Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200502-10] pdftohtml: Vulnerabilities in included Xpdf Vulnerability Scan
Vulnerability Scan Summary
pdftohtml: Vulnerabilities in included Xpdf
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200502-10
(pdftohtml: Vulnerabilities in included Xpdf)
Xpdf is vulnerable to a buffer overflow, as described in GLSA
A possible hacker could entice a user to convert a specially-crafted PDF
file, potentially resulting in the execution of arbitrary code with the
rights of the user running pdftohtml.
There is no known workaround at this time.
All pdftohtml users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-text/pdftohtml-0.36-r3"
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.