[Bug 160948] [kpdf] multiple xpdf based vulnerabilities
hk47
bugtracker at slideomania.com
Thu Nov 8 13:17:49 UTC 2007
Public bug reported:
Binary package hint: kpdf
References:
http://www.kde.org/info/security/advisory-20071107-1.txt
"Systems affected:
KDE 3.2.0 up to including KDE 3.5.8.
All KOffice 1.x releases.
Overview:
kpdf, the KDE pdf viewer, shares code with xpdf. xpdf contains
multiple vulnerabilities that can crash kpdf or possibly
execute arbitrary code. The issues were reported by Secunia
Research. Similiar xpdf based code also exists in kword
pdf import filters of KOffice 1.x."
See also Bug #160944.
>From Bug #129940 I remember that Ubuntu's kpdf/kdegraphics/koffice
relies on poppler, but since I'm not sure if the reported issues don't
affect (K)Ubuntu's packages, I'm submitting this bug report.
** Affects: kdegraphics (Ubuntu)
Importance: Undecided
Status: New
** Affects: koffice (Ubuntu)
Importance: Undecided
Status: New
** Visibility changed to: Public
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2007-4352
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2007-5392
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2007-5493
** Also affects: koffice (Ubuntu)
Importance: Undecided
Status: New
--
[kpdf] multiple xpdf based vulnerabilities
https://bugs.launchpad.net/bugs/160948
You received this bug notification because you are a member of Kubuntu
Team, which is a bug contact for kdegraphics in ubuntu.
More information about the kubuntu-bugs
mailing list