Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2013-2023 and is owned by Tenable, Inc. or an Affiliate thereof.ORACLELINUX_ELSA-2010-0859.NASL
HistoryJul 12, 2013 - 12:00 a.m.

Oracle Linux 6 : poppler (ELSA-2010-0859)

2013-07-1200:00:00
This script is Copyright (C) 2013-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
27

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

EPSS

0.011

Percentile

84.4%

JSON

From Red Hat Security Advisory 2010:0859 :

Updated poppler packages that fix three security issues are now available for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

Poppler is a Portable Document Format (PDF) rendering library, used by applications such as Evince.

Two uninitialized pointer use flaws were discovered in poppler. An attacker could create a malicious PDF file that, when opened, would cause applications that use poppler (such as Evince) to crash or, potentially, execute arbitrary code. (CVE-2010-3702, CVE-2010-3703)

An array index error was found in the way poppler parsed PostScript Type 1 fonts embedded in PDF documents. An attacker could create a malicious PDF file that, when opened, would cause applications that use poppler (such as Evince) to crash or, potentially, execute arbitrary code. (CVE-2010-3704)

Users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2010:0859 and 
# Oracle Linux Security Advisory ELSA-2010-0859 respectively.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(68137);
  script_version("1.10");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/09/07");

  script_cve_id("CVE-2010-3702", "CVE-2010-3703", "CVE-2010-3704");
  script_bugtraq_id(43594, 43841, 43845);
  script_xref(name:"RHSA", value:"2010:0859");

  script_name(english:"Oracle Linux 6 : poppler (ELSA-2010-0859)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Oracle Linux host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"From Red Hat Security Advisory 2010:0859 :

Updated poppler packages that fix three security issues are now
available for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS)
base scores, which give detailed severity ratings, are available for
each vulnerability from the CVE links in the References section.

Poppler is a Portable Document Format (PDF) rendering library, used by
applications such as Evince.

Two uninitialized pointer use flaws were discovered in poppler. An
attacker could create a malicious PDF file that, when opened, would
cause applications that use poppler (such as Evince) to crash or,
potentially, execute arbitrary code. (CVE-2010-3702, CVE-2010-3703)

An array index error was found in the way poppler parsed PostScript
Type 1 fonts embedded in PDF documents. An attacker could create a
malicious PDF file that, when opened, would cause applications that
use poppler (such as Evince) to crash or, potentially, execute
arbitrary code. (CVE-2010-3704)

Users are advised to upgrade to these updated packages, which contain
backported patches to correct these issues.");
  script_set_attribute(attribute:"see_also", value:"https://linux.oracle.com/errata/ELSA-2010-0859.html");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2010-3702");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2010/11/05");
  script_set_attribute(attribute:"patch_publication_date", value:"2011/02/16");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/07/12");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:poppler");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:poppler-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:poppler-glib");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:poppler-glib-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:poppler-qt");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:poppler-qt-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:poppler-qt4");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:poppler-qt4-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:poppler-utils");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:6");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Oracle Linux Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2013-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include('rpm.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');
var os_release = get_kb_item("Host/RedHat/release");
if (isnull(os_release) || !pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux)", string:os_release)) audit(AUDIT_OS_NOT, 'Oracle Linux');
var os_ver = pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');
os_ver = os_ver[1];
if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 6', 'Oracle Linux ' + os_ver);

if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);

var pkgs = [
    {'reference':'poppler-0.12.4-3.el6_0.1', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'poppler-devel-0.12.4-3.el6_0.1', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'poppler-glib-0.12.4-3.el6_0.1', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'poppler-glib-devel-0.12.4-3.el6_0.1', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'poppler-qt-0.12.4-3.el6_0.1', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'poppler-qt-devel-0.12.4-3.el6_0.1', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'poppler-qt4-0.12.4-3.el6_0.1', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'poppler-qt4-devel-0.12.4-3.el6_0.1', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'poppler-utils-0.12.4-3.el6_0.1', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'poppler-0.12.4-3.el6_0.1', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'poppler-devel-0.12.4-3.el6_0.1', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'poppler-glib-0.12.4-3.el6_0.1', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'poppler-glib-devel-0.12.4-3.el6_0.1', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'poppler-qt-0.12.4-3.el6_0.1', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'poppler-qt-devel-0.12.4-3.el6_0.1', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'poppler-qt4-0.12.4-3.el6_0.1', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'poppler-qt4-devel-0.12.4-3.el6_0.1', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'poppler-utils-0.12.4-3.el6_0.1', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE}
];

var flag = 0;
foreach var package_array ( pkgs ) {
  var reference = NULL;
  var _release = NULL;
  var sp = NULL;
  var _cpu = NULL;
  var el_string = NULL;
  var rpm_spec_vers_cmp = NULL;
  var epoch = NULL;
  var allowmaj = NULL;
  var exists_check = NULL;
  if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
  if (!empty_or_null(package_array['release'])) _release = 'EL' + package_array['release'];
  if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
  if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
  if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
  if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
  if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
  if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
  if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
  if (reference && _release) {
    if (exists_check) {
        if (rpm_exists(release:_release, rpm:exists_check) && rpm_check(release:_release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
    } else {
        if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
    }
  }
}

if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'poppler / poppler-devel / poppler-glib / etc');
}
VendorProductVersionCPE
oraclelinuxpopplerp-cpe:/a:oracle:linux:poppler
oraclelinuxpoppler-develp-cpe:/a:oracle:linux:poppler-devel
oraclelinuxpoppler-glibp-cpe:/a:oracle:linux:poppler-glib
oraclelinuxpoppler-glib-develp-cpe:/a:oracle:linux:poppler-glib-devel
oraclelinuxpoppler-qtp-cpe:/a:oracle:linux:poppler-qt
oraclelinuxpoppler-qt-develp-cpe:/a:oracle:linux:poppler-qt-devel
oraclelinuxpoppler-qt4p-cpe:/a:oracle:linux:poppler-qt4
oraclelinuxpoppler-qt4-develp-cpe:/a:oracle:linux:poppler-qt4-devel
oraclelinuxpoppler-utilsp-cpe:/a:oracle:linux:poppler-utils
oraclelinux6cpe:/o:oracle:linux:6

Related

openvas 66
nessus 67
fedora 6
redhat 9
oraclelinux 9
slackware 2
altlinux 5
ubuntu 1
centos 8
osv 1
securityvulns 2
debian 2
gentoo 1
nvd 3
cve 3
debiancve 3
cvelist 3
prion 3
ubuntucve 3
veracode 2
openvas
openvas
Mandriva Update for poppler MDVSA-2010:231 (poppler)
2010-11-16 00:00:00
Fedora Update for poppler FEDORA-2010-15981
2010-10-22 00:00:00
Slackware Advisory SSA:2010-324-02 poppler
2012-09-11 00:00:00
nessus
nessus
CentOS 4 : xpdf (CESA-2010:0751)
2010-10-11 00:00:00
CentOS 4 / 5 : kdegraphics (CESA-2010:0753)
2010-10-11 00:00:00
Oracle Linux 5 : poppler (ELSA-2010-0749)
2013-07-12 00:00:00
fedora
fedora
[SECURITY] Fedora 12 Update: poppler-0.12.4-5.fc12
2010-10-19 07:09:48
[SECURITY] Fedora 13 Update: poppler-0.12.4-6.fc13
2010-10-19 07:02:34
[SECURITY] Fedora 14 Update: poppler-0.14.4-1.fc14
2010-10-15 12:39:06
redhat
redhat
(RHSA-2010:0859) Important: poppler security update
2010-11-10 00:00:00
(RHSA-2010:0751) Important: xpdf security update
2010-10-07 00:00:00
(RHSA-2010:0752) Important: gpdf security update
2010-10-07 00:00:00
oraclelinux
oraclelinux
poppler security update
2011-02-10 00:00:00
xpdf security update
2010-10-07 00:00:00
poppler security update
2010-10-07 00:00:00
slackware
slackware
[slackware-security] poppler
2010-11-21 00:21:03
[slackware-security] xpdf
2010-11-21 00:20:46
altlinux
altlinux
Security fix for the ALT Linux 5 package poppler5 version 0.12.4-alt0.M50P.3
2010-11-12 00:00:00
Security fix for the ALT Linux 5 package kdegraphics version 3.5.10-alt6
2010-10-14 00:00:00
Security fix for the ALT Linux 5 package kdegraphics version 3.5.10-alt5.M50P.1
2010-10-19 00:00:00
ubuntu
ubuntu
poppler vulnerabilities
2010-10-19 00:00:00
centos
centos
poppler security update
2010-10-10 22:51:57
gpdf security update
2010-10-09 22:11:24
xpdf security update
2010-10-09 22:08:57
osv
osv
xpdf - several vulnerabilities
2010-12-21 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 2116-1] New poppler packages fix several vulnerabilities
2010-10-13 00:00:00
poppler library multiple security vulnerabilities
2010-10-13 00:00:00
debian
debian
[SECURITY] [DSA 2116-1] New poppler packages fix several vulnerabilities
2010-10-12 19:31:31
[SECURITY] [DSA 2135-1] New xpdf packages fix several vulnerabilities
2010-12-21 17:34:34
gentoo
gentoo
Xpdf: User-assisted execution of arbitrary code
2014-02-17 00:00:00
nvd
nvd
CVE-2010-3703
2010-11-05 18:00:25
CVE-2010-3704
2010-11-05 18:00:25
CVE-2010-3702
2010-11-05 18:00:05
cve
cve
CVE-2010-3703
2010-11-05 18:00:25
CVE-2010-3704
2010-11-05 18:00:25
CVE-2010-3702
2010-11-05 18:00:05
debiancve
debiancve
CVE-2010-3703
2010-11-05 18:00:25
CVE-2010-3704
2010-11-05 18:00:25
CVE-2010-3702
2010-11-05 18:00:05
cvelist
cvelist
CVE-2010-3703
2010-11-05 17:00:00
CVE-2010-3704
2010-11-05 17:00:00
CVE-2010-3702
2010-11-05 17:00:00
prion
prion
Null pointer dereference
2010-11-05 18:00:00
Memory corruption
2010-11-05 18:00:00
Null pointer dereference
2010-11-05 18:00:00
ubuntucve
ubuntucve
CVE-2010-3703
2010-10-13 00:00:00
CVE-2010-3704
2010-10-13 00:00:00
CVE-2010-3702
2010-10-13 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:48:42
Arbitrary Code Execution
2020-04-10 00:48:43

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

EPSS

0.011

Percentile

84.4%

JSON
Related for ORACLELINUX_ELSA-2010-0859.NASL
openvas66nessus67fedora6redhat9oraclelinux9slackware2altlinux5ubuntu1centos8osv1securityvulns2debian2gentoo1nvd3cve3debiancve3cvelist3prion3ubuntucve3veracode2