SCIENTIFIC-LINUX-ERRATA Archives

November 2007

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Security ERRATA for xpdf on SL4.x i386/x86_64
From:
Connie Sieh <[log in to unmask]>
Reply To:
Connie Sieh <[log in to unmask]>
Date:
Wed, 7 Nov 2007 17:08:55 -0600
Content-Type:
TEXT/PLAIN
Parts/Attachments:
TEXT/PLAIN (26 lines) 
Synopsis:          Important: xpdf security update

CVE Names:         CVE-2007-4352
                    CVE-2007-5392
                    CVE-2007-5393

Problem description:

Alin Rad Pop discovered several flaws in the handling of PDF files. An
attacker could create a malicious PDF file that would cause Xpdf to crash,
or potentially execute arbitrary code when opened.
(CVE-2007-4352, CVE-2007-5392, CVE-2007-5393)

SL4.x

SRPMS:
 	xpdf-3.00-14.el4.src.rpm

i386:
 	xpdf-3.00-14.el4.i386.rpm

x86_64:
 	xpdf-3.00-14.el4.x86_64.rpm

-Connie Sieh

ATOM RSS1 RSS2