Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2003:071-1: xpdf Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the xpdf package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2003:071-1 (xpdf).
Martyn Gilmore discovered flaws in various PDF viewers, including xpdf. An
attacker could place malicious external hyperlinks in a document that, if
followed, could execute arbitary shell commands with the rights of the
person viewing the PDF document.
New packages are available as the previous patches that had been applied did not
correct all possible ways of exploiting this issue.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2003:071-1
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.