Description: | Description: The remote host is missing an update to xpdf announced via advisory FEDORA-2009-3820.
Update Information:
Fix several security updates in xpdf (3.02pl3 patch applied). ChangeLog:
* Thu Apr 16 2009 Tom spot Callaway - 1:3.02-13 - apply xpdf-3.02pl3 security patch to fix: CVE-2009-0799, CVE-2009-0800, CVE-2009-1179, CVE-2009-1180 CVE-2009-1181, CVE-2009-1182, CVE-2009-1183
References:
[ 1 ] Bug #495886 - CVE-2009-0799 PDF JBIG2 decoder OOB read https://bugzilla.redhat.com/show_bug.cgi?id=495886 [ 2 ] Bug #495887 - CVE-2009-0800 PDF JBIG2 multiple input validation flaws https://bugzilla.redhat.com/show_bug.cgi?id=495887 [ 3 ] Bug #495889 - CVE-2009-1179 PDF JBIG2 integer overflow https://bugzilla.redhat.com/show_bug.cgi?id=495889 [ 4 ] Bug #495892 - CVE-2009-1180 PDF JBIG2 invalid free() https://bugzilla.redhat.com/show_bug.cgi?id=495892 [ 5 ] Bug #495894 - CVE-2009-1181 PDF JBIG2 NULL dereference https://bugzilla.redhat.com/show_bug.cgi?id=495894 [ 6 ] Bug #495896 - CVE-2009-1182 PDF JBIG2 MMR decoder buffer overflows https://bugzilla.redhat.com/show_bug.cgi?id=495896 [ 7 ] Bug #495899 - CVE-2009-1183 PDF JBIG2 MMR infinite loop DoS https://bugzilla.redhat.com/show_bug.cgi?id=495899 [ 8 ] Bug #490612 - CVE-2009-0146 xpdf: Multiple buffer overflows in JBIG2 decoder (setBitmap, readSymbolDictSeg) https://bugzilla.redhat.com/show_bug.cgi?id=490612 [ 9 ] Bug #490614 - CVE-2009-0147 xpdf: Multiple integer overflows in JBIG2 decoder https://bugzilla.redhat.com/show_bug.cgi?id=490614 [ 10 ] Bug #490625 - CVE-2009-0166 xpdf: Freeing of potentially uninitialized memory in JBIG2 decoder https://bugzilla.redhat.com/show_bug.cgi?id=490625
Solution: Apply the appropriate updates.
This update can be installed with the yum update program. Use su -c 'yum update xpdf' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/.
https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-3820
CVSS Score: 7.5
CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
|