Test ID:	1.3.6.1.4.1.25623.1.0.59095
Category:	Ubuntu Local Security Checks
Title:	Ubuntu USN-410-1 (poppler)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to poppler announced via advisory USN-410-1. A security issue affects the following Ubuntu releases: Ubuntu 5.10 Ubuntu 6.06 LTS Ubuntu 6.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. Details follow: The poppler PDF loader library did not limit the recursion depth of the page model tree. By tricking a user into opening a specially crafter PDF file, this could be exploited to trigger an infinite loop and eventually crash an application that uses this library. kpdf in Ubuntu 5.10, and KOffice in all Ubuntu releases contains a copy of this code and thus is affected as well. Solution: The problem can be corrected by upgrading your system to the following package versions: Ubuntu 5.10: kpdf 4:3.4.3-0ubuntu2.6 kword 1:1.4.1-0ubuntu7.5 libpoppler0c2 0.4.2-0ubuntu6.8 Ubuntu 6.06 LTS: kword 1:1.5.0-0ubuntu9.1 libpoppler1 0.5.1-0ubuntu7.1 Ubuntu 6.10: kword 1:1.5.2-0ubuntu2.1 libpoppler1 0.5.4-0ubuntu4.1 In general, a standard system upgrade is sufficient to effect the necessary changes. http://www.securityspace.com/smysecure/catid.html?in=USN-410-1 Risk factor : High CVSS Score: 6.8
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2007-0104 BugTraq ID: 21910 http://www.securityfocus.com/bid/21910 Bugtraq: 20070116 [KDE Security Advisory] kpdf/kword/xpdf denial of service vulnerability (Google Search) http://www.securityfocus.com/archive/1/457055/100/0/threaded Cert/CC Advisory: TA07-072A http://www.us-cert.gov/cas/techalerts/TA07-072A.html http://www.mandriva.com/security/advisories?name=MDKSA-2007:018 http://www.mandriva.com/security/advisories?name=MDKSA-2007:019 http://www.mandriva.com/security/advisories?name=MDKSA-2007:020 http://www.mandriva.com/security/advisories?name=MDKSA-2007:021 http://www.mandriva.com/security/advisories?name=MDKSA-2007:022 http://www.mandriva.com/security/advisories?name=MDKSA-2007:024 http://projects.info-pull.com/moab/MOAB-06-01-2007.html http://securitytracker.com/id?1017514 http://www.securitytracker.com/id?1017749 http://secunia.com/advisories/23791 http://secunia.com/advisories/23799 http://secunia.com/advisories/23808 http://secunia.com/advisories/23813 http://secunia.com/advisories/23815 http://secunia.com/advisories/23839 http://secunia.com/advisories/23844 http://secunia.com/advisories/23876 http://secunia.com/advisories/24204 http://secunia.com/advisories/24479 SuSE Security Announcement: SUSE-SR:2007:003 (Google Search) http://www.novell.com/linux/security/advisories/2007_3_sr.html http://www.ubuntu.com/usn/usn-410-1 http://www.ubuntu.com/usn/usn-410-2 http://www.vupen.com/english/advisories/2007/0203 http://www.vupen.com/english/advisories/2007/0212 http://www.vupen.com/english/advisories/2007/0244 http://www.vupen.com/english/advisories/2007/0930 XForce ISS Database: multiple-vendor-pdf-code-execution(31364) https://exchange.xforce.ibmcloud.com/vulnerabilities/31364
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.