Xpdf多个远程Stream.CC漏洞

Xpdf是一款处理PDF的应用程序
Xpdf存在多个缓冲区溢出问题，远程攻击者可以利用漏洞以应用程序权限执行任意指令。
1）xpdf/Stream.cc文件中的"DCTStream::readProgressiveDataUnit()"方法存在数组索引错误，通过特殊构建的PDF文件可造成内存破坏。
2）xpdf/Stream.cc文件中的"DCTStream::reset()"方法存在整数溢出错误，可导致基于堆的缓冲区溢出。
3）xpdf/Stream.cc中的"CCITTFaxStream::lookChar()"方法存在边界错误，通过特殊构建的"CCITTFaxDecode"过滤器可导致触发基于堆的缓冲区溢出。

Xpdf Xpdf 3.02pl1
teTeX teTeX 1.0.7

• Conectiva Linux 8.0
• Conectiva Linux 8.0
• Conectiva Linux 7.0
• Conectiva Linux 7.0
• Conectiva Linux 6.0
• Conectiva Linux 6.0
• Debian Linux 3.0 sparc
• Debian Linux 3.0 sparc
• Debian Linux 3.0 s/390
• Debian Linux 3.0 s/390
• Debian Linux 3.0 ppc
• Debian Linux 3.0 ppc
• Debian Linux 3.0 mipsel
• Debian Linux 3.0 mipsel
• Debian Linux 3.0 mips
• Debian Linux 3.0 mips
• Debian Linux 3.0 m68k
• Debian Linux 3.0 m68k
• Debian Linux 3.0 ia-64
• Debian Linux 3.0 ia-64
• Debian Linux 3.0 ia-32
• Debian Linux 3.0 ia-32
• Debian Linux 3.0 hppa
• Debian Linux 3.0 hppa
• Debian Linux 3.0 arm
• Debian Linux 3.0 arm
• Debian Linux 3.0 alpha
• Debian Linux 3.0 alpha
• Debian Linux 3.0
• Debian Linux 3.0
• HP Secure OS software for Linux 1.0
• HP Secure OS software for Linux 1.0
• Immunix Immunix OS 7.0 beta
• Immunix Immunix OS 7.0 beta
• Immunix Immunix OS 7.0
• Immunix Immunix OS 7.0
• Immunix Immunix OS 6.2
• Immunix Immunix OS 6.2
• MandrakeSoft Corporate Server 1.0.1
• MandrakeSoft Corporate Server 1.0.1
• MandrakeSoft Linux Mandrake 9.0
• MandrakeSoft Linux Mandrake 9.0
• MandrakeSoft Linux Mandrake 8.2 ppc
• MandrakeSoft Linux Mandrake 8.2 ppc
• MandrakeSoft Linux Mandrake 8.2
• MandrakeSoft Linux Mandrake 8.2
• MandrakeSoft Linux Mandrake 8.1 ia64
• MandrakeSoft Linux Mandrake 8.1 ia64
• MandrakeSoft Linux Mandrake 8.1
• MandrakeSoft Linux Mandrake 8.1
• MandrakeSoft Linux Mandrake 8.0 ppc
• MandrakeSoft Linux Mandrake 8.0 ppc
• MandrakeSoft Linux Mandrake 8.0
• MandrakeSoft Linux Mandrake 8.0
• MandrakeSoft Linux Mandrake 7.2
• MandrakeSoft Linux Mandrake 7.2
• MandrakeSoft Linux Mandrake 7.1
• MandrakeSoft Linux Mandrake 7.1
• RedHat Desktop 3.0
• RedHat Desktop 3.0
• RedHat Enterprise Linux WS 3
• RedHat Enterprise Linux WS 3
• RedHat Enterprise Linux WS 2.1 IA64
• RedHat Enterprise Linux WS 2.1 IA64
• RedHat Enterprise Linux WS 2.1
• RedHat Enterprise Linux WS 2.1
• RedHat Enterprise Linux ES 3
• RedHat Enterprise Linux ES 3
• RedHat Enterprise Linux ES 2.1 IA64
• RedHat Enterprise Linux ES 2.1 IA64
• RedHat Enterprise Linux ES 2.1
• RedHat Enterprise Linux ES 2.1
• RedHat Enterprise Linux AS 3
• RedHat Enterprise Linux AS 3
• RedHat Enterprise Linux AS 2.1 IA64
• RedHat Enterprise Linux AS 2.1 IA64
• RedHat Enterprise Linux AS 2.1
• RedHat Enterprise Linux AS 2.1
• RedHat Linux 8.0 i386
• RedHat Linux 8.0 i386
• RedHat Linux 8.0
• RedHat Linux 8.0
• RedHat Linux 7.3 i386
• RedHat Linux 7.3 i386
• RedHat Linux 7.3
• RedHat Linux 7.3
• RedHat Linux 7.2 ia64
• RedHat Linux 7.2 ia64
• RedHat Linux 7.2 i386
• RedHat Linux 7.2 i386
• RedHat Linux 7.2
• RedHat Linux 7.2
• RedHat Linux 7.1 ia64
• RedHat Linux 7.1 ia64
• RedHat Linux 7.1 i386
• RedHat Linux 7.1 i386
• RedHat Linux 7.1 alpha
• RedHat Linux 7.1 alpha
• RedHat Linux 7.1
• RedHat Linux 7.1
• RedHat Linux 7.0 i386
• RedHat Linux 7.0 i386
• RedHat Linux 7.0 alpha
• RedHat Linux 7.0 alpha
• RedHat Linux 7.0
• RedHat Linux 7.0
• RedHat Linux Advanced Work Station 2.1
• RedHat Linux Advanced Work Station 2.1
  RedHat Enterprise Linux Desktop Workstation v. 5 client
  RedHat Enterprise Linux Desktop v.5 client
  RedHat Enterprise Linux WS 5
  RedHat Enterprise Linux WS 4
  RedHat Enterprise Linux WS 3
  RedHat Enterprise Linux WS 2.1 IA64
  RedHat Enterprise Linux WS 2.1
  RedHat Enterprise Linux v. 5 server
  RedHat Enterprise Linux ES 4
  RedHat Enterprise Linux ES 3
  RedHat Enterprise Linux ES 2.1 IA64
  RedHat Enterprise Linux ES 2.1
  RedHat Enterprise Linux AS 4
  RedHat Enterprise Linux AS 3
  RedHat Enterprise Linux AS 2.1 IA64
  RedHat Enterprise Linux AS 2.1
  RedHat Desktop 4.0
  RedHat Desktop 3.0
  RedHat Advanced Workstation for the Itanium Processor 2.1 IA64
  RedHat Advanced Workstation for the Itanium Processor 2.1
  Poppler poppler 0.5.4
  KDE KOffice 1.6.3
  KDE KOffice 1.6.1
  KDE KOffice 1.6
  KDE KOffice 1.5.91
  KDE KOffice 1.5.2
  KDE KOffice 1.5
  KDE KOffice 1.4.2
  KDE KOffice 1.4.1
  KDE KOffice 1.4
  KDE KOffice 1.3.5
  KDE KOffice 1.3.4
  KDE KOffice 1.3.3
• MandrakeSoft Linux Mandrake 10.1 x86_64
• MandrakeSoft Linux Mandrake 10.1
  KDE KOffice 1.3.2
  KDE KOffice 1.3.1
  KDE KOffice 1.3 beta3
  KDE KOffice 1.3 beta2
  KDE KOffice 1.3 beta1
  KDE KOffice 1.3
• MandrakeSoft Linux Mandrake 10.0 AMD64
• MandrakeSoft Linux Mandrake 10.0
  KDE KOffice 1.2.92
  KDE KOffice 1.2.1
  KDE KOffice 1.2
  KDE KDE 3.5.8
  KDE KDE 3.5.7
  KDE KDE 3.5.6
  KDE KDE 3.5.5
  KDE KDE 3.5.4
  KDE KDE 3.5.3
  KDE KDE 3.5.2
  KDE KDE 3.5.1
  KDE KDE 3.5
  KDE KDE 3.4.3

• Gentoo Linux
  KDE KDE 3.4.2
  KDE KDE 3.4.1

• RedHat Fedora Core4
• RedHat Fedora Core4
  KDE KDE 3.4
  KDE KDE 3.4
  KDE KDE 3.3.2
• Debian Linux 3.1 sparc
• Debian Linux 3.1 sparc
• Debian Linux 3.1 sparc
• Debian Linux 3.1 s/390
• Debian Linux 3.1 s/390
• Debian Linux 3.1 s/390
• Debian Linux 3.1 ppc
• Debian Linux 3.1 ppc
• Debian Linux 3.1 ppc
• Debian Linux 3.1 mipsel
• Debian Linux 3.1 mipsel
• Debian Linux 3.1 mipsel
• Debian Linux 3.1 mips
• Debian Linux 3.1 mips
• Debian Linux 3.1 mips
• Debian Linux 3.1 m68k
• Debian Linux 3.1 m68k
• Debian Linux 3.1 m68k
• Debian Linux 3.1 ia-64
• Debian Linux 3.1 ia-64
• Debian Linux 3.1 ia-64
• Debian Linux 3.1 ia-32
• Debian Linux 3.1 ia-32
• Debian Linux 3.1 ia-32
• Debian Linux 3.1 hppa
• Debian Linux 3.1 hppa
• Debian Linux 3.1 hppa
• Debian Linux 3.1 arm
• Debian Linux 3.1 arm
• Debian Linux 3.1 arm
• Debian Linux 3.1 amd64
• Debian Linux 3.1 amd64
• Debian Linux 3.1 amd64
• Debian Linux 3.1 alpha
• Debian Linux 3.1 alpha
• Debian Linux 3.1 alpha
• Debian Linux 3.1
• Debian Linux 3.1
• Debian Linux 3.1
  KDE KDE 3.3.2
  KDE KDE 3.3.1
• RedHat Fedora Core3
• RedHat Fedora Core3
  KDE KDE 3.3
  KDE KDE 3.2.3
  KDE KDE 3.2.2
• KDE KDE 3.2.2
• RedHat Fedora Core2
  KDE KDE 3.2.1
  KDE KDE 3.2
  GNOME GPdf 2.8.3
  GNOME GPdf 2.8.2
• RedHat Fedora Core3
• RedHat Fedora Core2
  GNOME GPdf 2.8
  Easy Software Products CUPS 1.1.17
• RedHat Desktop 3.0
• RedHat Enterprise Linux WS 3
• RedHat Enterprise Linux ES 3
• RedHat Enterprise Linux AS 3

厂商解决方案
补丁下载：
Xpdf Xpdf 3.02pl1
Xpdf xpdf-3.02pl2.patch
<a href=“ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl2.patch” target=“_blank”>ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl2.patch</a>
KDE KOffice 1.6.3
KDE koffice-1.6.3-xpdf2-CVE-2007-4352-5392-5393.diff
<a href=“ftp://ftp.kde.org/pub/kde/security_patches/koffice-1.6.3-xpdf2-CVE-200” target=“_blank”>ftp://ftp.kde.org/pub/kde/security_patches/koffice-1.6.3-xpdf2-CVE-200</a> 7-4352-5392-5393.diff
KDE KDE 3.5.5
KDE post-3.5.5-kdegraphics-CVE-2007-5393.diff
<a href=“ftp://ftp.kde.org/pub/kde/security_patches/post-3.5.5-kdegraphics-CVE-” target=“_blank”>ftp://ftp.kde.org/pub/kde/security_patches/post-3.5.5-kdegraphics-CVE-</a> 2007-5393.diff
KDE KDE 3.5.6
KDE post-3.5.5-kdegraphics-CVE-2007-5393.diff
<a href=“ftp://ftp.kde.org/pub/kde/security_patches/post-3.5.5-kdegraphics-CVE-” target=“_blank”>ftp://ftp.kde.org/pub/kde/security_patches/post-3.5.5-kdegraphics-CVE-</a> 2007-5393.diff
KDE KDE 3.5.7
KDE post-3.5.5-kdegraphics-CVE-2007-5393.diff
<a href=“ftp://ftp.kde.org/pub/kde/security_patches/post-3.5.5-kdegraphics-CVE-” target=“_blank”>ftp://ftp.kde.org/pub/kde/security_patches/post-3.5.5-kdegraphics-CVE-</a> 2007-5393.diff
KDE KDE 3.5.8
KDE post-3.5.8-kdegraphics-kpdf.diff
<a href=“ftp://ftp.kde.org/pub/kde/security_patches/post-3.5.8-kdegraphics-kpdf.diff” target=“_blank”>ftp://ftp.kde.org/pub/kde/security_patches/post-3.5.8-kdegraphics-kpdf.diff</a>