Executive Summary
Summary | |
---|---|
Title | tetex-bin vulnerabilities |
Informations | |||
---|---|---|---|
Name | USN-9-1 | First vendor Publication | 2004-10-27 |
Vendor | Ubuntu | Last vendor Modification | 2004-10-27 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) The following packages are affected: tetex-bin The problem can be corrected by upgrading the affected package to version 2.0.2-21ubuntu0.1. In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Chris Evans and Marcus Meissner recently discovered several integer overflow vulnerabilities in xpdf, a viewer for PDF files. Because tetex-bin contains xpdf code, it is also affected. These vulnerabilities could be exploited by an attacker providing a specially crafted TeX, LaTeX, or PDF file. Processing such a file with pdflatex could result in abnormal program termination or the execution of program code supplied by the attacker. This bug could be exploited to gain the privileges of the user invoking pdflatex. |
Original Source
Url : http://www.ubuntu.com/usn/USN-9-1 |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:9714 | |||
Oval ID: | oval:org.mitre.oval:def:9714 | ||
Title: | Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889. | ||
Description: | Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-0888 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-10-10 | Name : SLES9: Security update for CUPS File : nvt/sles9p5014529.nasl |
2009-03-06 | Name : RedHat Update for cups RHSA-2008:0206-01 File : nvt/gb_RHSA-2008_0206-01_cups.nasl |
2009-02-27 | Name : CentOS Update for cups CESA-2008:0206 centos3 i386 File : nvt/gb_CESA-2008_0206_cups_centos3_i386.nasl |
2009-02-27 | Name : CentOS Update for cups CESA-2008:0206 centos3 x86_64 File : nvt/gb_CESA-2008_0206_cups_centos3_x86_64.nasl |
2009-02-27 | Name : CentOS Update for cups CESA-2008:0206 centos4 i386 File : nvt/gb_CESA-2008_0206_cups_centos4_i386.nasl |
2009-02-27 | Name : CentOS Update for cups CESA-2008:0206 centos4 x86_64 File : nvt/gb_CESA-2008_0206_cups_centos4_x86_64.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200410-20 (Xpdf) File : nvt/glsa_200410_20.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200410-30 (GPdf) File : nvt/glsa_200410_30.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200411-30 (pdftohtml) File : nvt/glsa_200411_30.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200501-31 (teTeX) File : nvt/glsa_200501_31.nasl |
2008-09-04 | Name : FreeBSD Ports: gpdf, cups-base File : nvt/freebsd_gpdf.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 573-1 (cupsys) File : nvt/deb_573_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 581-1 (xpdf) File : nvt/deb_581_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 599-1 (tetex-bin) File : nvt/deb_599_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
44330 | CUPS on Red Hat 64-bit pdftops Crafted PDF File Handling Overflow |
11034 | Xpdf Page Size Remote Overflow |
11033 | Xpdf indexHigh Color Size Remote Overflow |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0206.nasl - Type : ACT_GATHER_INFO |
2012-09-06 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-056.nasl - Type : ACT_GATHER_INFO |
2012-09-06 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-044.nasl - Type : ACT_GATHER_INFO |
2012-09-06 | Name : The remote Mandrake Linux host is missing a security update. File : mandrake_MDKSA-2005-043.nasl - Type : ACT_GATHER_INFO |
2012-09-06 | Name : The remote Mandrake Linux host is missing a security update. File : mandrake_MDKSA-2005-042.nasl - Type : ACT_GATHER_INFO |
2012-09-06 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-041.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080401_cups_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2008-04-04 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0206.nasl - Type : ACT_GATHER_INFO |
2008-04-04 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0206.nasl - Type : ACT_GATHER_INFO |
2006-07-03 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2005-354.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-9-1.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-14-1.nasl - Type : ACT_GATHER_INFO |
2005-07-13 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_ad2f333726bf11d99289000c41e2cdad.nasl - Type : ACT_GATHER_INFO |
2005-04-02 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-354.nasl - Type : ACT_GATHER_INFO |
2005-03-06 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-052.nasl - Type : ACT_GATHER_INFO |
2005-03-04 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2005-213.nasl - Type : ACT_GATHER_INFO |
2005-02-22 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2005-034.nasl - Type : ACT_GATHER_INFO |
2005-02-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-053.nasl - Type : ACT_GATHER_INFO |
2005-02-22 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2005-057.nasl - Type : ACT_GATHER_INFO |
2005-02-22 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-066.nasl - Type : ACT_GATHER_INFO |
2005-02-18 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-132.nasl - Type : ACT_GATHER_INFO |
2005-02-14 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200501-31.nasl - Type : ACT_GATHER_INFO |
2005-02-10 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-133.nasl - Type : ACT_GATHER_INFO |
2005-02-10 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-123.nasl - Type : ACT_GATHER_INFO |
2005-02-10 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-122.nasl - Type : ACT_GATHER_INFO |
2005-02-10 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-134.nasl - Type : ACT_GATHER_INFO |
2005-02-10 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-136.nasl - Type : ACT_GATHER_INFO |
2005-02-10 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-135.nasl - Type : ACT_GATHER_INFO |
2005-01-02 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2004-165.nasl - Type : ACT_GATHER_INFO |
2005-01-02 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2004-166.nasl - Type : ACT_GATHER_INFO |
2004-11-26 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-599.nasl - Type : ACT_GATHER_INFO |
2004-11-23 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200411-30.nasl - Type : ACT_GATHER_INFO |
2004-11-10 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-573.nasl - Type : ACT_GATHER_INFO |
2004-11-10 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-581.nasl - Type : ACT_GATHER_INFO |
2004-11-04 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2004-592.nasl - Type : ACT_GATHER_INFO |
2004-11-04 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2004-543.nasl - Type : ACT_GATHER_INFO |
2004-10-30 | Name : The remote Fedora Core host is missing a security update. File : fedora_2004-357.nasl - Type : ACT_GATHER_INFO |
2004-10-30 | Name : The remote Fedora Core host is missing a security update. File : fedora_2004-358.nasl - Type : ACT_GATHER_INFO |
2004-10-28 | Name : The remote Fedora Core host is missing a security update. File : fedora_2004-337.nasl - Type : ACT_GATHER_INFO |
2004-10-28 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200410-30.nasl - Type : ACT_GATHER_INFO |
2004-10-26 | Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2004_039.nasl - Type : ACT_GATHER_INFO |
2004-10-22 | Name : The remote Fedora Core host is missing a security update. File : fedora_2004-348.nasl - Type : ACT_GATHER_INFO |
2004-10-22 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2004-116.nasl - Type : ACT_GATHER_INFO |
2004-10-22 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2004-115.nasl - Type : ACT_GATHER_INFO |
2004-10-22 | Name : The remote Mandrake Linux host is missing a security update. File : mandrake_MDKSA-2004-114.nasl - Type : ACT_GATHER_INFO |
2004-10-22 | Name : The remote Mandrake Linux host is missing a security update. File : mandrake_MDKSA-2004-113.nasl - Type : ACT_GATHER_INFO |
2004-10-21 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200410-20.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 12:06:35 |
|