From 8393f841e2ca6750b624e3e0ef62780c348241b4 Mon Sep 17 00:00:00 2001 From: Xin LI Date: Tue, 13 Nov 2007 01:14:50 +0000 Subject: Document xpdf arbitrary code execution vulnerability, as documented in CVE-2007-4352, CVE-2007-5392, CVE-2007-5393. Approved by: portmgr (ports-security blanket) --- security/vuxml/vuln.xml | 64 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 64 insertions(+) diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index ffe97ff73eef..c2b3ca19db0e 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -34,6 +34,70 @@ Note: Please add new entries to the beginning of this file. --> + + xpdf -- multiple remote Stream.CC vulnerabilities + + + cups-base + 0 + + + gpdf + 0 + + + kdegraphics + 3.5.8_1 + + + koffice + 1.6.3_3,2 + + + poppler + 0.6 + + + xpdf + 3.02_5 + + + + +

Secunia Research reports:

+
Secunia Research has discovered some vulnerabilities in Xpdf, + which can be exploited by malicious people to compromise a user's + system.
+
+
An array indexing error within the + "DCTStream::readProgressiveDataUnit()" method in xpdf/Stream.cc + can be exploited to corrupt memory via a specially crafted PDF + file.
+
An integer overflow error within the "DCTStream::reset()" + method in xpdf/Stream.cc can be exploited to cause a heap-based + buffer overflow via a specially crafted PDF file.
+
A boundary error within the "CCITTFaxStream::lookChar()" method + in xpdf/Stream.cc can be exploited to cause a heap-based buffer + overflow by tricking a user into opening a PDF file containing a + specially crafted "CCITTFaxDecode" filter.
+
+
Successful exploitation may allow execution of arbitrary code.
+

+ + + + 26367 + CVE-2007-4352 + CVE-2007-5392 + CVE-2007-5393 + + + 2007-11-07 + 2007-11-12 + + + plone -- unsafe data interpreted as pickles -- cgit v1.2.3