 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.1.13.2024.040.01 |
| Categoría: | Slackware Local Security Checks |
| Título: | Slackware: Security Advisory (SSA:2024-040-01) |
| Resumen: | The remote host is missing an update for the 'xpdf' package(s) announced via the SSA:2024-040-01 advisory. |
| Descripción: | Summary: The remote host is missing an update for the 'xpdf' package(s) announced via the SSA:2024-040-01 advisory. Vulnerability Insight: New xpdf packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: +--------------------------+ patches/packages/xpdf-4.05-i586-1_slack15.0.txz: Upgraded. This update fixes security issues: Fixed a bug in the ICCBased color space parser that was allowing the number of components to be zero. Thanks to huckleberry for the bug report. Fixed a bug in the ICCBased color space parser that was allowing the number of components to be zero. Thanks to huckleberry for the bug report. Added checks for PDF object loops in AcroForm::scanField(), Catalog::readPageLabelTree2(), and Catalog::readEmbeddedFileTree(). The zero-width character problem can also happen if the page size is very large -- that needs to be limited too, the same way as character position coordinates. Thanks to jlinliu for the bug report. Add some missing bounds check code in DCTStream. Thanks to Jiahao Liu for the bug report. Fix a deadlock when an object stream's length field is contained in another object stream. Thanks to Jiahao Liu for the bug report. For more information, see: [links moved to references] (* Security fix *) +--------------------------+ Affected Software/OS: 'xpdf' package(s) on Slackware 15.0, Slackware current. Solution: Please install the updated package(s). CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2018-16369 https://github.com/TeamSeri0us/pocs/tree/master/xpdf Common Vulnerability Exposure (CVE) ID: CVE-2018-7453 https://forum.xpdfreader.com/viewtopic.php?p=814#p814 Common Vulnerability Exposure (CVE) ID: CVE-2022-36561 https://forum.xpdfreader.com/viewtopic.php?f=3&t=42308 Common Vulnerability Exposure (CVE) ID: CVE-2022-41844 http://www.xpdfreader.com/download.html https://forum.xpdfreader.com/viewtopic.php?f=1&t=42340&p=43928&hilit=gfseek#p43928 https://forum.xpdfreader.com/viewtopic.php?f=3&t=42308&p=43844&hilit=XRef%3A%3Afetch#p43844 Common Vulnerability Exposure (CVE) ID: CVE-2023-2662 https://forum.xpdfreader.com/viewtopic.php?t=42505 Common Vulnerability Exposure (CVE) ID: CVE-2023-2663 https://forum.xpdfreader.com/viewtopic.php?t=42421 Common Vulnerability Exposure (CVE) ID: CVE-2023-2664 https://forum.xpdfreader.com/viewtopic.php?t=42422 Common Vulnerability Exposure (CVE) ID: CVE-2023-3044 https://github.com/baker221/poc-xpdf https://www.xpdfreader.com/security-bug/CVE-2023-3044.html Common Vulnerability Exposure (CVE) ID: CVE-2023-3436 https://forum.xpdfreader.com/viewtopic.php?t=42618 |
| Copyright | Copyright (C) 2024 Greenbone AG |
| Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |