Vulnerability Scanning Solutions, LLC.
Home
Our Process
Residential
Corporate
What We Scan For
Sample Report
Client List
Terms
Contact Us
What We Scan For
Family: Red Hat Local Security Checks --> Category: infos

RHSA-2003-197: xpdf Vulnerability Scan


Vulnerability Scan Summary
Check for the version of the xpdf packages

Detailed Explanation for this Vulnerability Test


Updated Xpdf packages are available that fix a vulnerability where a
malicious PDF document could run arbitrary code.

[Updated 21 July 2003]
Updated packages are now available, as the original errata packages did not
fix all possible ways of exploiting this vulnerability.

Xpdf is an X Window System based viewer for Portable Document Format
(PDF) files.

Martyn Gilmore discovered a flaw in various PDF viewers and readers. An
attacker can embed malicious external-type hyperlinks that if activated or
followed by a victim can execute arbitrary shell commands. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2003-0434 to this issue.

All users of Xpdf are advised to upgrade to these errata packages, which
contain a patch correcting this issue.




Solution : http://rhn.redhat.com/errata/RHSA-2003-197.html
Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.

VSS, LLC.

P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.