Turbolinux Local Security Tests : Turbolinux TLSA-2007-4 (xpdf)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.58029

Categoría: Turbolinux Local Security Tests

Título: Turbolinux TLSA-2007-4 (xpdf)

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing an update to xpdf
announced via advisory TLSA-2007-4.

Xpdf is an X Window System based viewer for Portable Document Format (PDF) files.

The xpdf contains a vulnerability that can cause denial of service (infinite loop)
via a crafted PDF file.

This vulnerability may allow remote attackers to execute arbitrary
code, denial of service (infinite loop) or memory corruption via crafted pdf files.

Solution: Please use the turbopkg (zabom) tool to apply the update.
https://secure1.securityspace.com/smysecure/catid.html?in=TLSA-2007-4

Risk factor : High

CVSS Score:
6.8

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2007-0104
BugTraq ID: 21910
http://www.securityfocus.com/bid/21910
Bugtraq: 20070116 [KDE Security Advisory] kpdf/kword/xpdf denial of service vulnerability (Google Search)
http://www.securityfocus.com/archive/1/457055/100/0/threaded
Cert/CC Advisory: TA07-072A
http://www.us-cert.gov/cas/techalerts/TA07-072A.html
http://www.mandriva.com/security/advisories?name=MDKSA-2007:018
http://www.mandriva.com/security/advisories?name=MDKSA-2007:019
http://www.mandriva.com/security/advisories?name=MDKSA-2007:020
http://www.mandriva.com/security/advisories?name=MDKSA-2007:021
http://www.mandriva.com/security/advisories?name=MDKSA-2007:022
http://www.mandriva.com/security/advisories?name=MDKSA-2007:024
http://projects.info-pull.com/moab/MOAB-06-01-2007.html
http://securitytracker.com/id?1017514
http://www.securitytracker.com/id?1017749
http://secunia.com/advisories/23791
http://secunia.com/advisories/23799
http://secunia.com/advisories/23808
http://secunia.com/advisories/23813
http://secunia.com/advisories/23815
http://secunia.com/advisories/23839
http://secunia.com/advisories/23844
http://secunia.com/advisories/23876
http://secunia.com/advisories/24204
http://secunia.com/advisories/24479
SuSE Security Announcement: SUSE-SR:2007:003 (Google Search)
http://www.novell.com/linux/security/advisories/2007_3_sr.html
http://www.ubuntu.com/usn/usn-410-1
http://www.ubuntu.com/usn/usn-410-2
http://www.vupen.com/english/advisories/2007/0203
http://www.vupen.com/english/advisories/2007/0212
http://www.vupen.com/english/advisories/2007/0244
http://www.vupen.com/english/advisories/2007/0930
XForce ISS Database: multiple-vendor-pdf-code-execution(31364)
https://exchange.xforce.ibmcloud.com/vulnerabilities/31364

Copyright Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.58029
Categoría:	Turbolinux Local Security Tests
Título:	Turbolinux TLSA-2007-4 (xpdf)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to xpdf announced via advisory TLSA-2007-4. Xpdf is an X Window System based viewer for Portable Document Format (PDF) files. The xpdf contains a vulnerability that can cause denial of service (infinite loop) via a crafted PDF file. This vulnerability may allow remote attackers to execute arbitrary code, denial of service (infinite loop) or memory corruption via crafted pdf files. Solution: Please use the turbopkg (zabom) tool to apply the update. https://secure1.securityspace.com/smysecure/catid.html?in=TLSA-2007-4 Risk factor : High CVSS Score: 6.8
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-0104 BugTraq ID: 21910 http://www.securityfocus.com/bid/21910 Bugtraq: 20070116 [KDE Security Advisory] kpdf/kword/xpdf denial of service vulnerability (Google Search) http://www.securityfocus.com/archive/1/457055/100/0/threaded Cert/CC Advisory: TA07-072A http://www.us-cert.gov/cas/techalerts/TA07-072A.html http://www.mandriva.com/security/advisories?name=MDKSA-2007:018 http://www.mandriva.com/security/advisories?name=MDKSA-2007:019 http://www.mandriva.com/security/advisories?name=MDKSA-2007:020 http://www.mandriva.com/security/advisories?name=MDKSA-2007:021 http://www.mandriva.com/security/advisories?name=MDKSA-2007:022 http://www.mandriva.com/security/advisories?name=MDKSA-2007:024 http://projects.info-pull.com/moab/MOAB-06-01-2007.html http://securitytracker.com/id?1017514 http://www.securitytracker.com/id?1017749 http://secunia.com/advisories/23791 http://secunia.com/advisories/23799 http://secunia.com/advisories/23808 http://secunia.com/advisories/23813 http://secunia.com/advisories/23815 http://secunia.com/advisories/23839 http://secunia.com/advisories/23844 http://secunia.com/advisories/23876 http://secunia.com/advisories/24204 http://secunia.com/advisories/24479 SuSE Security Announcement: SUSE-SR:2007:003 (Google Search) http://www.novell.com/linux/security/advisories/2007_3_sr.html http://www.ubuntu.com/usn/usn-410-1 http://www.ubuntu.com/usn/usn-410-2 http://www.vupen.com/english/advisories/2007/0203 http://www.vupen.com/english/advisories/2007/0212 http://www.vupen.com/english/advisories/2007/0244 http://www.vupen.com/english/advisories/2007/0930 XForce ISS Database: multiple-vendor-pdf-code-execution(31364) https://exchange.xforce.ibmcloud.com/vulnerabilities/31364
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com