|
|
Family: Debian Local Security Checks --> Category: infos
[DSA932] DSA-932-1 kdegraphics Vulnerability Scan
Vulnerability Scan Summary
DSA-932-1 kdegraphics
Detailed Explanation for this Vulnerability Test
"infamous41md" and Chris Evans discovered several heap based buffer
overflows in xpdf, the Portable Document Format (PDF) suite, that can
lead to a denial of service by crashing the application or possibly to
the execution of arbitrary code. The same code is present in kpdf
which is part of the kdegraphics package.
The old stable distribution (woody) does not contain kpdf packages.
For the stable distribution (sarge) these problems have been fixed in
version 3.3.2-2sarge3.
For the unstable distribution (sid) these problems have been fixed in
version 3.5.0-3.
We recommend that you upgrade your kpdf package.
Solution : http://www.debian.org/security/2006/dsa-932
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|
