Test Kennung:	1.3.6.1.4.1.25623.1.0.900457
Kategorie:	Buffer overflow
Titel:	Xpdf Multiple Vulnerabilities
Zusammenfassung:	The PDF viewer Xpdf is prone to multiple vulnerabilities on Linux; systems that can lead to arbitrary code execution.
Beschreibung:	Summary: The PDF viewer Xpdf is prone to multiple vulnerabilities on Linux systems that can lead to arbitrary code execution. Vulnerability Insight: - Integer overflow in Xpdf JBIG2 Decoder which allows the attacker create a malicious crafted PDF File and causes code execution. - Flaws in Xpdf JBIG2 Decoder which causes buffer overflow, freeing of arbitrary memory causing Xpdf application to crash. Vulnerability Impact: Successful exploitation will let the attacker craft a malicious PDF File and execute arbitrary codes into the context of the affected application to cause denial of service attacks, buffer overflow attacks, remote code executions etc. Affected Software/OS: Xpdf version 3.02 and prior on Linux. Solution: Apply Xpdf v3.02 pl3 patch. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2009-0195 BugTraq ID: 34791 http://www.securityfocus.com/bid/34791 Bugtraq: 20090417 Secunia Research: CUPS pdftops JBIG2 Symbol Dictionary Buffer Overflow (Google Search) http://www.securityfocus.com/archive/1/502759/100/0/threaded Bugtraq: 20090417 Secunia Research: Xpdf JBIG2 Symbol Dictionary Buffer Overflow Vulnerability (Google Search) http://www.securityfocus.com/archive/1/502762/100/0/threaded http://www.mandriva.com/security/advisories?name=MDVSA-2010:087 http://secunia.com/secunia_research/2009-17/ http://secunia.com/secunia_research/2009-18/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10076 RedHat Security Advisories: RHSA-2009:0458 http://rhn.redhat.com/errata/RHSA-2009-0458.html http://www.redhat.com/support/errata/RHSA-2009-0480.html http://secunia.com/advisories/34291 http://secunia.com/advisories/34481 http://secunia.com/advisories/34756 http://secunia.com/advisories/34963 http://secunia.com/advisories/35064 http://www.vupen.com/english/advisories/2010/1040 Common Vulnerability Exposure (CVE) ID: CVE-2009-0166 BugTraq ID: 34568 http://www.securityfocus.com/bid/34568 Bugtraq: 20090417 rPSA-2009-0061-1 cups (Google Search) http://www.securityfocus.com/archive/1/502750/100/0/threaded Debian Security Information: DSA-1790 (Google Search) http://www.debian.org/security/2009/dsa-1790 Debian Security Information: DSA-1793 (Google Search) http://www.debian.org/security/2009/dsa-1793 https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html http://security.gentoo.org/glsa/glsa-200904-20.xml http://www.mandriva.com/security/advisories?name=MDVSA-2009:101 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9778 http://www.redhat.com/support/errata/RHSA-2009-0429.html http://www.redhat.com/support/errata/RHSA-2009-0430.html http://www.redhat.com/support/errata/RHSA-2009-0431.html http://www.securitytracker.com/id?1022073 http://secunia.com/advisories/34755 http://secunia.com/advisories/34852 http://secunia.com/advisories/34959 http://secunia.com/advisories/34991 http://secunia.com/advisories/35037 http://secunia.com/advisories/35065 http://secunia.com/advisories/35618 http://secunia.com/advisories/35685 http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477 SuSE Security Announcement: SUSE-SA:2009:024 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html SuSE Security Announcement: SUSE-SR:2009:010 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html SuSE Security Announcement: SUSE-SR:2009:012 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html http://www.vupen.com/english/advisories/2009/1065 http://www.vupen.com/english/advisories/2009/1066 http://www.vupen.com/english/advisories/2009/1077 Common Vulnerability Exposure (CVE) ID: CVE-2009-0147 http://lists.apple.com/archives/security-announce/2009/May/msg00002.html http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html Bugtraq: 20090417 rPSA-2009-0059-1 poppler (Google Search) http://www.securityfocus.com/archive/1/502761/100/0/threaded Cert/CC Advisory: TA09-133A http://www.us-cert.gov/cas/techalerts/TA09-133A.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9941 http://secunia.com/advisories/35074 http://www.vupen.com/english/advisories/2009/1297 http://www.vupen.com/english/advisories/2009/1621 Common Vulnerability Exposure (CVE) ID: CVE-2009-0146 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9632 Common Vulnerability Exposure (CVE) ID: CVE-2009-1183 1022072 http://www.securitytracker.com/id?1022072 34291 34481 34568 34746 http://secunia.com/advisories/34746 34755 34756 34852 34959 34963 34991 35037 35064 35065 35618 35685 ADV-2009-1065 ADV-2009-1066 ADV-2009-1076 http://www.vupen.com/english/advisories/2009/1076 ADV-2009-1077 ADV-2010-1040 DSA-1790 DSA-1793 FEDORA-2009-6972 FEDORA-2009-6973 FEDORA-2009-6982 MDVSA-2009:101 MDVSA-2010:087 MDVSA-2011:175 http://www.mandriva.com/security/advisories?name=MDVSA-2011:175 RHSA-2009:0429 RHSA-2009:0430 RHSA-2009:0431 RHSA-2009:0458 RHSA-2009:0480 SSA:2009-129-01 SUSE-SA:2009:024 SUSE-SR:2009:010 SUSE-SR:2009:012 VU#196617 http://www.kb.cert.org/vuls/id/196617 http://poppler.freedesktop.org/releases.html https://bugzilla.redhat.com/show_bug.cgi?id=495899 oval:org.mitre.oval:def:10769 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10769 Common Vulnerability Exposure (CVE) ID: CVE-2009-1182 1022073 https://bugzilla.redhat.com/show_bug.cgi?id=495896 oval:org.mitre.oval:def:10735 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10735 Common Vulnerability Exposure (CVE) ID: CVE-2009-1181 https://bugzilla.redhat.com/show_bug.cgi?id=495894 oval:org.mitre.oval:def:9683 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9683 Common Vulnerability Exposure (CVE) ID: CVE-2009-1179 35379 http://secunia.com/advisories/35379 ADV-2009-1522 http://www.vupen.com/english/advisories/2009/1522 ADV-2009-1621 APPLE-SA-2009-06-08-1 http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html APPLE-SA-2009-06-17-1 http://support.apple.com/kb/HT3613 http://support.apple.com/kb/HT3639 https://bugzilla.redhat.com/show_bug.cgi?id=495889 oval:org.mitre.oval:def:11892 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11892 Common Vulnerability Exposure (CVE) ID: CVE-2009-0800 https://bugzilla.redhat.com/show_bug.cgi?id=495887 oval:org.mitre.oval:def:11323 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11323 Common Vulnerability Exposure (CVE) ID: CVE-2009-1180 https://bugzilla.redhat.com/show_bug.cgi?id=495892 oval:org.mitre.oval:def:9926 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9926 Common Vulnerability Exposure (CVE) ID: CVE-2009-0799 http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=495886 oval:org.mitre.oval:def:10204 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10204 Common Vulnerability Exposure (CVE) ID: CVE-2009-0165 XForce ISS Database: multiple-jbig2-unspecified(50377) https://exchange.xforce.ibmcloud.com/vulnerabilities/50377
Copyright	Copyright (C) 2009 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.