A security issue affects the following Ubuntu releases:
Ubuntu 4.10 (Warty Warthog)
The following packages are affected:
The problem can be corrected by upgrading the affected package to
version 2.0.2-21ubuntu0.3 (tetex-bin) and 3.00-8ubuntu1.3 (xpdf-reader
and xpdf-utils). In general, a standard system upgrade is sufficient
to effect the necessary changes.
A potential buffer overflow has been found in the xpdf viewer. An
insufficient input validation could be exploited by an attacker
providing a specially crafted PDF file which, when processed by xpdf,
could result in abnormal program termination or the execution of
attacker supplied program code with the user's privileges.
The tetex-bin package contains the affected xpdf code to generate PDF
output and process included PDF files, thus is vulnerable as well.