10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.161 Low
EPSS
Percentile
95.4%
The kdegraphics packages contain applications for the K Desktop Environment
including kpdf, a pdf file viewer.
A buffer overflow flaw was found in the Gfx::doImage function of Xpdf that
also affects kpdf due to a shared codebase. An attacker could construct a
carefully crafted PDF file that could cause kpdf to crash or possibly
execute arbitrary code when opened. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2004-1125 to
this issue.
A buffer overflow flaw was found in the Decrypt::makeFileKey2 function of
Xpdf which also affects kpdf due to a shared codebase. An attacker could
construct a carefully crafted PDF file that could cause kpdf to crash or
possibly execute arbitrary code when opened. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2005-0064 to
this issue.
During a source code audit, Chris Evans and others discovered a number of
integer overflow bugs that affected all versions of Xpdf which also affects
kpdf due to a shared codebase. An attacker could construct a carefully
crafted PDF file that could cause kpdf to crash or possibly execute
arbitrary code when opened. The Common Vulnerabilities and Exposures
project (cve.mitre.org) has assigned the name CAN-2004-0888 to this issue.
Users should update to these erratum packages which contain backported
patches to correct these issues.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | any | src | kdegraphics | < 3.3.1-3.3 | kdegraphics-3.3.1-3.3.src.rpm |
RedHat | any | i386 | kdegraphics | < 3.3.1-3.3 | kdegraphics-3.3.1-3.3.i386.rpm |
RedHat | any | x86_64 | kdegraphics-devel | < 3.3.1-3.3 | kdegraphics-devel-3.3.1-3.3.x86_64.rpm |
RedHat | any | x86_64 | kdegraphics | < 3.3.1-3.3 | kdegraphics-3.3.1-3.3.x86_64.rpm |
RedHat | any | ia64 | kdegraphics-devel | < 3.3.1-3.3 | kdegraphics-devel-3.3.1-3.3.ia64.rpm |
RedHat | any | ppc | kdegraphics-devel | < 3.3.1-3.3 | kdegraphics-devel-3.3.1-3.3.ppc.rpm |
RedHat | any | ia64 | kdegraphics | < 3.3.1-3.3 | kdegraphics-3.3.1-3.3.ia64.rpm |
RedHat | any | s390 | kdegraphics-devel | < 3.3.1-3.3 | kdegraphics-devel-3.3.1-3.3.s390.rpm |
RedHat | any | s390x | kdegraphics | < 3.3.1-3.3 | kdegraphics-3.3.1-3.3.s390x.rpm |
RedHat | any | i386 | kdegraphics-devel | < 3.3.1-3.3 | kdegraphics-devel-3.3.1-3.3.i386.rpm |