Mandriva Linux Security Advisory - Kees Cook of Ubuntu security found a flaw in how poppler prior to version 0.6 displayed malformed fonts embedded in PDF files. An attacker could create a malicious PDF file that would cause applications using poppler to crash, or possibly execute arbitrary code when opened. This vulnerability also affected KOffice, so the updated packages have been patched to correct this issue. A file conflicts existed between one of the library packages and the koffice-devel package which prevented successful upgrades if koffice-devel was previously installed. This update removes the conflicting file from koffice-devel.
93d0d1738ee01446f6a1baffed0f981ea4f49adbc3b0871cc0b229e33332a306Mandriva Linux Security Advisory - Kees Cook of Ubuntu security found a flaw in how poppler prior to version 0.6 displayed malformed fonts embedded in PDF files. An attacker could create a malicious PDF file that would cause applications using poppler to crash, or possibly execute arbitrary code when opened. This vulnerability also affected KOffice, so the updated packages have been patched to correct this issue.
2c2f5d437212325f501d1d8e343de0b61cc5b52ff949dfe7bce05e9e6ab81604Mandriva Linux Security Advisory - Kees Cook of Ubuntu security found a flaw in how poppler prior to version 0.6 displayed malformed fonts embedded in PDF files. An attacker could create a malicious PDF file that would cause applications using poppler to crash, or possibly execute arbitrary code when opened. This vulnerability also affected older versions of kpdf, so the updated packages have been patched to correct this issue.
2e4eb3a1cfa200aa1553279dcca250c0ce40d9d4b18ec10492b2801603b85743Debian Security Advisory 1606-1 - It was discovered that poppler, a PDF rendering library, did not properly handle embedded fonts in PDF files, allowing attackers to execute arbitrary code via a crafted font object.
ab8a5372e6778b4db0da5898c993eeb5fd38998980796a0fe4f9d00e108686fdMandriva Linux Security Advisory - Kees Cook of Ubuntu security found a flaw in how poppler prior to version 0.6 displayed malformed fonts embedded in PDF files. An attacker could create a malicious PDF file that would cause applications using poppler to crash, or possibly execute arbitrary code when opened.
f9016c9218f56709a1ed4fc7880e117f2a6527018eff22a0a85f38da214f689aUbuntu Security Notice 603-2 - USN-603-1 fixed vulnerabilities in poppler. This update provides the corresponding updates for KWord, part of KOffice. It was discovered that the poppler PDF library did not correctly handle certain malformed embedded fonts. If a user or an automated system were tricked into opening a malicious PDF, a remote attacker could execute arbitrary code with user privileges.
3fcd5e4740674011b06b40a1ad46454941f4d681ea10dab23af3edfee1e3489bUbuntu Security Notice 603-1 - It was discovered that the poppler PDF library did not correctly handle certain malformed embedded fonts. If a user or an automated system were tricked into opening a malicious PDF, a remote attacker could execute arbitrary code with user privileges.
4f46d3895907df5f8df60181ff60bf2f620bccc8f4737c3354eac9d4b0987e0fDebian Security Advisory 1548-1 - Kees Cook discovered a vulnerability in xpdf, set set of tools for display and conversion of Portable Document Format (PDF) files.
235a47cd18fb9984d68817b8239aad99176bdcef51f920aeff5bcaf305ed06c0Gentoo Linux Security Advisory GLSA 200804-18:02 - Kees Cook from the Ubuntu Security Team reported that the CairoFont::create() function in the file CairoFontEngine.cc does not verify the type of an embedded font object inside a PDF file before dereferencing a function pointer from it. Versions less than 0.6.3 are affected.
ae9a60cc3da4430f6ca0967bccd1d1da37676c2acea84b5f512ec8df953eb6b5
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed