SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   KDE Vendors:   KDE.org
(Red Hat Issues Fix) KDE kpdf/xpdf Integer Overflow in StreamPredictor() Lets Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1018474
SecurityTracker URL:  http://securitytracker.com/id/1018474
CVE Reference:   CVE-2007-3387   (Links to External Site)
Date:  Jul 30 2007
Impact:   Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 3.2.0 - 3.5.7
Description:   A vulnerability was reported in KDE kpdf (and xpdf). A remote user can cause arbitrary code to be executed on the target user's system.

A remote user can create a specially crafted PDF file that, when loaded by the target user, will trigger an integer overflow in the StreamPredictor() and execute arbitrary code on the target system. The code will run with the privileges of the target user or application.

The vulnerability resides in code share by xpdf and kpdf.

The vendor credits Derek Noonburg with reporting this vulnerability.

Impact:   A remote user can create a PDF file that, when loaded by the target user, will execute arbitrary code on the target user's system.
Solution:   Red Hat has released a fix.

The Red Hat advisory is available at:

https://rhn.redhat.com/errata/RHSA-2007-0729.html

Vendor URL:  www.kde.org/info/security/advisory-20070730-1.txt (Links to External Site)
Cause:   Boundary error
Underlying OS:  Linux (Red Hat Enterprise)
Underlying OS Comments:  4, 5

Message History:   This archive entry is a follow-up to the message listed below.
Jul 30 2007 KDE kpdf/xpdf Integer Overflow in StreamPredictor() Lets Remote Users Execute Arbitrary Code



 Source Message Contents

Subject:  [RHSA-2007:0729-01] Important: kdegraphics security update


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ---------------------------------------------------------------------
                   Red Hat Security Advisory

Synopsis:          Important: kdegraphics security update
Advisory ID:       RHSA-2007:0729-01
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2007-0729.html
Issue date:        2007-07-30
Updated on:        2007-07-30
Product:           Red Hat Enterprise Linux
CVE Names:         CVE-2007-3387 
- ---------------------------------------------------------------------

1. Summary:

Updated kdegraphics packages that fix a security issue in PDF handling are
now available for Red Hat Enterprise Linux 4, and 5.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64
RHEL Desktop Workstation (v. 5 client) - i386, x86_64
RHEL Optional Productivity Applications (v. 5 server) - i386, x86_64

3. Problem description:

The kdegraphics packages contain applications for the K Desktop Environment
including kpdf, a PDF file viewer.

Maurycy Prodeus discovered an integer overflow flaw in the processing
of PDF files.  An attacker could create a malicious PDF file that would
cause kpdf to crash or potentially execute arbitrary code when opened. 
(CVE-2007-3387)

All users of kdegraphics should upgrade to these updated packages, which
contain a backported patch to resolve this issue.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.  

This update is available via Red Hat Network.  Details on how to use 
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

5. Bug IDs fixed (http://bugzilla.redhat.com/):

248194 - CVE-2007-3387 xpdf integer overflow

6. RPMs required:

Red Hat Enterprise Linux AS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/kdegraphics-3.3.1-4.RHEL4.src.rpm
b78ba0835fce93f721febd51318c1db6  kdegraphics-3.3.1-4.RHEL4.src.rpm

i386:
88544438bb972a546c374cbcb53f8956  kdegraphics-3.3.1-4.RHEL4.i386.rpm
c31a8d43003c21828dc3f563e0a5ebe8  kdegraphics-debuginfo-3.3.1-4.RHEL4.i386.rpm
178baf61f8c682d2ba9d9031afa23657  kdegraphics-devel-3.3.1-4.RHEL4.i386.rpm

ia64:
b114dcd33743deb25c856ea3cf7b545a  kdegraphics-3.3.1-4.RHEL4.ia64.rpm
db486d94a2d8800f792547c2d2200ceb  kdegraphics-debuginfo-3.3.1-4.RHEL4.ia64.rpm
3381a1ff9e438b77d4905f9803c05b42  kdegraphics-devel-3.3.1-4.RHEL4.ia64.rpm

ppc:
edab6a600164ee482d1d55171120c07b  kdegraphics-3.3.1-4.RHEL4.ppc.rpm
aad60b90f597ca5ecec87623632170b5  kdegraphics-debuginfo-3.3.1-4.RHEL4.ppc.rpm
ca631d25d2471b473a33bde34f13d405  kdegraphics-devel-3.3.1-4.RHEL4.ppc.rpm

s390:
2cf1fe87e50f7f480ac2321e47adf907  kdegraphics-3.3.1-4.RHEL4.s390.rpm
de54109ab25d76ed7c9d1f7cd52b0403  kdegraphics-debuginfo-3.3.1-4.RHEL4.s390.rpm
ff1a5a0c545d4118f6aee59aaa3d57dc  kdegraphics-devel-3.3.1-4.RHEL4.s390.rpm

s390x:
8eed01e12376df9e2f924338882e1e5a  kdegraphics-3.3.1-4.RHEL4.s390x.rpm
450052f389766b6d58ce89fb5dac30cd  kdegraphics-debuginfo-3.3.1-4.RHEL4.s390x.rpm
9361e2e1aac6fa7974e164a7a57c9688  kdegraphics-devel-3.3.1-4.RHEL4.s390x.rpm

x86_64:
ca58ec39be68af1a6cacb443a3fc5615  kdegraphics-3.3.1-4.RHEL4.x86_64.rpm
afb42e97c91596ee5994a2d127768450  kdegraphics-debuginfo-3.3.1-4.RHEL4.x86_64.rpm
da78236e6660e3bf558f923aa3bb59f9  kdegraphics-devel-3.3.1-4.RHEL4.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/kdegraphics-3.3.1-4.RHEL4.src.rpm
b78ba0835fce93f721febd51318c1db6  kdegraphics-3.3.1-4.RHEL4.src.rpm

i386:
88544438bb972a546c374cbcb53f8956  kdegraphics-3.3.1-4.RHEL4.i386.rpm
c31a8d43003c21828dc3f563e0a5ebe8  kdegraphics-debuginfo-3.3.1-4.RHEL4.i386.rpm
178baf61f8c682d2ba9d9031afa23657  kdegraphics-devel-3.3.1-4.RHEL4.i386.rpm

x86_64:
ca58ec39be68af1a6cacb443a3fc5615  kdegraphics-3.3.1-4.RHEL4.x86_64.rpm
afb42e97c91596ee5994a2d127768450  kdegraphics-debuginfo-3.3.1-4.RHEL4.x86_64.rpm
da78236e6660e3bf558f923aa3bb59f9  kdegraphics-devel-3.3.1-4.RHEL4.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/kdegraphics-3.3.1-4.RHEL4.src.rpm
b78ba0835fce93f721febd51318c1db6  kdegraphics-3.3.1-4.RHEL4.src.rpm

i386:
88544438bb972a546c374cbcb53f8956  kdegraphics-3.3.1-4.RHEL4.i386.rpm
c31a8d43003c21828dc3f563e0a5ebe8  kdegraphics-debuginfo-3.3.1-4.RHEL4.i386.rpm
178baf61f8c682d2ba9d9031afa23657  kdegraphics-devel-3.3.1-4.RHEL4.i386.rpm

ia64:
b114dcd33743deb25c856ea3cf7b545a  kdegraphics-3.3.1-4.RHEL4.ia64.rpm
db486d94a2d8800f792547c2d2200ceb  kdegraphics-debuginfo-3.3.1-4.RHEL4.ia64.rpm
3381a1ff9e438b77d4905f9803c05b42  kdegraphics-devel-3.3.1-4.RHEL4.ia64.rpm

x86_64:
ca58ec39be68af1a6cacb443a3fc5615  kdegraphics-3.3.1-4.RHEL4.x86_64.rpm
afb42e97c91596ee5994a2d127768450  kdegraphics-debuginfo-3.3.1-4.RHEL4.x86_64.rpm
da78236e6660e3bf558f923aa3bb59f9  kdegraphics-devel-3.3.1-4.RHEL4.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/kdegraphics-3.3.1-4.RHEL4.src.rpm
b78ba0835fce93f721febd51318c1db6  kdegraphics-3.3.1-4.RHEL4.src.rpm

i386:
88544438bb972a546c374cbcb53f8956  kdegraphics-3.3.1-4.RHEL4.i386.rpm
c31a8d43003c21828dc3f563e0a5ebe8  kdegraphics-debuginfo-3.3.1-4.RHEL4.i386.rpm
178baf61f8c682d2ba9d9031afa23657  kdegraphics-devel-3.3.1-4.RHEL4.i386.rpm

ia64:
b114dcd33743deb25c856ea3cf7b545a  kdegraphics-3.3.1-4.RHEL4.ia64.rpm
db486d94a2d8800f792547c2d2200ceb  kdegraphics-debuginfo-3.3.1-4.RHEL4.ia64.rpm
3381a1ff9e438b77d4905f9803c05b42  kdegraphics-devel-3.3.1-4.RHEL4.ia64.rpm

x86_64:
ca58ec39be68af1a6cacb443a3fc5615  kdegraphics-3.3.1-4.RHEL4.x86_64.rpm
afb42e97c91596ee5994a2d127768450  kdegraphics-debuginfo-3.3.1-4.RHEL4.x86_64.rpm
da78236e6660e3bf558f923aa3bb59f9  kdegraphics-devel-3.3.1-4.RHEL4.x86_64.rpm

Red Hat Enterprise Linux Desktop (v. 5 client):

SRPMS:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/kdegraphics-3.5.4-2.el5.src.rpm
449672b607d1b707bdc3bab763b4828e  kdegraphics-3.5.4-2.el5.src.rpm

i386:
26f52902c9f59744d25620f281eb47b8  kdegraphics-3.5.4-2.el5.i386.rpm
82f829719f108b1046f7e1f03e282c75  kdegraphics-debuginfo-3.5.4-2.el5.i386.rpm

x86_64:
f3c5a0c8328efe296bfaa1841fafca7b  kdegraphics-3.5.4-2.el5.x86_64.rpm
6394160b918675dc57f5fb91e3a43f3c  kdegraphics-debuginfo-3.5.4-2.el5.x86_64.rpm

RHEL Desktop Workstation (v. 5 client):

SRPMS:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/kdegraphics-3.5.4-2.el5.src.rpm
449672b607d1b707bdc3bab763b4828e  kdegraphics-3.5.4-2.el5.src.rpm

i386:
82f829719f108b1046f7e1f03e282c75  kdegraphics-debuginfo-3.5.4-2.el5.i386.rpm
98ce8d56bf736e4fea3489797ff7f349  kdegraphics-devel-3.5.4-2.el5.i386.rpm

x86_64:
82f829719f108b1046f7e1f03e282c75  kdegraphics-debuginfo-3.5.4-2.el5.i386.rpm
6394160b918675dc57f5fb91e3a43f3c  kdegraphics-debuginfo-3.5.4-2.el5.x86_64.rpm
98ce8d56bf736e4fea3489797ff7f349  kdegraphics-devel-3.5.4-2.el5.i386.rpm
72a9c49a87f2fc072084cb51c4c7caea  kdegraphics-devel-3.5.4-2.el5.x86_64.rpm

RHEL Optional Productivity Applications (v. 5 server):

SRPMS:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/kdegraphics-3.5.4-2.el5.src.rpm
449672b607d1b707bdc3bab763b4828e  kdegraphics-3.5.4-2.el5.src.rpm

i386:
26f52902c9f59744d25620f281eb47b8  kdegraphics-3.5.4-2.el5.i386.rpm
82f829719f108b1046f7e1f03e282c75  kdegraphics-debuginfo-3.5.4-2.el5.i386.rpm
98ce8d56bf736e4fea3489797ff7f349  kdegraphics-devel-3.5.4-2.el5.i386.rpm

x86_64:
f3c5a0c8328efe296bfaa1841fafca7b  kdegraphics-3.5.4-2.el5.x86_64.rpm
82f829719f108b1046f7e1f03e282c75  kdegraphics-debuginfo-3.5.4-2.el5.i386.rpm
6394160b918675dc57f5fb91e3a43f3c  kdegraphics-debuginfo-3.5.4-2.el5.x86_64.rpm
98ce8d56bf736e4fea3489797ff7f349  kdegraphics-devel-3.5.4-2.el5.i386.rpm
72a9c49a87f2fc072084cb51c4c7caea  kdegraphics-devel-3.5.4-2.el5.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387
http://www.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>.  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2007 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFGrjdfXlSAg2UNWIIRAtIRAJ49v8P90xFZGVRz5QoPrNdWICuq7QCbBI8s
k9iFSnJYV+mSviTjOWdo4iU=
=8zIA
-----END PGP SIGNATURE-----



-- 
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC