7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
26.7%
Xpdf is an X Window System based viewer for Portable Document Format
(PDF) files.
During an audit of CUPS, a printing system, Zen Parsec found an integer
overflow vulnerability in the pdftops filter. Since the code for pdftops
is taken from the Xpdf project, all versions of Xpdf including 2.01 are
also vulnerable to this issue. An attacker could create a malicious PDF
file that would execute arbitrary code as the user who used Xpdf to view it.
All users of Xpdf are advised to upgrade to these errata packages which
contain a patch to correct this issue.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | any | ia64 | xpdf | < 0.92-8 | xpdf-0.92-8.ia64.rpm |
RedHat | any | i386 | xpdf | < 0.92-8 | xpdf-0.92-8.i386.rpm |