exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Mandriva Linux Security Advisory 2007.161

Mandriva Linux Security Advisory 2007.161
Posted Aug 14, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Maurycy Prodeus found an integer overflow vulnerability in the way various PDF viewers processed PDF files. An attacker could create a malicious PDF file that could cause poppler to crash and possibly execute arbitrary code open a user opening the file.

tags | advisory, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2007-3387
SHA-256 | 7ac3803dd793faea3c085a5bd36bfd70351c682d1b345becac7799141ead7518
Download | Favorite | View

Mandriva Linux Security Advisory 2007.161

Change Mirror Download

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDKSA-2007:161
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : poppler
 Date    : August 13, 2007
 Affected: 2007.0, 2007.1, Corporate 4.0
 _______________________________________________________________________
 
 Problem Description:
 
 Maurycy Prodeus found an integer overflow vulnerability in the way
 various PDF viewers processed PDF files.  An attacker could create
 a malicious PDF file that could cause poppler to crash and possibly
 execute arbitrary code open a user opening the file.
 
 This update provides packages which are patched to prevent these
 issues.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2007.0:
 ff1a936825b13adf6e0d244d0128efa4  2007.0/i586/libpoppler-qt1-0.5.3-5.3mdv2007.0.i586.rpm
 9d28c724d9e3913761fa1d0528cb7cb8  2007.0/i586/libpoppler-qt1-devel-0.5.3-5.3mdv2007.0.i586.rpm
 fa4b5cf01b38c572d741ef08fe04b293  2007.0/i586/libpoppler-qt4-1-0.5.3-5.3mdv2007.0.i586.rpm
 e35a3598cbc0f29c4c21e675e6391ff3  2007.0/i586/libpoppler-qt4-1-devel-0.5.3-5.3mdv2007.0.i586.rpm
 1702a9c16e72fe89f9aa1b78ff6055b5  2007.0/i586/libpoppler1-0.5.3-5.3mdv2007.0.i586.rpm
 0f1f330e28674ce2e67e56f3614b4d2c  2007.0/i586/libpoppler1-devel-0.5.3-5.3mdv2007.0.i586.rpm
 b619db3ef9b9545adf9f864f2972db97  2007.0/i586/poppler-0.5.3-5.3mdv2007.0.i586.rpm 
 9a311578c1933c8ec6ddb2f8b4e93445  2007.0/SRPMS/poppler-0.5.3-5.3mdv2007.0.src.rpm

 Mandriva Linux 2007.0/X86_64:
 c8b111069fa66ce0682dacf1e3de01f9  2007.0/x86_64/lib64poppler-qt1-0.5.3-5.3mdv2007.0.x86_64.rpm
 7434c137fd66482914aa6996f1aae55c  2007.0/x86_64/lib64poppler-qt1-devel-0.5.3-5.3mdv2007.0.x86_64.rpm
 1b01f4d5f77ce2f08f09ca942c409b60  2007.0/x86_64/lib64poppler-qt4-1-0.5.3-5.3mdv2007.0.x86_64.rpm
 cbc85b288f7e0e35a3c97c0e3731e6ef  2007.0/x86_64/lib64poppler-qt4-1-devel-0.5.3-5.3mdv2007.0.x86_64.rpm
 db95938d3c09131729b80a7283d359c9  2007.0/x86_64/lib64poppler1-0.5.3-5.3mdv2007.0.x86_64.rpm
 ccc128242680e5f90fb49026b83daa04  2007.0/x86_64/lib64poppler1-devel-0.5.3-5.3mdv2007.0.x86_64.rpm
 714996d0cc629e62649360749a9050f0  2007.0/x86_64/poppler-0.5.3-5.3mdv2007.0.x86_64.rpm 
 9a311578c1933c8ec6ddb2f8b4e93445  2007.0/SRPMS/poppler-0.5.3-5.3mdv2007.0.src.rpm

 Mandriva Linux 2007.1:
 2ef41e36faff21f62fbec2bf89e7b6f1  2007.1/i586/libpoppler-qt1-0.5.4-3.2mdv2007.1.i586.rpm
 377e85d2c599a82f3871f138494f322c  2007.1/i586/libpoppler-qt1-devel-0.5.4-3.2mdv2007.1.i586.rpm
 a3219588e17b2cc3189e5395ec5dd475  2007.1/i586/libpoppler-qt4-1-0.5.4-3.2mdv2007.1.i586.rpm
 81344c8e3eb0437559e3e5c0eac62631  2007.1/i586/libpoppler-qt4-1-devel-0.5.4-3.2mdv2007.1.i586.rpm
 b78ab182aac571c2a99fae0a5d470927  2007.1/i586/libpoppler1-0.5.4-3.2mdv2007.1.i586.rpm
 87893636c37eb5db131127f89695df0f  2007.1/i586/libpoppler1-devel-0.5.4-3.2mdv2007.1.i586.rpm
 6ff7146293ee8aec15574d4aa89d6a2f  2007.1/i586/poppler-0.5.4-3.2mdv2007.1.i586.rpm 
 87111ab66842ea16932e76614932f024  2007.1/SRPMS/poppler-0.5.4-3.2mdv2007.1.src.rpm

 Mandriva Linux 2007.1/X86_64:
 6739512a718b2ba794d33c567703f9ad  2007.1/x86_64/lib64poppler-qt1-0.5.4-3.2mdv2007.1.x86_64.rpm
 37b8f40a836b910455ed43a252303dc7  2007.1/x86_64/lib64poppler-qt1-devel-0.5.4-3.2mdv2007.1.x86_64.rpm
 747be5e90c821630dd349ba16ef698b4  2007.1/x86_64/lib64poppler-qt4-1-0.5.4-3.2mdv2007.1.x86_64.rpm
 153745ad2a655b8e1262c82ae1fc70a4  2007.1/x86_64/lib64poppler-qt4-1-devel-0.5.4-3.2mdv2007.1.x86_64.rpm
 b59db62be7a4d73a8f0de227da0d5354  2007.1/x86_64/lib64poppler1-0.5.4-3.2mdv2007.1.x86_64.rpm
 47541453858a863a482a316cf14d56b6  2007.1/x86_64/lib64poppler1-devel-0.5.4-3.2mdv2007.1.x86_64.rpm
 9ac6efa64431cf7144e77375ba90769b  2007.1/x86_64/poppler-0.5.4-3.2mdv2007.1.x86_64.rpm 
 87111ab66842ea16932e76614932f024  2007.1/SRPMS/poppler-0.5.4-3.2mdv2007.1.src.rpm

 Corporate 4.0:
 f8b99d883919ba20e7f46aa71448edb5  corporate/4.0/i586/libpoppler-qt0-0.4.1-3.5.20060mlcs4.i586.rpm
 89e37529b304258acd4999c5fbfadec7  corporate/4.0/i586/libpoppler-qt0-devel-0.4.1-3.5.20060mlcs4.i586.rpm
 97b9de6aa6c6617c21b7e9bbea3a517b  corporate/4.0/i586/libpoppler0-0.4.1-3.5.20060mlcs4.i586.rpm
 94232bb5dad116fdd2a4b342c7205eb3  corporate/4.0/i586/libpoppler0-devel-0.4.1-3.5.20060mlcs4.i586.rpm 
 45ba9d12e59c1cbb4aae41988d5983c3  corporate/4.0/SRPMS/poppler-0.4.1-3.5.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 4ee1af44c82311a075abd9bec021935c  corporate/4.0/x86_64/lib64poppler-qt0-0.4.1-3.5.20060mlcs4.x86_64.rpm
 53fbebb09587d1949951ad4a9d6a9eab  corporate/4.0/x86_64/lib64poppler-qt0-devel-0.4.1-3.5.20060mlcs4.x86_64.rpm
 2153b37ce8cd3a29bbf6d31a68a50558  corporate/4.0/x86_64/lib64poppler0-0.4.1-3.5.20060mlcs4.x86_64.rpm
 43bacfb48b585a0f8903c32ed5ebe775  corporate/4.0/x86_64/lib64poppler0-devel-0.4.1-3.5.20060mlcs4.x86_64.rpm 
 45ba9d12e59c1cbb4aae41988d5983c3  corporate/4.0/SRPMS/poppler-0.4.1-3.5.20060mlcs4.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQFGwPBbmqjQ0CJFipgRAke6AJ0ZMJ2HlM+nB5i1r9L40KS3SJn9hwCdFe17
9NTmGQlz+1QpS8Zr/EaiHHY=
=vt6P
-----END PGP SIGNATURE-----

Login or Register to add favorites

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    8 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    11 Files
  • 23
    Apr 23rd
    68 Files
  • 24
    Apr 24th
    23 Files
  • 25
    Apr 25th
    16 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close