Test ID:	1.3.6.1.4.1.25623.1.0.59997
Category:	Fedora Local Security Checks
Title:	Fedora Core 8 FEDORA-2007-4031 (poppler)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to poppler announced via advisory FEDORA-2007-4031. Poppler, a PDF rendering library, it's a fork of the xpdf PDF viewer developed by Derek Noonburg of Glyph and Cog, LLC. Update Information: New upstream version incorporate fixes for following security issues affecting xpdf code included in poppler: CVE-2007-4352, CVE-2007-5392, CVE-2007-5393 References: [ 1 ] Bug #403211 - [RFE] please package xpdf header files in poppler https://bugzilla.redhat.com/show_bug.cgi?id=403211 [ 2 ] Bug #372511 - CVE-2007-4352 CVE-2007-5392 CVE-2007-5393 Multiple poppler vulnerabilities [f8] https://bugzilla.redhat.com/show_bug.cgi?id=372511 Solution: Apply the appropriate updates. This update can be installed with the yum update program. Use su -c 'yum update poppler' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2007-4031 Risk factor : Critical CVSS Score: 9.3
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2007-4352 BugTraq ID: 26367 http://www.securityfocus.com/bid/26367 Bugtraq: 20071107 Secunia Research: Xpdf "Stream.cc" Multiple Vulnerabilities (Google Search) http://www.securityfocus.com/archive/1/483372 Debian Security Information: DSA-1480 (Google Search) http://www.debian.org/security/2008/dsa-1480 Debian Security Information: DSA-1509 (Google Search) http://www.debian.org/security/2008/dsa-1509 Debian Security Information: DSA-1537 (Google Search) http://www.debian.org/security/2008/dsa-1537 https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html http://security.gentoo.org/glsa/glsa-200711-22.xml http://security.gentoo.org/glsa/glsa-200711-34.xml http://security.gentoo.org/glsa/glsa-200805-13.xml http://www.mandriva.com/security/advisories?name=MDKSA-2007:219 http://www.mandriva.com/security/advisories?name=MDKSA-2007:220 http://www.mandriva.com/security/advisories?name=MDKSA-2007:221 http://www.mandriva.com/security/advisories?name=MDKSA-2007:222 http://www.mandriva.com/security/advisories?name=MDKSA-2007:223 http://www.mandriva.com/security/advisories?name=MDKSA-2007:227 http://www.mandriva.com/security/advisories?name=MDKSA-2007:228 http://www.mandriva.com/security/advisories?name=MDKSA-2007:230 http://secunia.com/secunia_research/2007-88/advisory/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9979 http://www.redhat.com/support/errata/RHSA-2007-1021.html http://www.redhat.com/support/errata/RHSA-2007-1022.html http://www.redhat.com/support/errata/RHSA-2007-1024.html http://www.redhat.com/support/errata/RHSA-2007-1025.html http://www.redhat.com/support/errata/RHSA-2007-1026.html http://www.redhat.com/support/errata/RHSA-2007-1027.html http://www.redhat.com/support/errata/RHSA-2007-1029.html http://www.redhat.com/support/errata/RHSA-2007-1030.html http://www.securitytracker.com/id?1018905 http://secunia.com/advisories/26503 http://secunia.com/advisories/27260 http://secunia.com/advisories/27553 http://secunia.com/advisories/27573 http://secunia.com/advisories/27574 http://secunia.com/advisories/27575 http://secunia.com/advisories/27577 http://secunia.com/advisories/27578 http://secunia.com/advisories/27599 http://secunia.com/advisories/27615 http://secunia.com/advisories/27618 http://secunia.com/advisories/27619 http://secunia.com/advisories/27632 http://secunia.com/advisories/27634 http://secunia.com/advisories/27636 http://secunia.com/advisories/27637 http://secunia.com/advisories/27640 http://secunia.com/advisories/27641 http://secunia.com/advisories/27642 http://secunia.com/advisories/27645 http://secunia.com/advisories/27656 http://secunia.com/advisories/27658 http://secunia.com/advisories/27705 http://secunia.com/advisories/27721 http://secunia.com/advisories/27724 http://secunia.com/advisories/27743 http://secunia.com/advisories/27856 http://secunia.com/advisories/28043 http://secunia.com/advisories/28812 http://secunia.com/advisories/29104 http://secunia.com/advisories/29604 http://secunia.com/advisories/30168 http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.761882 SuSE Security Announcement: SUSE-SA:2007:060 (Google Search) http://www.novell.com/linux/security/advisories/2007_60_pdf.html http://www.ubuntu.com/usn/usn-542-1 http://www.ubuntu.com/usn/usn-542-2 http://www.vupen.com/english/advisories/2007/3774 http://www.vupen.com/english/advisories/2007/3775 http://www.vupen.com/english/advisories/2007/3776 http://www.vupen.com/english/advisories/2007/3779 http://www.vupen.com/english/advisories/2007/3786 XForce ISS Database: xpdf-dctstreamread-memory-corruption(38306) https://exchange.xforce.ibmcloud.com/vulnerabilities/38306 Common Vulnerability Exposure (CVE) ID: CVE-2007-5392 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10036 XForce ISS Database: xpdf-dctstreamreset-bo(38303) https://exchange.xforce.ibmcloud.com/vulnerabilities/38303 Common Vulnerability Exposure (CVE) ID: CVE-2007-5393 Debian Security Information: DSA-1408 (Google Search) http://www.debian.org/security/2007/dsa-1408 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9839 http://www.redhat.com/support/errata/RHSA-2007-1023.html http://www.redhat.com/support/errata/RHSA-2007-1028.html http://www.redhat.com/support/errata/RHSA-2007-1031.html http://www.redhat.com/support/errata/RHSA-2007-1051.html http://secunia.com/advisories/27579 http://secunia.com/advisories/27718 http://secunia.com/advisories/27772 XForce ISS Database: xpdf-ccittfaxstreamlookchar-bo(38304) https://exchange.xforce.ibmcloud.com/vulnerabilities/38304
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.