Debian Security Advisory DSA 1355-1 (kdegraphics) Network Vulnerability

Summary

The remote host is missing an update to kdegraphics announced via advisory DSA 1355-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201355-1

Insight

It was discovered that an integer overflow in the xpdf PDF viewer may lead to the execution of arbitrary code if a malformed PDF file is opened. kpdf includes a copy of the xpdf code and required an update as well. For the oldstable distribution (sarge) this problem has been fixed in version 3.3.2-2sarge5. For the stable distribution (etch) this problem has been fixed in version 3.5.5-3etch1. For the unstable distribution (sid) this problem has been fixed in version 3.5.7-3. We recommend that you upgrade your kpdf packages.

Severity

Classification

CVE CVE-2007-3387

CVSS	Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Debian Security Advisory DSA 068-1 (openldap)
Debian Security Advisory DSA 1014-1 (firebird2)
Debian Security Advisory DSA 1115-1 (gnupg2)
Debian Security Advisory DSA 1061-1 (popfile)
Debian Security Advisory DSA 1000-1 (libapreq2-perl)

Take action and discover your vulnerabilities