kpdf, a Portable Document Format (PDF) viewer for KDE, is based on the
xpdf program and thus suffers from similar flaws to those described in
DSA-1790.
The Common Vulnerabilities and Exposures project identifies the
following problems:
- CVE-2009-0146
Multiple buffer overflows in the JBIG2 decoder in kpdf allow
remote attackers to cause a denial of service (crash) via a
crafted PDF file, related to (1) JBIG2SymbolDict::setBitmap and
(2) JBIG2Stream::readSymbolDictSeg.
- CVE-2009-0147
Multiple integer overflows in the JBIG2 decoder in kpdf allow
remote attackers to cause a denial of service (crash) via a
crafted PDF file, related to (1) JBIG2Stream::readSymbolDictSeg,
(2) JBIG2Stream::readSymbolDictSeg, and (3)
JBIG2Stream::readGenericBitmap.
- CVE-2009-0165
Integer overflow in the JBIG2 decoder in kpdf has unspecified
impact related to βg*allocn.β
- CVE-2009-0166
The JBIG2 decoder in kpdf allows remote attackers to cause a
denial of service (crash) via a crafted PDF file that triggers a
free of uninitialized memory.
- CVE-2009-0799
The JBIG2 decoder in kpdf allows remote attackers to cause a
denial of service (crash) via a crafted PDF file that triggers an
out-of-bounds read.
- CVE-2009-0800
Multiple βinput validation flawsβ in the JBIG2 decoder in kpdf
allow remote attackers to execute arbitrary code via a crafted PDF
file.
- CVE-2009-1179
Integer overflow in the JBIG2 decoder in kpdf allows remote
attackers to execute arbitrary code via a crafted PDF file.
- CVE-2009-1180
The JBIG2 decoder in kpdf allows remote attackers to execute
arbitrary code via a crafted PDF file that triggers a free of
invalid data.
- CVE-2009-1181
The JBIG2 decoder in kpdf allows remote attackers to cause a
denial of service (crash) via a crafted PDF file that triggers a
NULL pointer dereference.
- CVE-2009-1182
Multiple buffer overflows in the JBIG2 MMR decoder in kpdf allow
remote attackers to execute arbitrary code via a crafted PDF file.
- CVE-2009-1183
The JBIG2 MMR decoder in kpdf allows remote attackers to cause a
denial of service (infinite loop and hang) via a crafted PDF file.
The old stable distribution (etch), these problems have been fixed in version
3.5.5-3etch3.
For the stable distribution (lenny), these problems have been fixed in version
3.5.9-3+lenny1.
For the unstable distribution (sid), these problems will be fixed
soon.
We recommend that you upgrade your kdegraphics packages.