Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2005:066
HistoryFeb 15, 2005 - 12:00 a.m.

(RHSA-2005:066) kdegraphics security update

2005-02-1500:00:00
access.redhat.com
10

0.096 Low

EPSS

Percentile

94.8%

JSON

The kdegraphics packages contain applications for the K Desktop Environment
including kpdf, a pdf file viewer.

A buffer overflow flaw was found in the Gfx::doImage function of Xpdf that
also affects kpdf due to a shared codebase. An attacker could construct a
carefully crafted PDF file that could cause kpdf to crash or possibly
execute arbitrary code when opened. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2004-1125 to
this issue.

A buffer overflow flaw was found in the Decrypt::makeFileKey2 function of
Xpdf which also affects kpdf due to a shared codebase. An attacker could
construct a carefully crafted PDF file that could cause kpdf to crash or
possibly execute arbitrary code when opened. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2005-0064 to
this issue.

During a source code audit, Chris Evans and others discovered a number of
integer overflow bugs that affected all versions of Xpdf which also affects
kpdf due to a shared codebase. An attacker could construct a carefully
crafted PDF file that could cause kpdf to crash or possibly execute
arbitrary code when opened. The Common Vulnerabilities and Exposures
project (cve.mitre.org) has assigned the name CAN-2004-0888 to this issue.

Users should update to these erratum packages which contain backported
patches to correct these issues.

Related

nessus 74
openvas 51
securityvulns 8
redhat 10
gentoo 11
oraclelinux 1
osv 7
debian 9
ubuntu 3
freebsd 2
fedora 1
altlinux 2
centos 1
nvd 5
cve 3
ubuntucve 4
cvelist 3
debiancve 4
nessus
nessus
RHEL 4 : kdegraphics (RHSA-2005:066)
2005-02-22 00:00:00
GLSA-200501-31 : teTeX, pTeX, CSTeX: Multiple vulnerabilities
2005-02-14 00:00:00
Mandrake Linux Security Advisory : koffice (MDKSA-2004:165)
2005-01-02 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200501-31 (teTeX)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200501-31 (teTeX)
2008-09-24 00:00:00
SLES9: Security update for Cups
2009-10-10 00:00:00
securityvulns
securityvulns
[ GLSA 200501-31 ] teTeX, pTeX, CSTeX: Multiple vulnerabilities
2005-01-26 00:00:00
iDEFENSE Security Advisory 01.18.05 - Multiple Unix/Linux Vendor Xpdf makeFileKey2 Stack Overflow
2005-01-19 00:00:00
MDKSA-2004:114 - Updated gpdf packages fix DoS vulnerability
2004-10-22 00:00:00
redhat
redhat
(RHSA-2005:057) gpdf security update
2005-02-15 00:00:00
(RHSA-2005:034) xpdf security update
2005-02-15 00:00:00
(RHSA-2005:026) tetex security update
2005-03-16 00:00:00
gentoo
gentoo
teTeX, pTeX, CSTeX: Multiple vulnerabilities
2005-01-23 00:00:00
Xpdf, GPdf: Stack overflow in Decrypt::makeFileKey2
2005-01-21 00:00:00
libextractor: Multiple overflow vulnerabilities
2005-06-09 00:00:00
oraclelinux
oraclelinux
kdegraphics security update
2006-11-30 00:00:00
osv
osv
tetex-bin - integer overflows
2004-11-25 00:00:00
cupsys - integer overflows
2004-10-21 00:00:00
xpdf - buffer overflow
2005-01-19 00:00:00
debian
debian
[SECURITY] [DSA 599-1] New tetex-bin packages fix arbitrary code execution
2004-11-25 14:48:24
[SECURITY] [DSA 581-1] New xpdf packages fix arbitrary code execution
2004-11-02 15:35:44
[SECURITY] [DSA 573-1] New cupsys packages fix arbitrary code execution
2004-10-21 14:18:22
ubuntu
ubuntu
tetex-bin vulnerabilities
2004-10-28 00:00:00
xpdf, CUPS vulnerabilities
2005-01-19 00:00:00
xpdf, tetex-bin vulnerabilities
2004-12-23 00:00:00
freebsd
freebsd
xpdf -- makeFileKey2() buffer overflow vulnerability
2005-01-06 00:00:00
xpdf -- buffer overflow vulnerability
2004-11-23 00:00:00
fedora
fedora
[SECURITY] Fedora Core 5 Update: cups-1.2.8-1.fc5
2007-03-14 20:14:24
altlinux
altlinux
Security fix for the ALT Linux 5 package xpdf version 3.00-alt5pl3
2005-01-19 00:00:00
Security fix for the ALT Linux 5 package xpdf version 3.00-alt4pl2
2004-12-22 00:00:00
centos
centos
tetex security update
2005-04-01 21:29:55
nvd
nvd
CVE-2005-0064
2005-05-02 04:00:00
CVE-2004-1125
2005-01-10 05:00:00
CVE-2008-1374
2008-04-04 00:44:00
cve
cve
CVE-2005-0064
2005-05-02 04:00:00
CVE-2004-1125
2005-01-10 05:00:00
CVE-2005-0206
2005-04-27 04:00:00
ubuntucve
ubuntucve
CVE-2005-0064
2005-05-02 00:00:00
CVE-2004-1125
2005-01-10 00:00:00
CVE-2004-0888
2005-01-27 00:00:00
cvelist
cvelist
CVE-2005-0064
2005-01-19 05:00:00
CVE-2004-1125
2004-12-22 05:00:00
CVE-2008-1374
2008-04-04 00:00:00
debiancve
debiancve
CVE-2005-0064
2005-05-02 04:00:00
CVE-2004-1125
2005-01-10 05:00:00
CVE-2004-0889
2005-01-27 05:00:00

0.096 Low

EPSS

Percentile

94.8%

JSON
Related for RHSA-2005:066
nessus74openvas51securityvulns8redhat10gentoo11oraclelinux1osv7debian9ubuntu3freebsd2fedora1altlinux2centos1nvd5cve3ubuntucve4cvelist3debiancve4