FLEA-2007-0045-1 poppler

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

Foresight Linux Essential Advisory: 2007-0045-1 Published: 2007-08-14

Rating: Major

Updated Versions:

    poppler=/foresight.rpath.org@fl:1-devel//1/0.5.9-2-1     group-dist=/foresight.rpath.org@fl:1-devel//1/1.3.2-0.8-2

References:

    
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387
    
https://issues.foresightlinux.org/browse/FL-471
    
https://issues.rpath.com/browse/RPL-1596
    
https://issues.rpath.com/browse/RPL-1604 

Description:

    Previous versions of the poppler package are vulnerable to an int overflow     in included xpdf code, which can be exploited via a specially-crafted PDF     file to execute arbitrary code.

• ---

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

Copyright 2007 Foresight Linux Project
This file is distributed under the terms of the MIT License. A copy is available at http://www.foresightlinux.org/permanent/mit-license.html
-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQFGwhD8Wu/kq4lN9jkRAvHNAJ9iYd8RqwK0Ye4cW1h2GN5BbpMzKwCfYtpE 2s2b1KnweHoHWxA+FgW0II4=
=1+kr
-----END PGP SIGNATURE-----
Received on Tue Aug 14 18:01:46 2007