CentOS Update For Xpdf CESA-2008:0240 Centos4 I386 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

Xpdf is an X Window System-based viewer for Portable Document Format (PDF) files. Kees Cook discovered a flaw in the way xpdf displayed malformed fonts embedded in PDF files. An attacker could create a malicious PDF file that would cause xpdf to crash, or, potentially, execute arbitrary code when opened. (CVE-2008-1693) Users are advised to upgrade to these updated packages, which contain backported patches to resolve this issue.

Affected

xpdf on CentOS 4

References

http://lists.centos.org/pipermail/centos-announce/2008-April/014847.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2008-1693

CVSS	Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

CentOS Update for 389-ds-base CESA-2014:1031 centos6
CentOS Security Advisory CESA-2009:1164 (tomcat)
CentOS Security Advisory CESA-2009:1123 (gstreamer-plugins-good)
CentOS Security Advisory CESA-2009:0004-01 (openssl)
CentOS Update for acpid CESA-2009:0474 centos5 i386

CentOS Update for xpdf CESA-2008:0240 centos4 i386

Take action and discover your vulnerabilities