oval:org.mitre.oval:def:7858

Definition Id: oval:org.mitre.oval:def:7858

Oval ID:	oval:org.mitre.oval:def:7858
Title:	DSA-1509 koffice -- multiple vulnerabilities
Description:	Several vulnerabilities have been discovered in xpdf code that is embedded in koffice, an integrated office suite for KDE. These flaws could allow an attacker to execute arbitrary code by inducing the user to import a specially crafted PDF document. The Common Vulnerabilities and Exposures project identifies the following problems: Array index error in the DCTStream::readProgressiveDataUnit method in xpdf/Stream.cc in Xpdf 3.02pl1, as used in poppler, teTeX, KDE, KOffice, CUPS, and other products, allows remote attackers to trigger memory corruption and execute arbitrary code via a crafted PDF file. Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a crafted PDF file, resulting in a heap-based buffer overflow. Heap-based buffer overflow in the CCITTFaxStream::lookChar method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a PDF file that contains a crafted CCITTFaxDecode filter. Updates for the old stable distribution (sarge) will be made available as soon as possible.
Family:	unix	Class:	patch
Reference(s):	DSA-1509 CVE-2007-4352 CVE-2007-5392 CVE-2007-5393	Version:	5
Platform(s):	Debian GNU/Linux 4.0	Product(s):	koffice
Definition Synopsis:
Debian GNU/Linux 4.0 is installed. Architecture section Architecture independent section Installed architecture is all AND Packages section krita-data is earlier than 1:1.6.1-2etch2 AND koffice-doc is earlier than 1:1.6.1-2etch2 AND koffice is earlier than 1:1.6.1-2etch2 AND koffice-doc-html is earlier than 1:1.6.1-2etch2 AND kivio-data is earlier than 1:1.6.1-2etch2 AND koffice-data is earlier than 1:1.6.1-2etch2 AND kword-data is earlier than 1:1.6.1-2etch2 AND kpresenter-data is earlier than 1:1.6.1-2etch2 OR Architecture dependent section Supported architectures section Installed architecture is s390 AND Installed architecture is amd64 AND Installed architecture is sparc AND Installed architecture is powerpc AND Installed architecture is i386 AND Installed architecture is alpha AND Installed architecture is mips AND Installed architecture is hppa AND Packages section kpresenter is earlier than 1:1.6.1-2etch2 AND kivio is earlier than 1:1.6.1-2etch2 AND koffice-dbg is earlier than 1:1.6.1-2etch2 AND koffice-dev is earlier than 1:1.6.1-2etch2 AND kugar is earlier than 1:1.6.1-2etch2 AND krita is earlier than 1:1.6.1-2etch2 AND kplato is earlier than 1:1.6.1-2etch2 AND kformula is earlier than 1:1.6.1-2etch2 AND kchart is earlier than 1:1.6.1-2etch2 AND koffice-libs is earlier than 1:1.6.1-2etch2 AND karbon is earlier than 1:1.6.1-2etch2 AND koshell is earlier than 1:1.6.1-2etch2 AND kspread is earlier than 1:1.6.1-2etch2 AND kthesaurus is earlier than 1:1.6.1-2etch2 AND kexi is earlier than 1:1.6.1-2etch2 AND kword is earlier than 1:1.6.1-2etch2

Definition Id: oval:org.mitre.oval:def:6461

Oval ID:	oval:org.mitre.oval:def:6461
Title:	Debian GNU/Linux 4.0 is installed.
Description:	Debian GNU/Linux 4.0 (etch) is installed
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:debian:debian_gnu/linux:4.0	Version:	9
Platform(s):	Debian GNU/Linux 4.0	Product(s):
Definition Synopsis:
Debian GNU/Linux 4.0 is installed
Referenced By:
oval:org.mitre.oval:def:7858

Copyright Security-Database 2006-2024 - Powered by themself ;) in 0.0311s

Facebook rss twitter linkedin mail