SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   KDE Vendors:   KDE.org
(Fedroa Issues Fix for KDE on FC2) Xpdf Integer Overflows in indexHigh and pageSize May Let Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1011988
SecurityTracker URL:  http://securitytracker.com/id/1011988
CVE Reference:   CVE-2004-0888, CVE-2004-0889, CVE-2005-0206   (Links to External Site)
Date:  Oct 29 2004
Impact:   Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   Some integer overflows were reported in Xpdf. A remote user may be able to execute arbitrary code on a target user's system. KDE graphics is affected.

Several vendors reported that there are integer overflows in Xpdf. A remote user can create a specially crafted PDF file that, when viewed by the target user, may execute arbitrary code.

The flaws reside in 'pdftops/Catalog.cc' and 'pdftops/XRef.cc'. A specially crafted Index color size (indexHigh) or Page size can trigger the overflow.

Chris Evans is credited with discovering these flaws.

CUPS, the Common UNIX Printing System, is also affected because it includes Xpdf.

Impact:   A remote user may be able to execute arbitrary code on a target user's system when the target user loads a malformed PDF file.
Solution:   Fedora has released a fix, available at:

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/

a104c3550141c3f0e7f5245e321f717d SRPMS/kdegraphics-3.2.2-1.1.src.rpm
b9c227361354cebbcae97df082e60f3c x86_64/kdegraphics-3.2.2-1.1.x86_64.rpm
bd4a9746410bae4f7c71bc4d3292777c
x86_64/kdegraphics-devel-3.2.2-1.1.x86_64.rpm
247556c77e621e4fd67760f3ab818a13
x86_64/debug/kdegraphics-debuginfo-3.2.2-1.1.x86_64.rpm
1cc02d811b6a96d4382fe15e2b65a4cc i386/kdegraphics-3.2.2-1.1.i386.rpm
6f72f96c16132cac97501150bf6ddad7 i386/kdegraphics-devel-3.2.2-1.1.i386.rpm
1d7e317cb11d3ece70178be6f7f97215
i386/debug/kdegraphics-debuginfo-3.2.2-1.1.i386.rpm

Vendor URL:  www.kde.org/ (Links to External Site)
Cause:   Boundary error
Underlying OS:  Linux (Red Hat Fedora)
Underlying OS Comments:  FC2

Message History:   This archive entry is a follow-up to the message listed below.
Oct 21 2004 Xpdf Integer Overflows in indexHigh and pageSize May Let Remote Users Execute Arbitrary Code



 Source Message Contents

Subject:  [SECURITY] Fedora Core 2 Update: kdegraphics-3.2.2-1.1


---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2004-357
2004-10-28
---------------------------------------------------------------------

Product     : Fedora Core 2
Name        : kdegraphics
Version     : 3.2.2
Release     : 1.1
Summary     : K Desktop Environment - Graphics Applications
Description :
Graphics applications for the K Desktop Environment.

Includes:
  kdvi (displays TeX .dvi files)
  kfax (displays faxfiles)
  kghostview (displays postscript files)
  kcoloredit (palette editor and color chooser)
  kamera (digital camera support)
  kiconedit (icon editor)
  kpaint (a simple drawing program)
  ksnapshot (screen capture utility)
  kview (image viewer for GIF, JPEG, TIFF, etc.)
  kuickshow (quick picture viewer)
  kooka (scanner application)
  kruler (screen ruler and color measurement tool)

---------------------------------------------------------------------
Update Information:

A problem with PDF handling was discovered by Chris Evans, and has
been fixed.  The Common Vulnerabilities and Exposures project
(www.mitre.org) has assigned the name CAN-2004-0888 to this issue.

a number of buffer overflow bugs that affect libtiff have
been found. The kfax application contains a copy of the libtiff code used
for parsing TIFF files and is therefore affected by these bugs. An attacker
who has the ability to trick a user into opening a malicious TIFF file
could cause kfax to crash or possibly execute arbitrary code. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2004-0803 to this issue.
---------------------------------------------------------------------
* Thu Oct 28 2004 Than Ngo <than@redhat.com> 7:3.2.2-1.1

- add fix to link against system libtiff CAN-2004-0886
- apply patch to fix CAN-2004-0888


---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/

a104c3550141c3f0e7f5245e321f717d  SRPMS/kdegraphics-3.2.2-1.1.src.rpm
b9c227361354cebbcae97df082e60f3c  x86_64/kdegraphics-3.2.2-1.1.x86_64.rpm
bd4a9746410bae4f7c71bc4d3292777c  
x86_64/kdegraphics-devel-3.2.2-1.1.x86_64.rpm
247556c77e621e4fd67760f3ab818a13  
x86_64/debug/kdegraphics-debuginfo-3.2.2-1.1.x86_64.rpm
1cc02d811b6a96d4382fe15e2b65a4cc  i386/kdegraphics-3.2.2-1.1.i386.rpm
6f72f96c16132cac97501150bf6ddad7  i386/kdegraphics-devel-3.2.2-1.1.i386.rpm
1d7e317cb11d3ece70178be6f7f97215  
i386/debug/kdegraphics-debuginfo-3.2.2-1.1.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------

--
fedora-announce-list mailing list
fedora-announce-list@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-announce-list

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC