Family: Red Hat Local Security Checks --> Category: infos
RHSA-2005-671: kdegraphics Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the kdegraphics packages
Detailed Explanation for this Vulnerability Test
Updated kdegraphics packages that resolve a security issue in kpdf are now
This update has been rated as having moderate security impact by the Red
Hat Security Response Team.
The kdegraphics packages contain applications for the K Desktop Environment
including kpdf, a pdf file viewer.
A flaw was discovered in kpdf. A possible hacker could construct a carefully
crafted PDF file that would cause kpdf to consume all available disk space
in /tmp when opened. The Common Vulnerabilities and Exposures project
assigned the name CVE-2005-2097 to this issue.
Note this issue does not affect Red Hat Enterprise Linux 3 or 2.1.
Users of kpdf should upgrade to these updated packages, which contains a
backported patch to resolve this issue.
Solution : http://rhn.redhat.com/errata/RHSA-2005-671.html
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.