KDE kpdf Bug Lets Remote Users Deny Service
|
|
SecurityTracker Alert ID: 1017514
|
|
SecurityTracker URL: http://securitytracker.com/id?1017514
|
|
CVE Reference: CVE-2007-0104
(Links to External Site)
|
Date: Jan 15 2007
|
Impact: Denial of service via network
|
Fix Available: Yes
Exploit Included: Yes
Vendor Confirmed: Yes
|
Advisory: KDE Security Advisory
|
Version(s): 3.2.0 up to including KDE 3.5.5
|
Description: A vulnerability was reported in KDE kpdf. A remote user can cause arbitrary code to be executed on the target user's system.
A remote user can create a PDF file with a specially crafted catalog dictionary or a specially crafted Pages attribute that, when
loaded by the target user, will cause the viewer to enter an infinite loop.
The vulnerability resides in xpdf code (which is
shared by kpdf).
The underlying vulnerability in xpdf was reported by LMH.
|
Impact: A remote user can create a file that, when loaded by the target user, will cause the kpdf viewer on the target user's system to be disrupted.
|
Solution: The vendor has issued a fixed version (3.5.6).
Patches are also available:
Patch for KOffice 1.2.1 and newer is available
from
ftp://ftp.kde.org/pub/kde/security_patches :
dc28881c39f11c040f8c942e4af238d1 koffce-xpdf-CVE-2007-0104.diff
Patch for KDE 3.3.2 and newer is available from
ftp://ftp.kde.org/pub/kde/security_patches :
a690ce46117257609c2b43485ea4d0d7
post-3.5.5-kdegraphics-CVE-2007-0104.diff
Patch for KDE 3.2.3 and newer is available from
ftp://ftp.kde.org/pub/kde/security_patches
:
c2d4c2aa3aa990e2dba00f782a140a1b post-3.2.3-kdegraphics-CVE-2007-0104.diff
The KDE advisory is available at:
http://www.kde.org/info/security/advisory
-20070115-1.txt
|
Vendor URL: www.kde.org/info/security/advisory-20070115-1.txt (Links to External Site)
|
Cause: State error
|
Underlying OS: Linux (Any)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Mon, 15 Jan 2007 12:15:01 -0500
Subject: http://www.kde.org/info/security/advisory-20070115-1.txt
|
KDE Security Advisory: kpdf/kword/xpdf denial of service vulnerability
Original Release Date: 2007-01-15
URL: http://www.kde.org/info/security/advisory-20070115-1.txt
0. References
CVE-2007-0104
1. Systems affected:
KDE 3.2.0 up to including KDE 3.5.5. KDE 3.5.6 and newer is
not affected. KOffice 1.2 and newer contain the same code.
2. Overview:
kpdf, the KDE pdf viewer, shares code with xpdf. xpdf contains
a vulnerability that can cause denial of service (infinite loop)
via a PDF file that contains a crafted catalog dictionary
or a crafted Pages attribute that references an invalid page
tree node.
3. Impact:
Remotely supplied pdf files can be used to disrupt the kpdf
viewer on the client machine.
4. Solution:
Source code patches have been made available which fix these
vulnerabilities. Contact your OS vendor / binary package provider
for information about how to obtain updated binary packages.
5. Patch:
Patch for KOffice 1.2.1 and newer is available from
ftp://ftp.kde.org/pub/kde/security_patches :
dc28881c39f11c040f8c942e4af238d1 koffce-xpdf-CVE-2007-0104.diff
Patch for KDE 3.3.2 and newer is available from
ftp://ftp.kde.org/pub/kde/security_patches :
a690ce46117257609c2b43485ea4d0d7 post-3.5.5-kdegraphics-CVE-2007-0104.diff
Patch for KDE 3.2.3 and newer is available from
ftp://ftp.kde.org/pub/kde/security_patches :
c2d4c2aa3aa990e2dba00f782a140a1b post-3.2.3-kdegraphics-CVE-2007-0104.diff
|
|
