:19:26\");\n\n script_cve_id(\"CVE-2007-3387\");\n script_bugtraq_id(25124);\n script_xref(name:\"RHSA\", value:\"2007:0731\");\n\n script_name(english:\"RHEL 2.1 / 3 / 4 / 5 : tetex (RHSA-2007:0731)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated tetex packages that fix a security issue in PDF handling are\nnow available for Red Hat Enterprise Linux 2.1, 3, 4, and 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nTeTeX is an implementation of TeX. TeX takes a text file and a set of\nformatting commands as input and creates a typesetter-independent .dvi\n(DeVice Independent) file as output.\n\nMaurycy Prodeus discovered an integer overflow flaw in the processing\nof PDF files. An attacker could create a malicious PDF file that would\ncause TeTeX to crash or potentially execute arbitrary code when\nopened. (CVE-2007-3387)\n\nAll users of TeTeX should upgrade to these updated packages, which\ncontain a backported patch to resolve this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-3387\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2007:0731\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tetex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tetex-afm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tetex-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tetex-dvilj\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tetex-dvips\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tetex-fonts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tetex-latex\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tetex-xdvi\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:2.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/08/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(2\\.1|3|4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 2.1 / 3.x / 4.x / 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2007:0731\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"tetex-1.0.7-38.5E.11\")) flag++;\n\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"tetex-afm-1.0.7-38.5E.11\")) flag++;\n\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"tetex-doc-1.0.7-38.5E.11\")) flag++;\n\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"tetex-dvilj-1.0.7-38.5E.11\")) flag++;\n\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"tetex-dvips-1.0.7-38.5E.11\")) flag++;\n\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"tetex-fonts-1.0.7-38.5E.11\")) flag++;\n\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"tetex-latex-1.0.7-38.5E.11\")) flag++;\n\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"tetex-xdvi-1.0.7-38.5E.11\")) flag++;\n\n\n if (rpm_check(release:\"RHEL3\", reference:\"tetex-1.0.7-67.10\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"tetex-afm-1.0.7-67.10\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"tetex-dvips-1.0.7-67.10\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"tetex-fonts-1.0.7-67.10\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"tetex-latex-1.0.7-67.10\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"tetex-xdvi-1.0.7-67.10\")) flag++;\n\n\n if (rpm_check(release:\"RHEL4\", reference:\"tetex-2.0.2-22.0.1.EL4.8\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"tetex-afm-2.0.2-22.0.1.EL4.8\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"tetex-doc-2.0.2-22.0.1.EL4.8\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"tetex-dvips-2.0.2-22.0.1.EL4.8\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"tetex-fonts-2.0.2-22.0.1.EL4.8\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"tetex-latex-2.0.2-22.0.1.EL4.8\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"tetex-xdvi-2.0.2-22.0.1.EL4.8\")) flag++;\n\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"tetex-3.0-33.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"tetex-3.0-33.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"tetex-3.0-33.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"tetex-afm-3.0-33.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"tetex-afm-3.0-33.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"tetex-afm-3.0-33.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"tetex-doc-3.0-33.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"tetex-doc-3.0-33.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"tetex-doc-3.0-33.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"tetex-dvips-3.0-33.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"tetex-dvips-3.0-33.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"tetex-dvips-3.0-33.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"tetex-fonts-3.0-33.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"tetex-fonts-3.0-33.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"tetex-fonts-3.0-33.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"tetex-latex-3.0-33.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"tetex-latex-3.0-33.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"tetex-latex-3.0-33.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"tetex-xdvi-3.0-33.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"tetex-xdvi-3.0-33.1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"tetex-xdvi-3.0-33.1.el5\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tetex / tetex-afm / tetex-doc / tetex-dvilj / tetex-dvips / etc\");\n }\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:07:26", "bulletinFamily": "scanner", "description": "It was discovered that an integer overflow in the xpdf PDF viewer may\nlead to the execution of arbitrary code if a malformed PDF file is\nopened.\n\npoppler includes a copy of the xpdf code and required an update as\nwell.\n\nThe oldstable distribution (sarge) doesn't include poppler.", "modified": "2018-11-10T00:00:00", "published": "2007-08-13T00:00:00", "id": "DEBIAN_DSA-1348.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=25856", "title": "Debian DSA-1348-1 : poppler - integer overflow", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1348. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(25856);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2018/11/10 11:49:33\");\n\n script_cve_id(\"CVE-2007-3387\");\n script_xref(name:\"DSA\", value:\"1348\");\n\n script_name(english:\"Debian DSA-1348-1 : poppler - integer overflow\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that an integer overflow in the xpdf PDF viewer may\nlead to the execution of arbitrary code if a malformed PDF file is\nopened.\n\npoppler includes a copy of the xpdf code and required an update as\nwell.\n\nThe oldstable distribution (sarge) doesn't include poppler.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2007/dsa-1348\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the poppler packages.\n\nFor the stable distribution (etch) this problem has been fixed in\nversion 0.4.5-5.1etch1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:poppler\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/08/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/08/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"libpoppler-dev\", reference:\"0.4.5-5.1etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libpoppler-glib-dev\", reference:\"0.4.5-5.1etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libpoppler-qt-dev\", reference:\"0.4.5-5.1etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libpoppler0c2\", reference:\"0.4.5-5.1etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libpoppler0c2-glib\", reference:\"0.4.5-5.1etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libpoppler0c2-qt\", reference:\"0.4.5-5.1etch1\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"poppler-utils\", reference:\"0.4.5-5.1etch1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:07:26", "bulletinFamily": "scanner", "description": "Maurycy Prodeus found an integer overflow vulnerability in the way\nvarious PDF viewers processed PDF files. An attacker could create a\nmalicious PDF file that could cause cups to crash and possibly execute\narbitrary code open a user opening the file.\n\nThis update provides packages which are patched to prevent these\nissues.", "modified": "2018-12-05T00:00:00", "published": "2007-08-21T00:00:00", "id": "MANDRAKE_MDKSA-2007-165.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=25923", "title": "Mandrake Linux Security Advisory : cups (MDKSA-2007:165)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2007:165. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(25923);\n script_version (\"1.20\");\n script_cvs_date(\"Date: 2018/12/05 20:31:23\");\n\n script_cve_id(\"CVE-2007-3387\");\n script_bugtraq_id(25124);\n script_xref(name:\"MDKSA\", value:\"2007:165\");\n\n script_name(english:\"Mandrake Linux Security Advisory : cups (MDKSA-2007:165)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandrake Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Maurycy Prodeus found an integer overflow vulnerability in the way\nvarious PDF viewers processed PDF files. An attacker could create a\nmalicious PDF file that could cause cups to crash and possibly execute\narbitrary code open a user opening the file.\n\nThis update provides packages which are patched to prevent these\nissues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:cups\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:cups-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:cups-serial\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64cups2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64cups2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libcups2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libcups2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-cups\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2007\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2007.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/08/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/08/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2007.0\", reference:\"cups-1.2.4-1.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"cups-common-1.2.4-1.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"cups-serial-1.2.4-1.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64cups2-1.2.4-1.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64cups2-devel-1.2.4-1.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libcups2-1.2.4-1.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libcups2-devel-1.2.4-1.3mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"php-cups-1.2.4-1.3mdv2007.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2007.1\", reference:\"cups-1.2.10-2.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"cups-common-1.2.10-2.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"cups-serial-1.2.10-2.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"x86_64\", reference:\"lib64cups2-1.2.10-2.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"x86_64\", reference:\"lib64cups2-devel-1.2.10-2.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"libcups2-1.2.10-2.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"libcups2-devel-1.2.10-2.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"php-cups-1.2.10-2.1mdv2007.1\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:07:34", "bulletinFamily": "scanner", "description": "A buffer overflow in the xpdf code contained in cups could be\nexploited by attackers to potentially execute arbitrary code\n(CVE-2007-3387).", "modified": "2018-07-19T00:00:00", "published": "2007-10-17T00:00:00", "id": "SUSE_CUPS-4044.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=27194", "title": "openSUSE 10 Security Update : cups (cups-4044)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update cups-4044.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(27194);\n script_version (\"1.11\");\n script_cvs_date(\"Date: 2018/07/19 23:54:24\");\n\n script_cve_id(\"CVE-2007-3387\");\n\n script_name(english:\"openSUSE 10 Security Update : cups (cups-4044)\");\n script_summary(english:\"Check for the cups-4044 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A buffer overflow in the xpdf code contained in cups could be\nexploited by attackers to potentially execute arbitrary code\n(CVE-2007-3387).\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected cups packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cups\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cups-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cups-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cups-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cups-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/08/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/10/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.1|SUSE10\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.1 / 10.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.1\", reference:\"cups-1.1.23-40.24\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"cups-client-1.1.23-40.24\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"cups-devel-1.1.23-40.24\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"cups-libs-1.1.23-40.24\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", cpu:\"x86_64\", reference:\"cups-libs-32bit-1.1.23-40.24\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"cups-1.2.7-12.3\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"cups-client-1.2.7-12.3\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"cups-devel-1.2.7-12.3\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"cups-libs-1.2.7-12.3\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", cpu:\"x86_64\", reference:\"cups-libs-32bit-1.2.7-12.3\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"cups / cups-client / cups-devel / cups-libs / cups-libs-32bit\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:16:25", "bulletinFamily": "scanner", "description": "From Red Hat Security Advisory 2007:0720 :\n\nUpdated CUPS packages that fix a security issue in PDF handling are\nnow available for Red Hat Enterprise Linux 3, 4, and 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe Common UNIX Printing System (CUPS) provides a portable printing\nlayer for UNIX(R) operating systems.\n\nMaurycy Prodeus discovered an integer overflow flaw in the way CUPS\nprocesses PDF files. An attacker could create a malicious PDF file\nthat could potentially execute arbitrary code when printed.\n(CVE-2007-3387)\n\nAll users of CUPS should upgrade to these updated packages, which\ncontain a backported patch to resolve this issue.", "modified": "2018-07-18T00:00:00", "published": "2013-07-12T00:00:00", "id": "ORACLELINUX_ELSA-2007-0720.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=67544", "title": "Oracle Linux 3 / 4 / 5 : cups (ELSA-2007-0720)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2007:0720 and \n# Oracle Linux Security Advisory ELSA-2007-0720 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(67544);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/07/18 17:43:55\");\n\n script_cve_id(\"CVE-2007-3387\");\n script_bugtraq_id(25124);\n script_xref(name:\"RHSA\", value:\"2007:0720\");\n\n script_name(english:\"Oracle Linux 3 / 4 / 5 : cups (ELSA-2007-0720)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2007:0720 :\n\nUpdated CUPS packages that fix a security issue in PDF handling are\nnow available for Red Hat Enterprise Linux 3, 4, and 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe Common UNIX Printing System (CUPS) provides a portable printing\nlayer for UNIX(R) operating systems.\n\nMaurycy Prodeus discovered an integer overflow flaw in the way CUPS\nprocesses PDF files. An attacker could create a malicious PDF file\nthat could potentially execute arbitrary code when printed.\n(CVE-2007-3387)\n\nAll users of CUPS should upgrade to these updated packages, which\ncontain a backported patch to resolve this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2007-July/000285.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2007-July/000289.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2007-July/000291.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected cups packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:cups\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:cups-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:cups-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:cups-lpd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/07/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/07/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(3|4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 3 / 4 / 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"cups-1.1.17-13.3.45\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"cups-1.1.17-13.3.45\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"cups-devel-1.1.17-13.3.45\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"cups-devel-1.1.17-13.3.45\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"cups-libs-1.1.17-13.3.45\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"cups-libs-1.1.17-13.3.45\")) flag++;\n\nif (rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"cups-1.1.22-0.rc1.9.20.2\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"cups-1.1.22-0.rc1.9.20.2\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"cups-devel-1.1.22-0.rc1.9.20.2\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"cups-devel-1.1.22-0.rc1.9.20.2\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"cups-libs-1.1.22-0.rc1.9.20.2\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"cups-libs-1.1.22-0.rc1.9.20.2\")) flag++;\n\nif (rpm_check(release:\"EL5\", reference:\"cups-1.2.4-11.5.3.el5\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"cups-devel-1.2.4-11.5.3.el5\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"cups-libs-1.2.4-11.5.3.el5\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"cups-lpd-1.2.4-11.5.3.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"cups / cups-devel / cups-libs / cups-lpd\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:07:25", "bulletinFamily": "scanner", "description": "Updated kdegraphics packages that fix a security issue in PDF handling\nare now available for Red Hat Enterprise Linux 4, and 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kdegraphics packages contain applications for the K Desktop\nEnvironment including kpdf, a PDF file viewer.\n\nMaurycy Prodeus discovered an integer overflow flaw in the processing\nof PDF files. An attacker could create a malicious PDF file that would\ncause kpdf to crash or potentially execute arbitrary code when opened.\n(CVE-2007-3387)\n\nAll users of kdegraphics should upgrade to these updated packages,\nwhich contain a backported patch to resolve this issue.", "modified": "2018-11-16T00:00:00", "published": "2007-07-31T00:00:00", "id": "REDHAT-RHSA-2007-0729.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=25816", "title": "RHEL 4 / 5 : kdegraphics (RHSA-2007:0729)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2007:0729. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(25816);\n script_version (\"1.23\");\n script_cvs_date(\"Date: 2018/11/16 15:19:26\");\n\n script_cve_id(\"CVE-2007-3387\");\n script_bugtraq_id(25124);\n script_xref(name:\"RHSA\", value:\"2007:0729\");\n\n script_name(english:\"RHEL 4 / 5 : kdegraphics (RHSA-2007:0729)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kdegraphics packages that fix a security issue in PDF handling\nare now available for Red Hat Enterprise Linux 4, and 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nThe kdegraphics packages contain applications for the K Desktop\nEnvironment including kpdf, a PDF file viewer.\n\nMaurycy Prodeus discovered an integer overflow flaw in the processing\nof PDF files. An attacker could create a malicious PDF file that would\ncause kpdf to crash or potentially execute arbitrary code when opened.\n(CVE-2007-3387)\n\nAll users of kdegraphics should upgrade to these updated packages,\nwhich contain a backported patch to resolve this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-3387\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2007:0729\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kdegraphics and / or kdegraphics-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kdegraphics\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kdegraphics-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/07/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/07/31\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x / 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2007:0729\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", reference:\"kdegraphics-3.3.1-4.RHEL4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"kdegraphics-devel-3.3.1-4.RHEL4\")) flag++;\n\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"kdegraphics-3.5.4-2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kdegraphics-3.5.4-2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"kdegraphics-devel-3.5.4-2.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kdegraphics-devel-3.5.4-2.el5\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kdegraphics / kdegraphics-devel\");\n }\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:14:08", "bulletinFamily": "scanner", "description": "Maurycy Prodeus discovered an integer overflow flaw in the processing\nof PDF files. An attacker could create a malicious PDF file that would\ncause an application linked with poppler to crash or potentially\nexecute arbitrary code when opened. (CVE-2007-3387)", "modified": "2019-01-07T00:00:00", "published": "2012-08-01T00:00:00", "id": "SL_20070730_POPPLER_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=60235", "title": "Scientific Linux Security Update : poppler on SL5.x i386/x86_64", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(60235);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/01/07 9:52:18\");\n\n script_cve_id(\"CVE-2007-3387\");\n\n script_name(english:\"Scientific Linux Security Update : poppler on SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Maurycy Prodeus discovered an integer overflow flaw in the processing\nof PDF files. An attacker could create a malicious PDF file that would\ncause an application linked with poppler to crash or potentially\nexecute arbitrary code when opened. (CVE-2007-3387)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0707&L=scientific-linux-errata&T=0&P=1907\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?258c637d\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected poppler, poppler-devel and / or poppler-utils\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/07/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"poppler-0.5.4-4.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"poppler-devel-0.5.4-4.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"poppler-utils-0.5.4-4.1.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:07:26", "bulletinFamily": "scanner", "description": "A new poppler package is available for Slackware 12.0 to fix an\ninteger overflow.", "modified": "2013-06-01T00:00:00", "published": "2007-08-13T00:00:00", "id": "SLACKWARE_SSA_2007-222-02.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=25845", "title": "Slackware 12.0 : poppler (SSA:2007-222-02)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2007-222-02. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(25845);\n script_version(\"$Revision: 1.11 $\");\n script_cvs_date(\"$Date: 2013/06/01 00:36:14 $\");\n\n script_cve_id(\"CVE-2007-3387\");\n script_xref(name:\"SSA\", value:\"2007-222-02\");\n\n script_name(english:\"Slackware 12.0 : poppler (SSA:2007-222-02)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A new poppler package is available for Slackware 12.0 to fix an\ninteger overflow.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.322524\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?83a2906a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected poppler package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:poppler\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/08/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/08/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2013 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"12.0\", pkgname:\"poppler\", pkgver:\"0.5.4\", pkgarch:\"i486\", pkgnum:\"2_slack12.0\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:slackware_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:07:42", "bulletinFamily": "scanner", "description": "This is an update to address a vulnerability in kpdf, one that can\ncause a stack based buffer overflow.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2015-10-21T00:00:00", "published": "2007-11-06T00:00:00", "id": "FEDORA_2007-1594.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=27723", "title": "Fedora 7 : kdegraphics-3.5.7-2.fc7 (2007-1594)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2007-1594.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(27723);\n script_version (\"$Revision: 1.13 $\");\n script_cvs_date(\"$Date: 2015/10/21 21:54:54 $\");\n\n script_cve_id(\"CVE-2007-3387\");\n script_xref(name:\"FEDORA\", value:\"2007-1594\");\n\n script_name(english:\"Fedora 7 : kdegraphics-3.5.7-2.fc7 (2007-1594)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This is an update to address a vulnerability in kpdf, one that can\ncause a stack based buffer overflow.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2007-August/003237.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c130f5a2\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kdegraphics\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kdegraphics-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kdegraphics-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kdegraphics-extras\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/08/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/11/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 7.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC7\", reference:\"kdegraphics-3.5.7-2.fc7\")) flag++;\nif (rpm_check(release:\"FC7\", reference:\"kdegraphics-debuginfo-3.5.7-2.fc7\")) flag++;\nif (rpm_check(release:\"FC7\", reference:\"kdegraphics-devel-3.5.7-2.fc7\")) flag++;\nif (rpm_check(release:\"FC7\", reference:\"kdegraphics-extras-3.5.7-2.fc7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kdegraphics / kdegraphics-debuginfo / kdegraphics-devel / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-01-16T20:16:25", "bulletinFamily": "scanner", "description": "From Red Hat Security Advisory 2007:0730 :\n\nUpdated kdegraphics packages that fix a security issue in PDF handling\nare now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\ngpdf is a GNOME based viewer for Portable Document Format (PDF) files.\n\nMaurycy Prodeus discovered an integer overflow flaw in the processing\nof PDF files. An attacker could create a malicious PDF file that would\ncause gpdf to crash or potentially execute arbitrary code when opened.\n(CVE-2007-3387)\n\nAll users of gpdf should upgrade to these updated packages, which\ncontain a backported patch to resolve this issue.", "modified": "2018-07-18T00:00:00", "published": "2013-07-12T00:00:00", "id": "ORACLELINUX_ELSA-2007-0730.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=67550", "title": "Oracle Linux 4 : gpdf (ELSA-2007-0730)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2007:0730 and \n# Oracle Linux Security Advisory ELSA-2007-0730 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(67550);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/07/18 17:43:55\");\n\n script_cve_id(\"CVE-2007-3387\");\n script_bugtraq_id(25124);\n script_xref(name:\"RHSA\", value:\"2007:0730\");\n\n script_name(english:\"Oracle Linux 4 : gpdf (ELSA-2007-0730)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2007:0730 :\n\nUpdated kdegraphics packages that fix a security issue in PDF handling\nare now available for Red Hat Enterprise Linux 4.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\ngpdf is a GNOME based viewer for Portable Document Format (PDF) files.\n\nMaurycy Prodeus discovered an integer overflow flaw in the processing\nof PDF files. An attacker could create a malicious PDF file that would\ncause gpdf to crash or potentially execute arbitrary code when opened.\n(CVE-2007-3387)\n\nAll users of gpdf should upgrade to these updated packages, which\ncontain a backported patch to resolve this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2007-July/000287.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected gpdf package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gpdf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/07/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/07/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 4\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL4\", cpu:\"i386\", reference:\"gpdf-2.8.2-7.7\")) flag++;\nif (rpm_check(release:\"EL4\", cpu:\"x86_64\", reference:\"gpdf-2.8.2-7.7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gpdf\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "redhat": [{"lastseen": "2018-12-11T17:43:14", "bulletinFamily": "unix", "description": "The kdegraphics packages contain applications for the K Desktop Environment\r\nincluding kpdf, a PDF file viewer.\r\n\r\nMaurycy Prodeus discovered an integer overflow flaw in the processing\r\nof PDF files. An attacker could create a malicious PDF file that would\r\ncause kpdf to crash or potentially execute arbitrary code when opened. \r\n(CVE-2007-3387)\r\n\r\nAll users of kdegraphics should upgrade to these updated packages, which\r\ncontain a backported patch to resolve this issue.", "modified": "2017-09-08T11:54:07", "published": "2007-07-30T04:00:00", "id": "RHSA-2007:0729", "href": "https://access.redhat.com/errata/RHSA-2007:0729", "type": "redhat", "title": "(RHSA-2007:0729) Important: kdegraphics security update", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-12-11T17:42:29", "bulletinFamily": "unix", "description": "gpdf is a GNOME based viewer for Portable Document Format (PDF) files. \r\n\r\nMaurycy Prodeus discovered an integer overflow flaw in the processing\r\nof PDF files. An attacker could create a malicious PDF file that would\r\ncause gpdf to crash or potentially execute arbitrary code when opened. \r\n(CVE-2007-3387)\r\n\r\nAll users of gpdf should upgrade to these updated packages, which\r\ncontain a backported patch to resolve this issue.", "modified": "2017-09-08T12:17:56", "published": "2007-07-30T04:00:00", "id": "RHSA-2007:0730", "href": "https://access.redhat.com/errata/RHSA-2007:0730", "type": "redhat", "title": "(RHSA-2007:0730) Important: gpdf security update", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-12-11T17:41:49", "bulletinFamily": "unix", "description": "Xpdf is an X Window System-based viewer for Portable Document Format (PDF)\r\nfiles. \r\n\r\nMaurycy Prodeus discovered an integer overflow flaw in the processing\r\nof PDF files. An attacker could create a malicious PDF file that would\r\ncause Xpdf to crash or potentially execute arbitrary code when opened. \r\n(CVE-2007-3387)\r\n\r\nAll users of Xpdf should upgrade to these updated packages, which\r\ncontain a backported patch to resolve this issue.", "modified": "2018-05-11T23:27:23", "published": "2007-07-30T04:00:00", "id": "RHSA-2007:0735", "href": "https://access.redhat.com/errata/RHSA-2007:0735", "type": "redhat", "title": "(RHSA-2007:0735) Important: xpdf security update", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-12-11T17:43:24", "bulletinFamily": "unix", "description": "Poppler is a PDF rendering library, used by applications such as evince.\r\n\r\nMaurycy Prodeus discovered an integer overflow flaw in the processing\r\nof PDF files. An attacker could create a malicious PDF file that would\r\ncause an application linked with poppler to crash or potentially execute\r\narbitrary code when opened. (CVE-2007-3387)\r\n\r\nAll users of poppler should upgrade to these updated packages, which\r\ncontain a backported patch to resolve this issue.", "modified": "2017-09-08T11:51:17", "published": "2007-07-30T04:00:00", "id": "RHSA-2007:0732", "href": "https://access.redhat.com/errata/RHSA-2007:0732", "type": "redhat", "title": "(RHSA-2007:0732) Important: poppler security update", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "centos": [{"lastseen": "2017-10-12T14:44:52", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2007:0731\n\n\nTeTeX is an implementation of TeX. TeX takes a text file and a set of\r\nformatting commands as input and creates a typesetter-independent .dvi\r\n(DeVice Independent) file as output.\r\n\r\nMaurycy Prodeus discovered an integer overflow flaw in the processing\r\nof PDF files. An attacker could create a malicious PDF file that would\r\ncause TeTeX to crash or potentially execute arbitrary code when opened. \r\n(CVE-2007-3387)\r\n\r\nAll users of TeTeX should upgrade to these updated packages, which\r\ncontain a backported patch to resolve this issue.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2007-August/014126.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-August/014127.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-August/014128.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-August/014129.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-August/014130.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-August/014131.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-August/014132.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-August/014133.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-August/014134.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-August/014135.html\n\n**Affected packages:**\ntetex\ntetex-afm\ntetex-doc\ntetex-dvips\ntetex-fonts\ntetex-latex\ntetex-xdvi\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2007-0731.html", "modified": "2007-08-02T01:54:53", "published": "2007-08-01T12:52:26", "href": "http://lists.centos.org/pipermail/centos-announce/2007-August/014126.html", "id": "CESA-2007:0731", "title": "tetex security update", "type": "centos", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-10-12T14:44:56", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2007:0735\n\n\nXpdf is an X Window System-based viewer for Portable Document Format (PDF)\r\nfiles. \r\n\r\nMaurycy Prodeus discovered an integer overflow flaw in the processing\r\nof PDF files. An attacker could create a malicious PDF file that would\r\ncause Xpdf to crash or potentially execute arbitrary code when opened. \r\n(CVE-2007-3387)\r\n\r\nAll users of Xpdf should upgrade to these updated packages, which\r\ncontain a backported patch to resolve this issue.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2007-July/014087.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-July/014088.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-July/014090.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-July/014092.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-July/014094.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-July/014099.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-July/014106.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-July/014107.html\n\n**Affected packages:**\nxpdf\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2007-0735.html", "modified": "2007-07-31T22:50:55", "published": "2007-07-30T21:58:57", "href": "http://lists.centos.org/pipermail/centos-announce/2007-July/014087.html", "id": "CESA-2007:0735", "title": "xpdf security update", "type": "centos", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-10-12T14:46:03", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2007:0735-01\n\n\nXpdf is an X Window System-based viewer for Portable Document Format (PDF)\r\nfiles. \r\n\r\nMaurycy Prodeus discovered an integer overflow flaw in the processing\r\nof PDF files. An attacker could create a malicious PDF file that would\r\ncause Xpdf to crash or potentially execute arbitrary code when opened. \r\n(CVE-2007-3387)\r\n\r\nAll users of Xpdf should upgrade to these updated packages, which\r\ncontain a backported patch to resolve this issue.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2007-August/014116.html\n\n**Affected packages:**\nxpdf\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/rh21as-errata.html", "modified": "2007-08-01T03:37:44", "published": "2007-08-01T03:37:44", "href": "http://lists.centos.org/pipermail/centos-announce/2007-August/014116.html", "id": "CESA-2007:0735-01", "title": "xpdf security update", "type": "centos", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}