 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.1.13.2024.040.01 |
| Kategorie: | Slackware Local Security Checks |
| Titel: | Slackware: Security Advisory (SSA:2024-040-01) |
| Zusammenfassung: | The remote host is missing an update for the 'xpdf' package(s) announced via the SSA:2024-040-01 advisory. |
| Beschreibung: | Summary: The remote host is missing an update for the 'xpdf' package(s) announced via the SSA:2024-040-01 advisory. Vulnerability Insight: New xpdf packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: +--------------------------+ patches/packages/xpdf-4.05-i586-1_slack15.0.txz: Upgraded. This update fixes security issues: Fixed a bug in the ICCBased color space parser that was allowing the number of components to be zero. Thanks to huckleberry for the bug report. Fixed a bug in the ICCBased color space parser that was allowing the number of components to be zero. Thanks to huckleberry for the bug report. Added checks for PDF object loops in AcroForm::scanField(), Catalog::readPageLabelTree2(), and Catalog::readEmbeddedFileTree(). The zero-width character problem can also happen if the page size is very large -- that needs to be limited too, the same way as character position coordinates. Thanks to jlinliu for the bug report. Add some missing bounds check code in DCTStream. Thanks to Jiahao Liu for the bug report. Fix a deadlock when an object stream's length field is contained in another object stream. Thanks to Jiahao Liu for the bug report. For more information, see: [links moved to references] (* Security fix *) +--------------------------+ Affected Software/OS: 'xpdf' package(s) on Slackware 15.0, Slackware current. Solution: Please install the updated package(s). CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2018-16369 https://github.com/TeamSeri0us/pocs/tree/master/xpdf Common Vulnerability Exposure (CVE) ID: CVE-2018-7453 https://forum.xpdfreader.com/viewtopic.php?p=814#p814 Common Vulnerability Exposure (CVE) ID: CVE-2022-36561 https://forum.xpdfreader.com/viewtopic.php?f=3&t=42308 Common Vulnerability Exposure (CVE) ID: CVE-2022-41844 http://www.xpdfreader.com/download.html https://forum.xpdfreader.com/viewtopic.php?f=1&t=42340&p=43928&hilit=gfseek#p43928 https://forum.xpdfreader.com/viewtopic.php?f=3&t=42308&p=43844&hilit=XRef%3A%3Afetch#p43844 Common Vulnerability Exposure (CVE) ID: CVE-2023-2662 https://forum.xpdfreader.com/viewtopic.php?t=42505 Common Vulnerability Exposure (CVE) ID: CVE-2023-2663 https://forum.xpdfreader.com/viewtopic.php?t=42421 Common Vulnerability Exposure (CVE) ID: CVE-2023-2664 https://forum.xpdfreader.com/viewtopic.php?t=42422 Common Vulnerability Exposure (CVE) ID: CVE-2023-3044 https://github.com/baker221/poc-xpdf https://www.xpdfreader.com/security-bug/CVE-2023-3044.html Common Vulnerability Exposure (CVE) ID: CVE-2023-3436 https://forum.xpdfreader.com/viewtopic.php?t=42618 |
| Copyright | Copyright (C) 2024 Greenbone AG |
| Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |