Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title tetex security update
Informations
Name RHSA-2010:0401 First vendor Publication 2010-05-06
Vendor RedHat Last vendor Modification 2010-05-06
Severity (Vendor) Moderate Revision 01

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Cvss Base Score 6.8 Attack Range Network
Cvss Impact Score 6.4 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Problem Description:

Updated tetex packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3.

The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

2. Relevant releases/architectures:

Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64

3. Description:

teTeX is an implementation of TeX. TeX takes a text file and a set of formatting commands as input, and creates a typesetter-independent DeVice Independent (DVI) file as output.

A buffer overflow flaw was found in the way teTeX processed virtual font files when converting DVI files into PostScript. An attacker could create a malicious DVI file that would cause the dvips executable to crash or, potentially, execute arbitrary code. (CVE-2010-0827)

Multiple integer overflow flaws were found in the way teTeX processed special commands when converting DVI files into PostScript. An attacker could create a malicious DVI file that would cause the dvips executable to crash or, potentially, execute arbitrary code. (CVE-2010-0739, CVE-2010-1440)

A stack-based buffer overflow flaw was found in the way teTeX processed DVI files containing HyperTeX references with long titles, when converting them into PostScript. An attacker could create a malicious DVI file that would cause the dvips executable to crash. (CVE-2007-5935)

teTeX embeds a copy of Xpdf, an open source Portable Document Format (PDF) file viewer, to allow adding images in PDF format to the generated PDF documents. The following issues affect Xpdf code:

Multiple integer overflow flaws were found in Xpdf. If a local user generated a PDF file from a TeX document, referencing a specially-crafted PDF file, it would cause Xpdf to crash or, potentially, execute arbitrary code with the privileges of the user running pdflatex. (CVE-2009-0791, CVE-2009-3609)

All users of tetex are advised to upgrade to these updated packages, which contain backported patches to correct these issues.

4. Solution:

Before applying this update, make sure all previously-released errata relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

368591 - CVE-2007-5935 dvips -z buffer overflow with long href 491840 - CVE-2009-0791 xpdf: multiple integer overflows 526893 - CVE-2009-3609 xpdf/poppler: ImageStream::ImageStream integer overflow 572914 - CVE-2010-0827 tetex, texlive: Buffer overflow flaw by processing virtual font files 572941 - CVE-2010-0739 tetex, texlive: Integer overflow by processing special commands 586819 - CVE-2010-1440 tetex, texlive: Integer overflow by processing special commands

Original Source

Url : https://rhn.redhat.com/errata/RHSA-2010-0401.html

CWE : Common Weakness Enumeration

% Id Name
83 % CWE-189 Numeric Errors (CWE/SANS Top 25)
17 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:10052
 
Oval ID: oval:org.mitre.oval:def:10052
Title: Integer overflow in dvips in TeX Live 2009 and earlier, and teTeX, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted virtual font (VF) file associated with a DVI file.
Description: Integer overflow in dvips in TeX Live 2009 and earlier, and teTeX, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted virtual font (VF) file associated with a DVI file.
Family: unix Class: vulnerability
Reference(s): CVE-2010-0827
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:10068
 
Oval ID: oval:org.mitre.oval:def:10068
Title: Multiple integer overflows in dvipsk/dospecial.c in dvips in TeX Live 2009 and earlier, and teTeX, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a special command in a DVI file, related to the (1) predospecial and (2) bbdospecial functions, a different vulnerability than CVE-2010-0739.
Description: Multiple integer overflows in dvipsk/dospecial.c in dvips in TeX Live 2009 and earlier, and teTeX, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a special command in a DVI file, related to the (1) predospecial and (2) bbdospecial functions, a different vulnerability than CVE-2010-0739.
Family: unix Class: vulnerability
Reference(s): CVE-2010-1440
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:10534
 
Oval ID: oval:org.mitre.oval:def:10534
Title: Multiple integer overflows in Xpdf 2.x and 3.x and Poppler 0.x, as used in the pdftops filter in CUPS 1.1.17, 1.1.22, and 1.3.7, GPdf, and kdegraphics KPDF, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file that triggers a heap-based buffer overflow, possibly related to (1) Decrypt.cxx, (2) FoFiTrueType.cxx, (3) gmem.c, (4) JBIG2Stream.cxx, and (5) PSOutputDev.cxx in pdftops/. NOTE: the JBIG2Stream.cxx vector may overlap CVE-2009-1179.
Description: Multiple integer overflows in Xpdf 2.x and 3.x and Poppler 0.x, as used in the pdftops filter in CUPS 1.1.17, 1.1.22, and 1.3.7, GPdf, and kdegraphics KPDF, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file that triggers a heap-based buffer overflow, possibly related to (1) Decrypt.cxx, (2) FoFiTrueType.cxx, (3) gmem.c, (4) JBIG2Stream.cxx, and (5) PSOutputDev.cxx in pdftops/. NOTE: the JBIG2Stream.cxx vector may overlap CVE-2009-1179.
Family: unix Class: vulnerability
Reference(s): CVE-2009-0791
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11043
 
Oval ID: oval:org.mitre.oval:def:11043
Title: Integer overflow in the ImageStream::ImageStream function in Stream.cc in Xpdf before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, and CUPS pdftops, allows remote attackers to cause a denial of service (application crash) via a crafted PDF document that triggers a NULL pointer dereference or buffer over-read.
Description: Integer overflow in the ImageStream::ImageStream function in Stream.cc in Xpdf before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, and CUPS pdftops, allows remote attackers to cause a denial of service (application crash) via a crafted PDF document that triggers a NULL pointer dereference or buffer over-read.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3609
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11311
 
Oval ID: oval:org.mitre.oval:def:11311
Title: Stack-based buffer overflow in hpc.c in dvips in teTeX and TeXlive 2007 and earlier allows user-assisted attackers to execute arbitrary code via a DVI file with a long href tag.
Description: Stack-based buffer overflow in hpc.c in dvips in teTeX and TeXlive 2007 and earlier allows user-assisted attackers to execute arbitrary code via a DVI file with a long href tag.
Family: unix Class: vulnerability
Reference(s): CVE-2007-5935
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11468
 
Oval ID: oval:org.mitre.oval:def:11468
Title: Integer overflow in the predospecial function in dospecial.c in dvips in (1) TeX Live and (2) teTeX might allow user-assisted remote attackers to execute arbitrary code via a crafted DVI file that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information.
Description: Integer overflow in the predospecial function in dospecial.c in dvips in (1) TeX Live and (2) teTeX might allow user-assisted remote attackers to execute arbitrary code via a crafted DVI file that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information.
Family: unix Class: vulnerability
Reference(s): CVE-2010-0739
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:11826
 
Oval ID: oval:org.mitre.oval:def:11826
Title: DSA-2050 kdegraphics -- several vulnerabilities
Description: Several local vulnerabilities have been discovered in KPDF, a PDF viewer for KDE, which allow the execution of arbitrary code or denial of service if a user is tricked into opening a crafted PDF document.
Family: unix Class: patch
Reference(s): DSA-2050
CVE-2009-1188
CVE-2009-3603
CVE-2009-3604
CVE-2009-3606
CVE-2009-3608
CVE-2009-3609
Version: 7
Platform(s): Debian GNU/Linux 5.0
Product(s): kdegraphics
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13298
 
Oval ID: oval:org.mitre.oval:def:13298
Title: DSA-2050-1 kdegraphics -- several
Description: Several local vulnerabilities have been discovered in KPDF, a PDF viewer for KDE, which allow the execution of arbitrary code or denial of service if a user is tricked into opening a crafted PDF document. For the stable distribution, these problems have been fixed in version 4:3.5.9-3+lenny3. The unstable distribution no longer contains kpdf. It's replacement, Okular, links against the poppler PDF library. We recommend that you upgrade your kdegraphics packages.
Family: unix Class: patch
Reference(s): DSA-2050-1
CVE-2009-1188
CVE-2009-3603
CVE-2009-3604
CVE-2009-3606
CVE-2009-3608
CVE-2009-3609
Version: 7
Platform(s): Debian GNU/Linux 5.0
Product(s): kdegraphics
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13322
 
Oval ID: oval:org.mitre.oval:def:13322
Title: USN-850-3 -- poppler vulnerabilities
Description: USN-850-1 fixed vulnerabilities in poppler. This update provides the corresponding updates for Ubuntu 9.10. Original advisory details: It was discovered that poppler contained multiple security issues when parsing malformed PDF documents. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program.
Family: unix Class: patch
Reference(s): USN-850-3
CVE-2009-3603
CVE-2009-3604
CVE-2009-3607
CVE-2009-3608
CVE-2009-3609
Version: 5
Platform(s): Ubuntu 9.10
Product(s): poppler
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13382
 
Oval ID: oval:org.mitre.oval:def:13382
Title: DSA-2028-1 xpdf -- multiple
Description: Several vulnerabilities have been identified in xpdf, a suite of tools for viewing and converting Portable Document Format files. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-1188 and CVE-2009-3603 Integer overflow in SplashBitmap::SplashBitmap which might allow remote attackers to execute arbitrary code or an application crash via a crafted PDF document. CVE-2009-3604 NULL pointer dereference or heap-based buffer overflow in Splash::drawImage which might allow remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted PDF document. CVE-2009-3606 Integer overflow in the PSOutputDev::doImageL1Sep which might allow remote attackers to execute arbitrary code via a crafted PDF document. CVE-2009-3608 Integer overflows in the ObjectStream::ObjectStream which might allow remote attackers to execute arbitrary code via a crafted PDF document. CVE-2009-3609 Integer overflow in the ImageStream::ImageStream which might allow remote attackers to cause a denial of service via a crafted PDF document. For the stable distribution, this problem has been fixed in version 3.02-1.4+lenny2. For the testing distribution, this problem will be fixed soon. For the unstable distribution, this problem has been fixed in version 3.02-2.
Family: unix Class: patch
Reference(s): DSA-2028-1
CVE-2009-1188
CVE-2009-3603
CVE-2009-3604
CVE-2009-3606
CVE-2009-3608
CVE-2009-3609
Version: 5
Platform(s): Debian GNU/Linux 5.0
Product(s): xpdf
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13403
 
Oval ID: oval:org.mitre.oval:def:13403
Title: USN-937-1 -- texlive-bin vulnerabilities
Description: It was discovered that TeX Live incorrectly handled certain long .bib bibliography files. If a user or automated system were tricked into processing a specially crafted bib file, an attacker could cause a denial of service via application crash. This issue only affected Ubuntu 8.04 LTS, 9.04 and 9.10. Marc Schoenefeld, Karel Šrot and Ludwig Nussel discovered that TeX Live incorrectly handled certain malformed dvi files. If a user or automated system were tricked into processing a specially crafted dvi file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. Dan Rosenberg discovered that TeX Live incorrectly handled certain malformed dvi files. If a user or automated system were tricked into processing a specially crafted dvi file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program
Family: unix Class: patch
Reference(s): USN-937-1
CVE-2009-1284
CVE-2010-0739
CVE-2010-1440
CVE-2010-0827
Version: 5
Platform(s): Ubuntu 8.04
Ubuntu 10.04
Ubuntu 9.04
Ubuntu 9.10
Product(s): texlive-bin
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13701
 
Oval ID: oval:org.mitre.oval:def:13701
Title: USN-850-1 -- poppler vulnerabilities
Description: It was discovered that poppler contained multiple security issues when parsing malformed PDF documents. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program.
Family: unix Class: patch
Reference(s): USN-850-1
CVE-2009-0755
CVE-2009-3603
CVE-2009-3604
CVE-2009-3605
CVE-2009-3607
CVE-2009-3608
CVE-2009-3609
Version: 5
Platform(s): Ubuntu 8.04
Ubuntu 9.04
Ubuntu 6.06
Ubuntu 8.10
Product(s): poppler
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22251
 
Oval ID: oval:org.mitre.oval:def:22251
Title: RHSA-2010:0400: tetex security update (Moderate)
Description: Multiple integer overflows in dvipsk/dospecial.c in dvips in TeX Live 2009 and earlier, and teTeX, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a special command in a DVI file, related to the (1) predospecial and (2) bbdospecial functions, a different vulnerability than CVE-2010-0739.
Family: unix Class: patch
Reference(s): RHSA-2010:0400-01
CESA-2010:0400
CVE-2009-0146
CVE-2009-0147
CVE-2009-0166
CVE-2009-0195
CVE-2009-0791
CVE-2009-0799
CVE-2009-0800
CVE-2009-1179
CVE-2009-1180
CVE-2009-1181
CVE-2009-1182
CVE-2009-1183
CVE-2009-3608
CVE-2009-3609
CVE-2010-0739
CVE-2010-0829
CVE-2010-1440
Version: 224
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): tetex
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22899
 
Oval ID: oval:org.mitre.oval:def:22899
Title: ELSA-2009:1513: cups security update (Moderate)
Description: Integer overflow in the ImageStream::ImageStream function in Stream.cc in Xpdf before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, and CUPS pdftops, allows remote attackers to cause a denial of service (application crash) via a crafted PDF document that triggers a NULL pointer dereference or buffer over-read.
Family: unix Class: patch
Reference(s): ELSA-2009:1513-01
CVE-2009-3608
CVE-2009-3609
Version: 13
Platform(s): Oracle Linux 5
Product(s): cups
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22929
 
Oval ID: oval:org.mitre.oval:def:22929
Title: ELSA-2009:1502: kdegraphics security update (Important)
Description: Integer overflow in the ImageStream::ImageStream function in Stream.cc in Xpdf before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, and CUPS pdftops, allows remote attackers to cause a denial of service (application crash) via a crafted PDF document that triggers a NULL pointer dereference or buffer over-read.
Family: unix Class: patch
Reference(s): ELSA-2009:1502-01
CVE-2009-0791
CVE-2009-1188
CVE-2009-3604
CVE-2009-3606
CVE-2009-3608
CVE-2009-3609
Version: 29
Platform(s): Oracle Linux 5
Product(s): kdegraphics
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22959
 
Oval ID: oval:org.mitre.oval:def:22959
Title: ELSA-2009:1504: poppler security and bug fix update (Important)
Description: Integer overflow in the ImageStream::ImageStream function in Stream.cc in Xpdf before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, and CUPS pdftops, allows remote attackers to cause a denial of service (application crash) via a crafted PDF document that triggers a NULL pointer dereference or buffer over-read.
Family: unix Class: patch
Reference(s): ELSA-2009:1504-01
CVE-2009-3603
CVE-2009-3608
CVE-2009-3609
Version: 17
Platform(s): Oracle Linux 5
Product(s): poppler
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23168
 
Oval ID: oval:org.mitre.oval:def:23168
Title: ELSA-2010:0400: tetex security update (Moderate)
Description: Multiple integer overflows in dvipsk/dospecial.c in dvips in TeX Live 2009 and earlier, and teTeX, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a special command in a DVI file, related to the (1) predospecial and (2) bbdospecial functions, a different vulnerability than CVE-2010-0739.
Family: unix Class: patch
Reference(s): ELSA-2010:0400-01
CVE-2009-0146
CVE-2009-0147
CVE-2009-0166
CVE-2009-0195
CVE-2009-0791
CVE-2009-0799
CVE-2009-0800
CVE-2009-1179
CVE-2009-1180
CVE-2009-1181
CVE-2009-1182
CVE-2009-1183
CVE-2009-3608
CVE-2009-3609
CVE-2010-0739
CVE-2010-0829
CVE-2010-1440
Version: 73
Platform(s): Oracle Linux 5
Product(s): tetex
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28897
 
Oval ID: oval:org.mitre.oval:def:28897
Title: RHSA-2009:1502 -- kdegraphics security update (Important)
Description: Updated kdegraphics packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The kdegraphics packages contain applications for the K Desktop Environment, including KPDF, a viewer for Portable Document Format (PDF) files.
Family: unix Class: patch
Reference(s): RHSA-2009:1502
CESA-2009:1502-CentOS 5
CVE-2009-0791
CVE-2009-1188
CVE-2009-3604
CVE-2009-3606
CVE-2009-3608
CVE-2009-3609
Version: 3
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): kdegraphics
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28916
 
Oval ID: oval:org.mitre.oval:def:28916
Title: RHSA-2009:1504 -- poppler security and bug fix update (Important)
Description: Updated poppler packages that fix multiple security issues and a bug are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Poppler is a Portable Document Format (PDF) rendering library, used by applications such as Evince.
Family: unix Class: patch
Reference(s): RHSA-2009:1504
CESA-2009:1504-CentOS 5
CVE-2009-3603
CVE-2009-3608
CVE-2009-3609
Version: 3
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): poppler
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:29310
 
Oval ID: oval:org.mitre.oval:def:29310
Title: RHSA-2009:1513 -- cups security update (Moderate)
Description: Updated cups packages that fix two security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team.
Family: unix Class: patch
Reference(s): RHSA-2009:1513
CESA-2009:1513-CentOS 5
CVE-2009-3608
CVE-2009-3609
Version: 3
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): cups
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6990
 
Oval ID: oval:org.mitre.oval:def:6990
Title: DSA-2028 xpdf -- multiple vulnerabilities
Description: Several vulnerabilities have been identified in xpdf, a suite of tools for viewing and converting Portable Document Format files. The Common Vulnerabilities and Exposures project identifies the following problems: Integer overflow in SplashBitmap::SplashBitmap which might allow remote attackers to execute arbitrary code or an application crash via a crafted PDF document. NULL pointer dereference or heap-based buffer overflow in Splash::drawImage which might allow remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted PDF document. Integer overflow in the PSOutputDev::doImageL1Sep which might allow remote attackers to execute arbitrary code via a crafted PDF document. Integer overflow in the ObjectStream::ObjectStream which might allow remote attackers to execute arbitrary code via a crafted PDF document. Integer overflow in the ImageStream::ImageStream which might allow remote attackers to cause a denial of service via a crafted PDF document.
Family: unix Class: patch
Reference(s): DSA-2028
CVE-2009-1188
CVE-2009-3603
CVE-2009-3604
CVE-2009-3606
CVE-2009-3608
CVE-2009-3609
Version: 5
Platform(s): Debian GNU/Linux 5.0
Product(s): xpdf
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:8134
 
Oval ID: oval:org.mitre.oval:def:8134
Title: Multiple Security Vulnerabilities in the Solaris GNOME PDF Rendering Libraries May Lead to a Denial of Service (DoS) or Execution of Arbitrary Code
Description: Integer overflow in the ImageStream::ImageStream function in Stream.cc in Xpdf before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, and CUPS pdftops, allows remote attackers to cause a denial of service (application crash) via a crafted PDF document that triggers a NULL pointer dereference or buffer over-read.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3609
Version: 2
Platform(s): Sun Solaris 10
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 3
Application 3
Application 3
Application 56
Application 1
Application 1
Application 13
Application 1

OpenVAS Exploits

Date Description
2012-08-10 Name : Gentoo Security Advisory GLSA 201206-28 (TeX Live)
File : nvt/glsa_201206_28.nasl
2011-11-18 Name : Mandriva Update for poppler MDVSA-2011:175 (poppler)
File : nvt/gb_mandriva_MDVSA_2011_175.nasl
2011-08-09 Name : CentOS Update for poppler CESA-2009:1504 centos5 i386
File : nvt/gb_CESA-2009_1504_poppler_centos5_i386.nasl
2011-08-09 Name : CentOS Update for kdegraphics CESA-2009:1502 centos5 i386
File : nvt/gb_CESA-2009_1502_kdegraphics_centos5_i386.nasl
2011-08-09 Name : CentOS Update for xpdf CESA-2009:1501 centos4 i386
File : nvt/gb_CESA-2009_1501_xpdf_centos4_i386.nasl
2011-08-09 Name : CentOS Update for xpdf CESA-2009:1500 centos3 i386
File : nvt/gb_CESA-2009_1500_xpdf_centos3_i386.nasl
2011-08-09 Name : CentOS Update for cups CESA-2009:1083 centos3 i386
File : nvt/gb_CESA-2009_1083_cups_centos3_i386.nasl
2011-08-09 Name : CentOS Update for tetex CESA-2010:0400 centos5 i386
File : nvt/gb_CESA-2010_0400_tetex_centos5_i386.nasl
2011-08-09 Name : CentOS Update for gpdf CESA-2009:1503 centos4 i386
File : nvt/gb_CESA-2009_1503_gpdf_centos4_i386.nasl
2011-08-09 Name : CentOS Update for kdegraphics CESA-2009:1512 centos4 i386
File : nvt/gb_CESA-2009_1512_kdegraphics_centos4_i386.nasl
2011-08-09 Name : CentOS Update for cups CESA-2009:1513 centos5 i386
File : nvt/gb_CESA-2009_1513_cups_centos5_i386.nasl
2010-10-19 Name : CentOS Update for cups CESA-2010:0755 centos4 i386
File : nvt/gb_CESA-2010_0755_cups_centos4_i386.nasl
2010-10-19 Name : RedHat Update for cups RHSA-2010:0755-01
File : nvt/gb_RHSA-2010_0755-01_cups.nasl
2010-08-20 Name : Ubuntu Update for koffice vulnerabilities USN-973-1
File : nvt/gb_ubuntu_USN_973_1.nasl
2010-06-03 Name : Debian Security Advisory DSA 2050-1 (kdegraphics)
File : nvt/deb_2050_1.nasl
2010-05-28 Name : Fedora Update for texlive FEDORA-2010-8273
File : nvt/gb_fedora_2010_8273_texlive_fc11.nasl
2010-05-28 Name : Fedora Update for texlive FEDORA-2010-8242
File : nvt/gb_fedora_2010_8242_texlive_fc12.nasl
2010-05-17 Name : Mandriva Update for tetex MDVSA-2010:094 (tetex)
File : nvt/gb_mandriva_MDVSA_2010_094.nasl
2010-05-17 Name : CentOS Update for tetex CESA-2010:0401 centos3 i386
File : nvt/gb_CESA-2010_0401_tetex_centos3_i386.nasl
2010-05-17 Name : CentOS Update for tetex CESA-2010:0399 centos4 i386
File : nvt/gb_CESA-2010_0399_tetex_centos4_i386.nasl
2010-05-07 Name : RedHat Update for tetex RHSA-2010:0399-01
File : nvt/gb_RHSA-2010_0399-01_tetex.nasl
2010-05-07 Name : Ubuntu Update for texlive-bin vulnerabilities USN-937-1
File : nvt/gb_ubuntu_USN_937_1.nasl
2010-05-07 Name : RedHat Update for tetex RHSA-2010:0400-01
File : nvt/gb_RHSA-2010_0400-01_tetex.nasl
2010-05-07 Name : RedHat Update for tetex RHSA-2010:0401-01
File : nvt/gb_RHSA-2010_0401-01_tetex.nasl
2010-04-21 Name : Debian Security Advisory DSA 2028-1 (xpdf)
File : nvt/deb_2028_1.nasl
2010-03-12 Name : Mandriva Update for nufw MDVA-2010:094 (nufw)
File : nvt/gb_mandriva_MDVA_2010_094.nasl
2010-03-12 Name : Mandriva Update for mmc-wizard MDVA-2010:096 (mmc-wizard)
File : nvt/gb_mandriva_MDVA_2010_096.nasl
2010-03-12 Name : Mandriva Update for mmc-wizard MDVA-2010:096-1 (mmc-wizard)
File : nvt/gb_mandriva_MDVA_2010_096_1.nasl
2010-03-12 Name : Mandriva Update for poppler MDVSA-2010:055 (poppler)
File : nvt/gb_mandriva_MDVSA_2010_055.nasl
2010-03-12 Name : Mandriva Update for irqbalance MDVA-2010:086 (irqbalance)
File : nvt/gb_mandriva_MDVA_2010_086.nasl
2010-03-02 Name : Fedora Update for pdfedit FEDORA-2010-1842
File : nvt/gb_fedora_2010_1842_pdfedit_fc11.nasl
2010-03-02 Name : Fedora Update for pdfedit FEDORA-2010-1377
File : nvt/gb_fedora_2010_1377_pdfedit_fc12.nasl
2009-12-30 Name : Mandriva Security Advisory MDVSA-2009:334 (poppler)
File : nvt/mdksa_2009_334.nasl
2009-12-30 Name : Mandriva Security Advisory MDVSA-2009:336 (koffice)
File : nvt/mdksa_2009_336.nasl
2009-12-14 Name : Mandriva Security Advisory MDVSA-2009:282-1 (cups)
File : nvt/mdksa_2009_282_1.nasl
2009-12-14 Name : Mandriva Security Advisory MDVSA-2009:331 (kdegraphics)
File : nvt/mdksa_2009_331.nasl
2009-12-10 Name : Mandriva Security Advisory MDVSA-2009:287-1 (xpdf)
File : nvt/mdksa_2009_287_1.nasl
2009-11-23 Name : Ubuntu USN-850-3 (poppler)
File : nvt/ubuntu_850_3.nasl
2009-11-17 Name : SLES10: Security update for kdegraphics3-pdf
File : nvt/sles10_kdegraphics3-pd0.nasl
2009-11-11 Name : CentOS Security Advisory CESA-2009:1513 (cups)
File : nvt/ovcesa2009_1513.nasl
2009-11-11 Name : SuSE Security Summary SUSE-SR:2009:018
File : nvt/suse_sr_2009_018.nasl
2009-11-11 Name : CentOS Security Advisory CESA-2009:1504 (poppler)
File : nvt/ovcesa2009_1504.nasl
2009-11-11 Name : CentOS Security Advisory CESA-2009:1502 (kdegraphics)
File : nvt/ovcesa2009_1502.nasl
2009-11-11 Name : Fedora Core 11 FEDORA-2009-10845 (poppler)
File : nvt/fcore_2009_10845.nasl
2009-11-11 Name : Fedora Core 10 FEDORA-2009-10823 (poppler)
File : nvt/fcore_2009_10823.nasl
2009-11-11 Name : SLES10: Security update for xpdf
File : nvt/sles10_xpdf2.nasl
2009-10-27 Name : Ubuntu USN-850-1 (poppler)
File : nvt/ubuntu_850_1.nasl
2009-10-27 Name : Mandrake Security Advisory MDVSA-2009:287 (xpdf)
File : nvt/mdksa_2009_287.nasl
2009-10-27 Name : Mandrake Security Advisory MDVSA-2009:283 (cups)
File : nvt/mdksa_2009_283.nasl
2009-10-27 Name : Mandrake Security Advisory MDVSA-2009:282 (cups)
File : nvt/mdksa_2009_282.nasl
2009-10-27 Name : Mandrake Security Advisory MDVSA-2009:281 (cups)
File : nvt/mdksa_2009_281.nasl
2009-10-27 Name : Mandrake Security Advisory MDVSA-2009:280 (cups)
File : nvt/mdksa_2009_280.nasl
2009-10-27 Name : FreeBSD Ports: xpdf
File : nvt/freebsd_xpdf4.nasl
2009-10-27 Name : Fedora Core 11 FEDORA-2009-10648 (xpdf)
File : nvt/fcore_2009_10648.nasl
2009-10-27 Name : Fedora Core 10 FEDORA-2009-10694 (xpdf)
File : nvt/fcore_2009_10694.nasl
2009-10-19 Name : CentOS Security Advisory CESA-2009:1512 (kdegraphics)
File : nvt/ovcesa2009_1512.nasl
2009-10-19 Name : RedHat Security Advisory RHSA-2009:1512
File : nvt/RHSA_2009_1512.nasl
2009-10-19 Name : RedHat Security Advisory RHSA-2009:1513
File : nvt/RHSA_2009_1513.nasl
2009-10-19 Name : CentOS Security Advisory CESA-2009:1503 (gpdf)
File : nvt/ovcesa2009_1503.nasl
2009-10-19 Name : RedHat Security Advisory RHSA-2009:1504
File : nvt/RHSA_2009_1504.nasl
2009-10-19 Name : CentOS Security Advisory CESA-2009:1501 (xpdf)
File : nvt/ovcesa2009_1501.nasl
2009-10-19 Name : RedHat Security Advisory RHSA-2009:1503
File : nvt/RHSA_2009_1503.nasl
2009-10-19 Name : RedHat Security Advisory RHSA-2009:1502
File : nvt/RHSA_2009_1502.nasl
2009-10-19 Name : RedHat Security Advisory RHSA-2009:1501
File : nvt/RHSA_2009_1501.nasl
2009-10-19 Name : RedHat Security Advisory RHSA-2009:1500
File : nvt/RHSA_2009_1500.nasl
2009-10-19 Name : CentOS Security Advisory CESA-2009:1500 (xpdf)
File : nvt/ovcesa2009_1500.nasl
2009-10-13 Name : SLES10: Security update for CUPS
File : nvt/sles10_cups2.nasl
2009-10-13 Name : SLES10: Security update for xpdf
File : nvt/sles10_xpdf0.nasl
2009-10-11 Name : SLES11: Security update for xpdf
File : nvt/sles11_xpdf-tools.nasl
2009-10-10 Name : SLES9: Security update for CUPS
File : nvt/sles9p5051582.nasl
2009-09-09 Name : SuSE Security Summary SUSE-SR:2009:014
File : nvt/suse_sr_2009_014.nasl
2009-07-06 Name : SuSE Security Summary SUSE-SR:2009:012
File : nvt/suse_sr_2009_012.nasl
2009-06-16 Name : CUPS Denial of Service Vulnerability - Jun09
File : nvt/gb_cups_dos_vuln_jun09.nasl
2009-06-05 Name : RedHat Security Advisory RHSA-2009:1083
File : nvt/RHSA_2009_1083.nasl
2009-06-05 Name : CentOS Security Advisory CESA-2009:1083 (cups)
File : nvt/ovcesa2009_1083.nasl
2009-04-09 Name : Mandriva Update for tetex MDKSA-2007:230 (tetex)
File : nvt/gb_mandriva_MDKSA_2007_230.nasl
2009-03-23 Name : Ubuntu Update for tetex-bin, texlive-bin vulnerabilities USN-554-1
File : nvt/gb_ubuntu_USN_554_1.nasl
2009-02-27 Name : Fedora Update for tetex FEDORA-2007-3308
File : nvt/gb_fedora_2007_3308_tetex_fc8.nasl
2009-02-27 Name : Fedora Update for tetex FEDORA-2007-3390
File : nvt/gb_fedora_2007_3390_tetex_fc7.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200805-13 (ptex)
File : nvt/glsa_200805_13.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200711-34 (cstetex)
File : nvt/glsa_200711_34.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200711-26 (tetex)
File : nvt/glsa_200711_26.nasl
0000-00-00 Name : Slackware Advisory SSA:2009-302-01 xpdf
File : nvt/esoft_slk_ssa_2009_302_01.nasl
0000-00-00 Name : Slackware Advisory SSA:2009-302-02 poppler
File : nvt/esoft_slk_ssa_2009_302_02.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
64389 Tex Live Unspecified DVI File Handling Issue

64388 Tex Live dospecial.c bbdospecial() Function DVI File Handling Overflow

63808 Tex Live dospecial.c predospecial() Function DVI File Handling Overflow

59824 Poppler pdftops Filter PDF File Handling Multiple Unspecified Overflows

59180 Poppler Stream.cc ImageStream::ImageStream Function PDF Handling Overflow

59179 Xpdf Stream.cc ImageStream::ImageStream Function PDF Handling Overflow

56176 CUPS pdftops Filter PDF File Handling Multiple Unspecified Overflows

42237 teTeX dvips hpc.c DVI File href Tag Handling Overflow

Nessus® Vulnerability Scanner

Date Description
2013-10-07 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201310-03.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-0480.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1083.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2009-1500.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2009-1501.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2009-1503.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1504.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1512.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1513.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0399.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0400.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0401.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0755.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20090603_cups_on_SL3_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20091015_cups_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing a security update.
File : sl_20091015_gpdf_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20091015_kdegraphics_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20091015_poppler_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing a security update.
File : sl_20091015_xpdf_on_SL3_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20100506_tetex_on_SL3_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20100506_tetex_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20100506_tetex_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20101007_cups_on_SL3_x.nasl - Type : ACT_GATHER_INFO
2012-06-26 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201206-28.nasl - Type : ACT_GATHER_INFO
2011-01-27 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_te_ams-7020.nasl - Type : ACT_GATHER_INFO
2010-12-02 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_texlive-100504.nasl - Type : ACT_GATHER_INFO
2010-10-11 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2010-0755.nasl - Type : ACT_GATHER_INFO
2010-10-11 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_cups-6721.nasl - Type : ACT_GATHER_INFO
2010-10-11 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kdegraphics3-pdf-6652.nasl - Type : ACT_GATHER_INFO
2010-10-11 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_xpdf-6560.nasl - Type : ACT_GATHER_INFO
2010-10-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0755.nasl - Type : ACT_GATHER_INFO
2010-08-18 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-973-1.nasl - Type : ACT_GATHER_INFO
2010-07-30 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-280.nasl - Type : ACT_GATHER_INFO
2010-07-01 Name : The remote Fedora host is missing a security update.
File : fedora_2010-1377.nasl - Type : ACT_GATHER_INFO
2010-07-01 Name : The remote Fedora host is missing a security update.
File : fedora_2010-1805.nasl - Type : ACT_GATHER_INFO
2010-07-01 Name : The remote Fedora host is missing a security update.
File : fedora_2010-1842.nasl - Type : ACT_GATHER_INFO
2010-07-01 Name : The remote Fedora host is missing a security update.
File : fedora_2010-8242.nasl - Type : ACT_GATHER_INFO
2010-07-01 Name : The remote Fedora host is missing a security update.
File : fedora_2010-8273.nasl - Type : ACT_GATHER_INFO
2010-07-01 Name : The remote Fedora host is missing a security update.
File : fedora_2010-8314.nasl - Type : ACT_GATHER_INFO
2010-06-01 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2010-0400.nasl - Type : ACT_GATHER_INFO
2010-05-25 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2050.nasl - Type : ACT_GATHER_INFO
2010-05-15 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_texlive-100503.nasl - Type : ACT_GATHER_INFO
2010-05-15 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_texlive-100503.nasl - Type : ACT_GATHER_INFO
2010-05-15 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_texlive-100504.nasl - Type : ACT_GATHER_INFO
2010-05-13 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-094.nasl - Type : ACT_GATHER_INFO
2010-05-11 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0399.nasl - Type : ACT_GATHER_INFO
2010-05-11 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0400.nasl - Type : ACT_GATHER_INFO
2010-05-11 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0401.nasl - Type : ACT_GATHER_INFO
2010-05-10 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2010-0399.nasl - Type : ACT_GATHER_INFO
2010-05-10 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2010-0401.nasl - Type : ACT_GATHER_INFO
2010-05-07 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-937-1.nasl - Type : ACT_GATHER_INFO
2010-04-06 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2028.nasl - Type : ACT_GATHER_INFO
2010-03-08 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-055.nasl - Type : ACT_GATHER_INFO
2010-02-24 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1941.nasl - Type : ACT_GATHER_INFO
2010-01-12 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_libpoppler-devel-100111.nasl - Type : ACT_GATHER_INFO
2010-01-06 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-0480.nasl - Type : ACT_GATHER_INFO
2010-01-06 Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2009-1501.nasl - Type : ACT_GATHER_INFO
2010-01-06 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-1502.nasl - Type : ACT_GATHER_INFO
2010-01-06 Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2009-1503.nasl - Type : ACT_GATHER_INFO
2010-01-06 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-1504.nasl - Type : ACT_GATHER_INFO
2010-01-06 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-1512.nasl - Type : ACT_GATHER_INFO
2010-01-06 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-1513.nasl - Type : ACT_GATHER_INFO
2010-01-03 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_libpoppler-devel-091223.nasl - Type : ACT_GATHER_INFO
2010-01-03 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_libpoppler-devel-091222.nasl - Type : ACT_GATHER_INFO
2010-01-03 Name : The remote SuSE system is missing a security patch for libpoppler-devel
File : suse_11_2_libpoppler-devel-091222.nasl - Type : ACT_GATHER_INFO
2010-01-03 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_libpoppler-devel-091221.nasl - Type : ACT_GATHER_INFO
2009-12-30 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-346.nasl - Type : ACT_GATHER_INFO
2009-12-27 Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12561.nasl - Type : ACT_GATHER_INFO
2009-12-22 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_cups-6720.nasl - Type : ACT_GATHER_INFO
2009-12-21 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-336.nasl - Type : ACT_GATHER_INFO
2009-11-16 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_kdegraphics3-pdf-091110.nasl - Type : ACT_GATHER_INFO
2009-11-16 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_kdegraphics3-pdf-091110.nasl - Type : ACT_GATHER_INFO
2009-11-16 Name : The remote openSUSE host is missing a security update.
File : suse_cups-6565.nasl - Type : ACT_GATHER_INFO
2009-11-16 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kdegraphics3-pdf-6653.nasl - Type : ACT_GATHER_INFO
2009-11-09 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_xpdf-091023.nasl - Type : ACT_GATHER_INFO
2009-11-09 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_xpdf-091024.nasl - Type : ACT_GATHER_INFO
2009-11-09 Name : The remote openSUSE host is missing a security update.
File : suse_xpdf-6558.nasl - Type : ACT_GATHER_INFO
2009-11-06 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_xpdf-6556.nasl - Type : ACT_GATHER_INFO
2009-11-03 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-850-3.nasl - Type : ACT_GATHER_INFO
2009-10-29 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2009-302-01.nasl - Type : ACT_GATHER_INFO
2009-10-29 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2009-302-02.nasl - Type : ACT_GATHER_INFO
2009-10-28 Name : The remote Fedora host is missing a security update.
File : fedora_2009-10823.nasl - Type : ACT_GATHER_INFO
2009-10-28 Name : The remote Fedora host is missing a security update.
File : fedora_2009-10845.nasl - Type : ACT_GATHER_INFO
2009-10-23 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-287.nasl - Type : ACT_GATHER_INFO
2009-10-22 Name : The remote Fedora host is missing a security update.
File : fedora_2009-10648.nasl - Type : ACT_GATHER_INFO
2009-10-22 Name : The remote Fedora host is missing a security update.
File : fedora_2009-10694.nasl - Type : ACT_GATHER_INFO
2009-10-22 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-850-1.nasl - Type : ACT_GATHER_INFO
2009-10-20 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-282.nasl - Type : ACT_GATHER_INFO
2009-10-16 Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2009-1500.nasl - Type : ACT_GATHER_INFO
2009-10-16 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2009-1500.nasl - Type : ACT_GATHER_INFO
2009-10-16 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2009-1501.nasl - Type : ACT_GATHER_INFO
2009-10-16 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1502.nasl - Type : ACT_GATHER_INFO
2009-10-16 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2009-1503.nasl - Type : ACT_GATHER_INFO
2009-10-16 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1504.nasl - Type : ACT_GATHER_INFO
2009-10-16 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1512.nasl - Type : ACT_GATHER_INFO
2009-10-16 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1513.nasl - Type : ACT_GATHER_INFO
2009-10-06 Name : The remote openSUSE host is missing a security update.
File : suse_xpdf-6376.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12434.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 11 host is missing a security update.
File : suse_11_xpdf-090727.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_cups-6279.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_xpdf-6378.nasl - Type : ACT_GATHER_INFO
2009-08-27 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_xpdf-090727.nasl - Type : ACT_GATHER_INFO
2009-08-27 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_xpdf-090727.nasl - Type : ACT_GATHER_INFO
2009-06-15 Name : The remote openSUSE host is missing a security update.
File : suse_cups-6285.nasl - Type : ACT_GATHER_INFO
2009-06-04 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-1083.nasl - Type : ACT_GATHER_INFO
2009-06-04 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1083.nasl - Type : ACT_GATHER_INFO
2009-05-14 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-0480.nasl - Type : ACT_GATHER_INFO
2008-05-09 Name : The remote openSUSE host is missing a security update.
File : suse_texlive-bin-5221.nasl - Type : ACT_GATHER_INFO
2008-01-08 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_te_ams-4818.nasl - Type : ACT_GATHER_INFO
2008-01-08 Name : The remote openSUSE host is missing a security update.
File : suse_te_ams-4819.nasl - Type : ACT_GATHER_INFO
2007-12-07 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-554-1.nasl - Type : ACT_GATHER_INFO
2007-11-26 Name : The remote Fedora host is missing a security update.
File : fedora_2007-3308.nasl - Type : ACT_GATHER_INFO
2007-11-26 Name : The remote Fedora host is missing a security update.
File : fedora_2007-3390.nasl - Type : ACT_GATHER_INFO
2007-11-26 Name : The remote Mandrake Linux host is missing one or more security updates.
File : mandrake_MDKSA-2007-230.nasl - Type : ACT_GATHER_INFO
2007-11-20 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200711-26.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2014-02-17 11:53:30
  • Multiple Updates