XPDF multiple integer overflows
| xpdf-pdf-bo (17818) |  High Risk |
Description:
XPDF is vulnerable to multiple unspecified integer overflows. A remote attacker could exploit these vulnerabilities to execute arbitrary code on the system or cause the affected application to crash, if the attacker could persuade the victim to open a malicious PDF document.
Note: This vulnerability also affects other applications that are based off of the XPDF code, including CUPS, gpdf and kdegraphics.
Consequences:
Gain Access
Remedy:
Apply the appropriate update for your system. See References.
References:
- CIAC Information Bulletin P-019: Red Hat Updated CUPS Packages Fix Security Issues.
- CIAC Information Bulletin P-142: XPDF/GPDF - CUPS Vulnerabilities.
- CIAC INFORMATION BULLETIN P-171: SGI Advanced Linux Environment 3 Security Update #33.
- Conectiva Linux Security Announcement CLSA-2004:886: Fixes for xpdf vulnerabilities.
- Xpdf Web site: Xpdf.
- ASA-2008-179: cups security update (RHSA-2008-0206)
- BID-11501: Xpdf PDFTOPS Multiple Integer Overflow Vulnerabilities
- CVE-2004-0888: Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889.
- CVE-2005-0206: The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.
- DSA-573: cupsys -- integer overflows
- DSA-581: xpdf -- integer overflows
- DSA-599: tetex-bin -- integer overflows
- GLSA-200410-20: Xpdf, CUPS: Multiple integer overflows
- GLSA-200410-30: GPdf, KPDF, KOffice: Vulnerabilities in included xpdf
- GLSA-200411-30: pdftohtml: Vulnerabilities in included Xpdf
- GLSA-200501-31: teTeX, pTeX, CSTeX: Multiple vulnerabilities
- MDKSA-2004:113: Updated xpdf packages fix vulnerabilities
- MDKSA-2004:114: Updated gpdf packages fix DoS vulnerability
- MDKSA-2004:115: Updated kdegraphics packages fix DoS vulnerability
- MDKSA-2004:116: Updated cups packages fix DoS vulnerabilities
- MDKSA-2004:165: Updated koffice packages fix multiple vulnerabilities
- MDKSA-2004:166: Updated tetex packages fix multiple vulnerabilities
- MDKSA-2005:041: Updated cups packages fix vulnerabilities on 64 bit platforms
- MDKSA-2005:042: Updated gpdf packages fix vulnerabilities on 64 bit platforms
- MDKSA-2005:043: Updated xpdf packages fix vulnerabilities on 64 bit platforms
- MDKSA-2005:044: Updated tetex packages fix vulnerabilities on 64 bit platforms
- MDKSA-2005:052: Updated kdegraphics packages fix vulnerabilities
- MDKSA-2005:056: Updated koffice packages fix vulnerabilities on 64 bit platforms
- RHSA-2004-543: cups security update
- RHSA-2004-592: xpdf security update
- RHSA-2005-034: xpdf security update
- RHSA-2005-053: CUPS security update
- RHSA-2005-057: gpdf security update
- RHSA-2005-066: kdegraphics security update
- RHSA-2005-132: cups security update
- RHSA-2005-213: xpdf security update
- RHSA-2005-354: tetex security update
- SUSE-SA:2004:038: libtiff: local privilege escalation
- SUSE-SA:2004:039: xpdf gpdf kdegraphics3-pdf pdftohtml cups: remote system compromise
- SUSE-SA:2004:040: samba: remote denial of service
- SUSE-SR:2004:002: SUSE Security Summary Report
- SUSE-SR:2005:008: SUSE Security Summary Report
- USN-14-1: xpdf vulnerabilities
- USN-9-1: tetex-bin vulnerabilities
Platforms Affected:
- Canonical Ubuntu 4.10
- Conectiva Linux 10
- Conectiva Linux 9.0
- Debian Debian Linux 3.0
- Easy Software Products CUPS
- Foolabs Xpdf 2.0
- Foolabs Xpdf 3.0
- Gentoo Linux
- KDE KDE 3.2.x
- KDE KDE 3.3.0
- KDE KDE 3.3.1
- MandrakeSoft Mandrake Linux 10.0
- MandrakeSoft Mandrake Linux 10.0 AMD64
- MandrakeSoft Mandrake Linux 10.1
- MandrakeSoft Mandrake Linux 10.1 X86_64
- MandrakeSoft Mandrake Linux 9.2 AMD64
- MandrakeSoft Mandrake Linux 9.2
- MandrakeSoft Mandrake Linux Corporate Server 2.1 X86_64
- MandrakeSoft Mandrake Linux Corporate Server 2.1
- MandrakeSoft Mandrake Linux Corporate Server 3.0
- MandrakeSoft Mandrake Linux Corporate Server 3.0 X86_64
- MandrakeSoft Mandrake Multi Network Firewall 8.2
- Novell Linux Desktop 9
- RedHat Enterprise Linux 2.1 WS
- RedHat Enterprise Linux 2.1 AW
- RedHat Enterprise Linux 2.1 AS
- RedHat Enterprise Linux 2.1 ES
- RedHat Enterprise Linux 3 AS
- RedHat Enterprise Linux 3 Desktop
- RedHat Enterprise Linux 3 ES
- RedHat Enterprise Linux 3 WS
- RedHat Enterprise Linux 4 AS
- RedHat Enterprise Linux 4 WS
- RedHat Enterprise Linux 4 ES
- RedHat Enterprise Linux 4 Desktop
- RedHat Linux Advanced Workstation 2.1 Itanium
- SuSE Linux Enterprise Server 8
- SuSE Linux Enterprise Server 9
- SUSE SuSE Linux 8.1
- SUSE SuSE Linux 8.2
- SUSE SuSE Linux 9.0
- SUSE SuSE Linux 9.1
- SUSE SuSE Linux 9.2
- SUSE SuSE Linux
- SuSE SuSE Linux Desktop 1.0
Reported:
Oct 21, 2004
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net