Executive Summary

Summary
Title xpdf vulnerabilities
Informations
Name USN-270-1 First vendor Publication 2006-04-13
Vendor Ubuntu Last vendor Modification 2006-04-13
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:H/Au:N/C:C/I:C/A:C)
Cvss Base Score 7.6 Attack Range Network
Cvss Impact Score 10 Attack Complexity High
Cvss Expoit Score 4.9 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog) Ubuntu 5.04 (Hoary Hedgehog) Ubuntu 5.10 (Breezy Badger)

The following packages are affected:

cupsys kpdf kword libpoppler0c2 tetex-bin xpdf-reader xpdf-utils

The problem can be corrected by upgrading the affected packages to the following versions:

Ubuntu 4.10:
xpdf: 3.00-8ubuntu1.12
cupsys: 1.1.20final+cvs20040330-4ubuntu16.11
tetex-bin: 2.0.2-21ubuntu0.9

Ubuntu 5.04:
xpdf: 3.00-11ubuntu3.8
tetex-bin: 2.0.2-25ubuntu0.5
kpdf: 4:3.4.0-0ubuntu3.6
kword: 1:1.3.5-2ubuntu1.4

Ubuntu 5.10:
libpoppler0c2: 0.4.2-0ubuntu6.7
tetex-bin: 2.0.2-30ubuntu3.5
kpdf: 4:3.4.3-0ubuntu2.5
kword: 1:1.4.1-0ubuntu7.3

In general, a standard system upgrade is sufficient to effect the necessary changes.

Details follow:

Derek Noonburg discovered several integer overflows in the XPDF code, which is present in xpdf, the Poppler library, and tetex-bin. By tricking an user into opening a specially crafted PDF file, an attacker could exploit this to execute arbitrary code with the privileges of the application that processes the document.

The CUPS printing system also uses XPDF code to convert PDF files to PostScript. By attempting to print such a crafted PDF file, a remote attacker could execute arbitrary code with the privileges of the printer server (user 'cupsys').

Original Source

Url : http://www.ubuntu.com/usn/USN-270-1

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 1
Application 9
Application 16
Os 13

OpenVAS Exploits

Date Description
2008-01-17 Name : Debian Security Advisory DSA 1019-1 (koffice)
File : nvt/deb_1019_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 979-1 (pdfkit.framework)
File : nvt/deb_979_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 982-1 (gpdf)
File : nvt/deb_982_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 983-1 (pdftohtml)
File : nvt/deb_983_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 984-1 (xpdf)
File : nvt/deb_984_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 998-1 (libextractor)
File : nvt/deb_998_1.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
23834 Multiple Products Xpdf/kpdf Multiple Unspecified Issues

Nessus® Vulnerability Scanner

Date Description
2006-10-14 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1019.nasl - Type : ACT_GATHER_INFO
2006-10-14 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-979.nasl - Type : ACT_GATHER_INFO
2006-10-14 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-982.nasl - Type : ACT_GATHER_INFO
2006-10-14 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-983.nasl - Type : ACT_GATHER_INFO
2006-10-14 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-984.nasl - Type : ACT_GATHER_INFO
2006-04-17 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-270-1.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2014-02-17 12:03:23
  • Multiple Updates