Get our new Windows 7 eBook (PDF) for $7 with 70+ Tips. Download Now!

kpdf Buffer Overflow Vulnerability

Monday, December 27th, 2004
by Marc Erickson

No Related Post

KDE Security Advisory 20041223-1

Systems affected:

KDE 3.2 up to including KDE 3.2.3.
KDE 3.3 up to including KDE 3.3.2.

Overview:

kpdf, the KDE pdf viewer, shares code with xpdf. xpdf contains
a buffer overflow that can be triggered by a specially
crafted PDF file.

3. Impact:

Remotely supplied pdf files can be used to execute arbitrary
code on the client machine.

4. Solution:

Source code patches have been made available which fix these
vulnerabilities. Contact your OS vendor / binary package provider
for information about how to obtain updated binary packages.

5. Patch:

Patch for KDE 3.2.3 is available from
ftp://ftp.kde.org/pub/kde/security_patches :

6f345c4b89f0bc27522f5d62bfd941cd post-3.2.3-kdegraphics-2.diff

Patch for KDE 3.3.2 is available from
ftp://ftp.kde.org/pub/kde/security_patches :

0ac92868d3b84284e54877e32cde521f post-3.3.2-kdegraphics.diff

What Do You Think?

Posted Recently

Chrome OS Security The Winner?

Free Netbooks From Google?

Another Naysayer Gets It Half Wrong

Ba Ba BaShare Is Not For Sheep

GnoMenu Brings Menu Control To GNOME Users

Better MP3 Players Than The iPod?

Source Code Released - Google Chromium OS

To GIMP Or Not To GIMP

Banshee Gets New Features

SourceForge To GeekNet - Let The Confusion Commence

Latest Information

Tags

Categories

What Do You Think?

Posted Recently

What's New?

Older Posts