oval:org.mitre.oval:def:13355

Definition Id: oval:org.mitre.oval:def:13355
 
Oval ID: oval:org.mitre.oval:def:13355
Title: USN-973-1 -- koffice vulnerabilities
Description: Will Dormann, Alin Rad Pop, Braden Thomas, and Drew Yao discovered that the Xpdf used in KOffice contained multiple security issues in its JBIG2 decoder. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program. It was discovered that the Xpdf used in KOffice contained multiple security issues when parsing malformed PDF documents. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program. KOffice in Ubuntu 9.04 uses a very old version of Xpdf to import PDFs into KWord. Upstream KDE no longer supports PDF import in KOffice and as a result it was dropped in Ubuntu 9.10. While an attempt was made to fix the above issues, the maintenance burden for supporting this very old version of Xpdf outweighed its utility, and PDF import is now also disabled in Ubuntu 9.04.
Family: unix Class: patch
Reference(s): USN-973-1
CVE-2009-0146
CVE-2009-0147
CVE-2009-0166
CVE-2009-0799
CVE-2009-0800
CVE-2009-1179
CVE-2009-1180
CVE-2009-1181
CVE-2009-3606
CVE-2009-3608
CVE-2009-3609
CVE-2009-0165
CVE-2009-0195
Version: 5
Platform(s): Ubuntu 9.04
Product(s): koffice
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12669
 
Oval ID: oval:org.mitre.oval:def:12669
Title: Ubuntu 9.04 is installed
Description: Ubuntu 9.04 is installed
Family: unix Class: inventory
Reference(s): cpe:/o:canonical:ubuntu_linux:9.04
Version: 5
Platform(s): Ubuntu 9.04
Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:13355