9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
Several local vulnerabilities have been discovered in KPDF, a PDF viewer
for KDE, which allow the execution of arbitrary code or denial of
service if a user is tricked into opening a crafted PDF document.
For the stable distribution (lenny), these problems have been fixed in
version 4:3.5.9-3+lenny3.
The unstable distribution (sid) no longer contains kpdf. It’s replacement,
Okular, links against the poppler PDF library.
We recommend that you upgrade your kdegraphics packages.
CPE | Name | Operator | Version |
---|---|---|---|
kdegraphics | eq | 4:3.5.9-3+lenny2 | |
kdegraphics | eq | 4:3.5.9-3 | |
kdegraphics | eq | 4:3.5.9-3+lenny1 |