Description: | Description: The remote host is missing an update to pdfedit announced via advisory FEDORA-2010-1377.
Update Information:
Add patch from upstream to fix several security issues in xpdf code: CVE-2009-1188/CVE-2009-3603, CVE-2009-3604, CVE-2009-3606, CVE-2009-3608, CVE-2009-3609
References:
[ 1 ] Bug #495907 - CVE-2009-1188 xpdf/poppler: SplashBitmap integer overflow https://bugzilla.redhat.com/show_bug.cgi?id=495907 [ 2 ] Bug #526911 - CVE-2009-3604 xpdf/poppler: Splash::drawImage integer overflow and missing allocation return value check https://bugzilla.redhat.com/show_bug.cgi?id=526911 [ 3 ] Bug #526877 - CVE-2009-3606 xpdf/poppler: PSOutputDev::doImageL1Sep integer overflow https://bugzilla.redhat.com/show_bug.cgi?id=526877 [ 4 ] Bug #526637 - CVE-2009-3608 xpdf/poppler: integer overflow in ObjectStream::ObjectStream (oCERT-2009-016) https://bugzilla.redhat.com/show_bug.cgi?id=526637 [ 5 ] Bug #526893 - CVE-2009-3609 xpdf/poppler: ImageStream::ImageStream integer overflow https://bugzilla.redhat.com/show_bug.cgi?id=526893
Solution: Apply the appropriate updates.
This update can be installed with the yum update program. Use su -c 'yum update pdfedit' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/.
https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2010-1377
Risk factor : Critical
CVSS Score: 9.3
|