English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.68124
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2010:0752
Summary:NOSUMMARY
Description:Description:
The remote host is missing updates announced in
advisory RHSA-2010:0752.

GPdf is a viewer for Portable Document Format (PDF) files.

An uninitialized pointer use flaw was discovered in GPdf. An attacker could
create a malicious PDF file that, when opened, would cause GPdf to crash
or, potentially, execute arbitrary code. (CVE-2010-3702)

An array index error was found in the way GPdf parsed PostScript Type 1
fonts embedded in PDF documents. An attacker could create a malicious PDF
file that, when opened, would cause GPdf to crash or, potentially, execute
arbitrary code. (CVE-2010-3704)

Users are advised to upgrade to this updated package, which contains
backported patches to correct these issues.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2010-0752.html
http://www.redhat.com/security/updates/classification/#important

Risk factor : High

CVSS Score:
6.8

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2010-3702
42141
http://secunia.com/advisories/42141
42357
http://secunia.com/advisories/42357
42397
http://secunia.com/advisories/42397
42691
http://secunia.com/advisories/42691
43079
http://secunia.com/advisories/43079
43845
http://www.securityfocus.com/bid/43845
ADV-2010-2897
http://www.vupen.com/english/advisories/2010/2897
ADV-2010-3097
http://www.vupen.com/english/advisories/2010/3097
ADV-2011-0230
http://www.vupen.com/english/advisories/2011/0230
DSA-2119
http://www.debian.org/security/2010/dsa-2119
DSA-2135
http://www.debian.org/security/2010/dsa-2135
FEDORA-2010-15857
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html
FEDORA-2010-15911
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html
FEDORA-2010-15981
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html
FEDORA-2010-16662
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050285.html
FEDORA-2010-16705
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050390.html
FEDORA-2010-16744
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050268.html
MDVSA-2010:228
http://www.mandriva.com/security/advisories?name=MDVSA-2010:228
MDVSA-2010:229
http://www.mandriva.com/security/advisories?name=MDVSA-2010:229
MDVSA-2010:230
http://www.mandriva.com/security/advisories?name=MDVSA-2010:230
MDVSA-2010:231
http://www.mandriva.com/security/advisories?name=MDVSA-2010:231
MDVSA-2012:144
http://www.mandriva.com/security/advisories?name=MDVSA-2012:144
RHSA-2010:0749
http://www.redhat.com/support/errata/RHSA-2010-0749.html
RHSA-2010:0750
http://www.redhat.com/support/errata/RHSA-2010-0750.html
RHSA-2010:0751
http://www.redhat.com/support/errata/RHSA-2010-0751.html
RHSA-2010:0752
http://www.redhat.com/support/errata/RHSA-2010-0752.html
RHSA-2010:0753
http://www.redhat.com/support/errata/RHSA-2010-0753.html
RHSA-2010:0754
http://www.redhat.com/support/errata/RHSA-2010-0754.html
RHSA-2010:0755
http://www.redhat.com/support/errata/RHSA-2010-0755.html
RHSA-2010:0859
http://www.redhat.com/support/errata/RHSA-2010-0859.html
RHSA-2012:1201
http://rhn.redhat.com/errata/RHSA-2012-1201.html
SSA:2010-324-01
http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.571720
SUSE-SR:2010:022
http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html
SUSE-SR:2010:023
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html
SUSE-SR:2010:024
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html
USN-1005-1
http://www.ubuntu.com/usn/USN-1005-1
[oss-security] 20101004 Re: CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils, FireGPG, Wireshark
http://www.openwall.com/lists/oss-security/2010/10/04/6
ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch
http://cgit.freedesktop.org/poppler/poppler/commit/?id=e853106b58d6b4b0467dbd6436c9bb1cfbd372cf
http://www.openoffice.org/security/cves/CVE-2010-3702_CVE-2010-3704.html
https://bugzilla.redhat.com/show_bug.cgi?id=595245
Common Vulnerability Exposure (CVE) ID: CVE-2010-3704
43841
http://www.securityfocus.com/bid/43841
http://cgit.freedesktop.org/poppler/poppler/commit/?id=39d140bfc0b8239bdd96d6a55842034ae5c05473
https://bugzilla.redhat.com/show_bug.cgi?id=638960
CopyrightCopyright (c) 2010 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.