English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 324607 CVE Beschreibungen
und 145615 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.59020
Kategorie:Slackware Local Security Checks
Titel:Slackware: Security Advisory (SSA:2007-316-01)
Zusammenfassung:The remote host is missing an update for the 'xpdf/poppler/koffice/kdegraphics' package(s) announced via the SSA:2007-316-01 advisory.
Beschreibung:Summary:
The remote host is missing an update for the 'xpdf/poppler/koffice/kdegraphics' package(s) announced via the SSA:2007-316-01 advisory.

Vulnerability Insight:
New xpdf packages are available for Slackware 9.1, 10.0, 10.1, 10.2, 11.0,
12.0, and -current. New poppler packages are available for Slackware 12.0
and -current. New koffice packages are available for Slackware 11.0, 12.0,
and -current. New kdegraphics packages are available for Slackware 10.2,
11.0, 12.0, and -current.

These updated packages address similar bugs which could be used to crash
applications linked with poppler or that use code from xpdf through the
use of a malformed PDF document. It is possible that a maliciously
crafted document could cause code to be executed in the context of the
user running the application processing the PDF.

These advisories and CVE entries cover the bugs:
[links moved to references]


Here are the details from the Slackware 12.0 ChangeLog:
+--------------------------+
patches/packages/kdegraphics-3.5.7-i486-2_slack12.0.tgz:
Patched xpdf related bugs.
For more information, see:
[links moved to references]
(* Security fix *)
patches/packages/koffice-1.6.3-i486-2_slack12.0.tgz:
Patched xpdf related bugs.
For more information, see:
[links moved to references]
(* Security fix *)
patches/packages/poppler-0.6.2-i486-1_slack12.0.tgz:
Upgraded to poppler-0.6.2.
This release fixes xpdf related bugs.
For more information, see:
[links moved to references]
(* Security fix *)
patches/packages/xpdf-3.02pl2-i486-1_slack12.0.tgz:
Upgraded to xpdf-3.02pl2.
The pl2 patch fixes a crash in xpdf.
Some theorize that this could be used to execute arbitrary code if an
untrusted PDF file is opened, but no real-world examples are known (yet).
For more information, see:
[links moved to references]
(* Security fix *)
+--------------------------+

Affected Software/OS:
'xpdf/poppler/koffice/kdegraphics' package(s) on Slackware 9.1, Slackware 10.0, Slackware 10.1, Slackware 10.2, Slackware 11.0, Slackware 12.0, Slackware current.

Solution:
Please install the updated package(s).

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2007-3387
1018473
http://www.securitytracker.com/id?1018473
20070801-01-P
ftp://patches.sgi.com/support/free/security/advisories/20070801-01-P.asc
20070814 FLEA-2007-0044-1 tetex tetex-dvips tetex-fonts
http://www.securityfocus.com/archive/1/476508/100/0/threaded
20070814 FLEA-2007-0045-1 poppler
http://www.securityfocus.com/archive/1/476519/30/5400/threaded
20070816 FLEA-2007-0046-1 cups
http://www.securityfocus.com/archive/1/476765/30/5340/threaded
25124
http://www.securityfocus.com/bid/25124
26188
http://secunia.com/advisories/26188
26251
http://secunia.com/advisories/26251
26254
http://secunia.com/advisories/26254
26255
http://secunia.com/advisories/26255
26257
http://secunia.com/advisories/26257
26278
http://secunia.com/advisories/26278
26281
http://secunia.com/advisories/26281
26283
http://secunia.com/advisories/26283
26292
http://secunia.com/advisories/26292
26293
http://secunia.com/advisories/26293
26297
http://secunia.com/advisories/26297
26307
http://secunia.com/advisories/26307
26318
http://secunia.com/advisories/26318
26325
http://secunia.com/advisories/26325
26342
http://secunia.com/advisories/26342
26343
http://secunia.com/advisories/26343
26358
http://secunia.com/advisories/26358
26365
http://secunia.com/advisories/26365
26370
http://secunia.com/advisories/26370
26395
http://secunia.com/advisories/26395
26403
http://secunia.com/advisories/26403
26405
http://secunia.com/advisories/26405
26407
http://secunia.com/advisories/26407
26410
http://secunia.com/advisories/26410
26413
http://secunia.com/advisories/26413
26425
http://secunia.com/advisories/26425
26432
http://secunia.com/advisories/26432
26436
http://secunia.com/advisories/26436
26467
http://secunia.com/advisories/26467
26468
http://secunia.com/advisories/26468
26470
http://secunia.com/advisories/26470
26514
http://secunia.com/advisories/26514
26607
http://secunia.com/advisories/26607
26627
http://secunia.com/advisories/26627
26862
http://secunia.com/advisories/26862
26982
http://secunia.com/advisories/26982
27156
http://secunia.com/advisories/27156
27281
http://secunia.com/advisories/27281
27308
http://secunia.com/advisories/27308
27637
http://secunia.com/advisories/27637
30168
http://secunia.com/advisories/30168
40127
http://osvdb.org/40127
ADV-2007-2704
http://www.vupen.com/english/advisories/2007/2704
ADV-2007-2705
http://www.vupen.com/english/advisories/2007/2705
DSA-1347
http://www.debian.org/security/2007/dsa-1347
DSA-1348
http://www.debian.org/security/2007/dsa-1348
DSA-1349
http://www.debian.org/security/2007/dsa-1349
DSA-1350
http://www.debian.org/security/2007/dsa-1350
DSA-1352
http://www.debian.org/security/2007/dsa-1352
DSA-1354
http://www.debian.org/security/2007/dsa-1354
DSA-1355
http://www.debian.org/security/2007/dsa-1355
DSA-1357
http://www.debian.org/security/2007/dsa-1357
GLSA-200709-12
http://security.gentoo.org/glsa/glsa-200709-12.xml
GLSA-200709-17
http://security.gentoo.org/glsa/glsa-200709-17.xml
GLSA-200710-08
http://www.gentoo.org/security/en/glsa/glsa-200710-08.xml
GLSA-200710-20
http://security.gentoo.org/glsa/glsa-200710-20.xml
GLSA-200711-34
http://security.gentoo.org/glsa/glsa-200711-34.xml
GLSA-200805-13
http://security.gentoo.org/glsa/glsa-200805-13.xml
MDKSA-2007:158
http://www.mandriva.com/security/advisories?name=MDKSA-2007:158
MDKSA-2007:159
http://www.mandriva.com/security/advisories?name=MDKSA-2007:159
MDKSA-2007:160
http://www.mandriva.com/security/advisories?name=MDKSA-2007:160
MDKSA-2007:161
http://www.mandriva.com/security/advisories?name=MDKSA-2007:161
MDKSA-2007:162
http://www.mandriva.com/security/advisories?name=MDKSA-2007:162
MDKSA-2007:163
http://www.mandriva.com/security/advisories?name=MDKSA-2007:163
MDKSA-2007:164
http://www.mandriva.com/security/advisories?name=MDKSA-2007:164
MDKSA-2007:165
http://www.mandriva.com/security/advisories?name=MDKSA-2007:165
RHSA-2007:0720
http://www.redhat.com/support/errata/RHSA-2007-0720.html
RHSA-2007:0729
http://www.redhat.com/support/errata/RHSA-2007-0729.html
RHSA-2007:0730
http://www.redhat.com/support/errata/RHSA-2007-0730.html
RHSA-2007:0731
http://www.redhat.com/support/errata/RHSA-2007-0731.html
RHSA-2007:0732
http://www.redhat.com/support/errata/RHSA-2007-0732.html
RHSA-2007:0735
http://www.redhat.com/support/errata/RHSA-2007-0735.html
SSA:2007-222-05
http://www.slackware.org/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.423670
SSA:2007-316-01
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.761882
SUSE-SR:2007:015
http://www.novell.com/linux/security/advisories/2007_15_sr.html
SUSE-SR:2007:016
http://www.novell.com/linux/security/advisories/2007_16_sr.html
USN-496-1
http://www.ubuntu.com/usn/usn-496-1
USN-496-2
http://www.ubuntu.com/usn/usn-496-2
ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl1.patch
http://bugs.gentoo.org/show_bug.cgi?id=187139
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=248194
http://sourceforge.net/project/shownotes.php?release_id=535497
http://support.avaya.com/elmodocs2/security/ASA-2007-401.htm
http://www.kde.org/info/security/advisory-20070730-1.txt
https://issues.foresightlinux.org/browse/FL-471
https://issues.rpath.com/browse/RPL-1596
https://issues.rpath.com/browse/RPL-1604
oval:org.mitre.oval:def:11149
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11149
Common Vulnerability Exposure (CVE) ID: CVE-2007-4352
BugTraq ID: 26367
http://www.securityfocus.com/bid/26367
Bugtraq: 20071107 Secunia Research: Xpdf "Stream.cc" Multiple Vulnerabilities (Google Search)
http://www.securityfocus.com/archive/1/483372
Debian Security Information: DSA-1480 (Google Search)
http://www.debian.org/security/2008/dsa-1480
Debian Security Information: DSA-1509 (Google Search)
http://www.debian.org/security/2008/dsa-1509
Debian Security Information: DSA-1537 (Google Search)
http://www.debian.org/security/2008/dsa-1537
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html
https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html
http://security.gentoo.org/glsa/glsa-200711-22.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:219
http://www.mandriva.com/security/advisories?name=MDKSA-2007:220
http://www.mandriva.com/security/advisories?name=MDKSA-2007:221
http://www.mandriva.com/security/advisories?name=MDKSA-2007:222
http://www.mandriva.com/security/advisories?name=MDKSA-2007:223
http://www.mandriva.com/security/advisories?name=MDKSA-2007:227
http://www.mandriva.com/security/advisories?name=MDKSA-2007:228
http://www.mandriva.com/security/advisories?name=MDKSA-2007:230
http://secunia.com/secunia_research/2007-88/advisory/
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9979
http://www.redhat.com/support/errata/RHSA-2007-1021.html
http://www.redhat.com/support/errata/RHSA-2007-1022.html
http://www.redhat.com/support/errata/RHSA-2007-1024.html
http://www.redhat.com/support/errata/RHSA-2007-1025.html
http://www.redhat.com/support/errata/RHSA-2007-1026.html
http://www.redhat.com/support/errata/RHSA-2007-1027.html
http://www.redhat.com/support/errata/RHSA-2007-1029.html
http://www.redhat.com/support/errata/RHSA-2007-1030.html
http://www.securitytracker.com/id?1018905
http://secunia.com/advisories/26503
http://secunia.com/advisories/27260
http://secunia.com/advisories/27553
http://secunia.com/advisories/27573
http://secunia.com/advisories/27574
http://secunia.com/advisories/27575
http://secunia.com/advisories/27577
http://secunia.com/advisories/27578
http://secunia.com/advisories/27599
http://secunia.com/advisories/27615
http://secunia.com/advisories/27618
http://secunia.com/advisories/27619
http://secunia.com/advisories/27632
http://secunia.com/advisories/27634
http://secunia.com/advisories/27636
http://secunia.com/advisories/27640
http://secunia.com/advisories/27641
http://secunia.com/advisories/27642
http://secunia.com/advisories/27645
http://secunia.com/advisories/27656
http://secunia.com/advisories/27658
http://secunia.com/advisories/27705
http://secunia.com/advisories/27721
http://secunia.com/advisories/27724
http://secunia.com/advisories/27743
http://secunia.com/advisories/27856
http://secunia.com/advisories/28043
http://secunia.com/advisories/28812
http://secunia.com/advisories/29104
http://secunia.com/advisories/29604
SuSE Security Announcement: SUSE-SA:2007:060 (Google Search)
http://www.novell.com/linux/security/advisories/2007_60_pdf.html
http://www.ubuntu.com/usn/usn-542-1
http://www.ubuntu.com/usn/usn-542-2
http://www.vupen.com/english/advisories/2007/3774
http://www.vupen.com/english/advisories/2007/3775
http://www.vupen.com/english/advisories/2007/3776
http://www.vupen.com/english/advisories/2007/3779
http://www.vupen.com/english/advisories/2007/3786
XForce ISS Database: xpdf-dctstreamread-memory-corruption(38306)
https://exchange.xforce.ibmcloud.com/vulnerabilities/38306
Common Vulnerability Exposure (CVE) ID: CVE-2007-5392
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10036
XForce ISS Database: xpdf-dctstreamreset-bo(38303)
https://exchange.xforce.ibmcloud.com/vulnerabilities/38303
Common Vulnerability Exposure (CVE) ID: CVE-2007-5393
Debian Security Information: DSA-1408 (Google Search)
http://www.debian.org/security/2007/dsa-1408
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9839
http://www.redhat.com/support/errata/RHSA-2007-1023.html
http://www.redhat.com/support/errata/RHSA-2007-1028.html
http://www.redhat.com/support/errata/RHSA-2007-1031.html
http://www.redhat.com/support/errata/RHSA-2007-1051.html
http://secunia.com/advisories/27579
http://secunia.com/advisories/27718
http://secunia.com/advisories/27772
XForce ISS Database: xpdf-ccittfaxstreamlookchar-bo(38304)
https://exchange.xforce.ibmcloud.com/vulnerabilities/38304
CopyrightCopyright (C) 2012 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2025 E-Soft Inc. Alle Rechte vorbehalten.