RedHatRHSA-2009:1680(RHSA-2009:1680) Important: xpdf security update
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.007 Low
EPSS
Percentile
77.9%
Xpdf is an X Window System based viewer for Portable Document Format (PDF)
files.
Petr Gajdos and Christian Kornacker of SUSE reported a buffer overflow flaw
in Xpdf’s Type 1 font parser. A specially-crafted PDF file with an embedded
Type 1 font could cause Xpdf to crash or, possibly, execute arbitrary code
when opened. (CVE-2009-4035)
Users are advised to upgrade to this updated package, which contains a
backported patch to correct this issue.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 4 | x86_64 | xpdf | < 3.00-23.el4_8.1 | xpdf-3.00-23.el4_8.1.x86_64.rpm |
| RedHat | 4 | src | xpdf | < 3.00-23.el4_8.1 | xpdf-3.00-23.el4_8.1.src.rpm |
| RedHat | 4 | s390 | xpdf | < 3.00-23.el4_8.1 | xpdf-3.00-23.el4_8.1.s390.rpm |
| RedHat | 4 | ia64 | xpdf | < 3.00-23.el4_8.1 | xpdf-3.00-23.el4_8.1.ia64.rpm |
| RedHat | 4 | i386 | xpdf | < 3.00-23.el4_8.1 | xpdf-3.00-23.el4_8.1.i386.rpm |
| RedHat | 4 | s390x | xpdf | < 3.00-23.el4_8.1 | xpdf-3.00-23.el4_8.1.s390x.rpm |
| RedHat | 4 | ppc | xpdf | < 3.00-23.el4_8.1 | xpdf-3.00-23.el4_8.1.ppc.rpm |
Related
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.007 Low
EPSS
Percentile
77.9%