Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Fedora Local Security Checks
Title:Fedora Legacy Security Advisory FLSA-2006:152868

The remote host is missing updates announced in
advisory FLSA-2006:152868.

A number of integer overflow bugs that affect Xpdf were discovered. The
teTeX package contains a copy of the Xpdf code used for parsing PDF
files and is therefore affected by these bugs. The Common
Vulnerabilities and Exposures project ( has assigned the
names CVE-2004-0888 and CVE-2004-1125 to these issues.

Several flaws were discovered in the teTeX PDF parsing library. An
attacker could construct a carefully crafted PDF file that could cause
teTeX to crash or possibly execute arbitrary code when opened. The
Common Vulnerabilities and Exposures project assigned the names
CVE-2005-3191, CVE-2005-3192, CVE-2005-3193, CVE-2005-3624,
CVE-2005-3625, CVE-2005-3626, CVE-2005-3627 and CVE-2005-3628 to these

Users of teTeX should upgrade to these updated packages, which contain
backported patches and are not vulnerable to these issues.

Affected platforms:
Redhat 7.3
Redhat 9
Fedora Core 1
Fedora Core 2


Risk factor : Critical

CVSS Score:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2004-0888
BugTraq ID: 11501
Conectiva Linux advisory: CLA-2004:886
Debian Security Information: DSA-573 (Google Search)
Debian Security Information: DSA-581 (Google Search)
Debian Security Information: DSA-599 (Google Search)
SuSE Security Announcement: SUSE-SA:2004:039 (Google Search)
XForce ISS Database: xpdf-pdf-bo(17818)
Common Vulnerability Exposure (CVE) ID: CVE-2004-1125
BugTraq ID: 12070
Bugtraq: 20041228 KDE Security Advisory: kpdf Buffer Overflow Vulnerability (Google Search)
Conectiva Linux advisory: CLA-2005:921
SCO Security Bulletin: SCOSA-2005.42
SuSE Security Announcement: SUSE-SR:2005:001 (Google Search)
XForce ISS Database: xpdf-gfx-doimage-bo(18641)
Common Vulnerability Exposure (CVE) ID: CVE-2005-3191
BugTraq ID: 15726
BugTraq ID: 15727
Bugtraq: 20051207 [KDE Security Advisory] multiple buffer overflows in kpdf/koffice (Google Search)
Debian Security Information: DSA-931 (Google Search)
Debian Security Information: DSA-932 (Google Search)
Debian Security Information: DSA-936 (Google Search)
Debian Security Information: DSA-937 (Google Search)
Debian Security Information: DSA-938 (Google Search)
Debian Security Information: DSA-940 (Google Search)
Debian Security Information: DSA-950 (Google Search)
Debian Security Information: DSA-961 (Google Search)
Debian Security Information: DSA-962 (Google Search)
RedHat Security Advisories: RHSA-2005:868
SCO Security Bulletin: SCOSA-2006.15
SCO Security Bulletin: SCOSA-2006.20
SCO Security Bulletin: SCOSA-2006.21
SGI Security Advisory: 20051201-01-U
SGI Security Advisory: 20060101-01-U
SGI Security Advisory: 20060201-01-U
SuSE Security Announcement: SUSE-SA:2006:001 (Google Search)
SuSE Security Announcement: SUSE-SR:2005:029 (Google Search)
SuSE Security Announcement: SUSE-SR:2006:001 (Google Search)
SuSE Security Announcement: SUSE-SR:2006:002 (Google Search)
XForce ISS Database: xpdf-dctstream-baseline-bo(23444)
XForce ISS Database: xpdf-dctstream-progressive-bo(23443)
Common Vulnerability Exposure (CVE) ID: CVE-2005-3192
BugTraq ID: 15725
XForce ISS Database: xpdf-streampredictor-bo(23442)
Common Vulnerability Exposure (CVE) ID: CVE-2005-3193
BugTraq ID: 15721
XForce ISS Database: xpdf-jpx-stream-bo(23441)
Common Vulnerability Exposure (CVE) ID: CVE-2005-3624
BugTraq ID: 16143
RedHat Security Advisories: RHSA-2006:0177
XForce ISS Database: xpdf-ccitt-faxstream-bo(24022)
Common Vulnerability Exposure (CVE) ID: CVE-2005-3625
XForce ISS Database: xpdf-ccittfaxdecode-dctdecode-dos(24023)
Common Vulnerability Exposure (CVE) ID: CVE-2005-3626
XForce ISS Database: xpdf-flatedecode-dos(24026)
Common Vulnerability Exposure (CVE) ID: CVE-2005-3627
XForce ISS Database: xpdf-readhuffmantables-bo(24024)
XForce ISS Database: xpdf-readscaninfo-bo(24025)
Common Vulnerability Exposure (CVE) ID: CVE-2005-3628
CopyrightCopyright (c) 2006 E-Soft Inc.

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2022 E-Soft Inc. All rights reserved.