Family: SuSE Local Security Checks --> Category: infos
SUSE-SA:2006:001: xpdf,kpdf,gpdf,kword Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the xpdf,kpdf,gpdf,kword package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory SUSE-SA:2006:001 (xpdf,kpdf,gpdf,kword).
'infamous41md', Chris Evans and Dirk Mueller discovered multiple
places in xpdf code where integer variables are insufficiently
checked for range or overflow. Specially crafted PDF files could
lead to executing arbitrary code.
Copies of xpdf code are also contained in cups, kpdf, kword, gpdf,
libextractor, pdf2html, poppler and tetex. Updates for those are in
Solution : http://www.suse.de/security/advisories/2006_01_xpdf.html
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.