Debian Security Advisory DSA 1941-1 (poppler) Network Vulnerability

Summary

The remote host is missing an update to poppler announced via advisory DSA 1941-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201941-1

Insight

Several integer overflows, buffer overflows and memory allocation errors were discovered in the Poppler PDF rendering library, which may lead to denial of service or the execution of arbitrary code if a user is tricked into opening a malformed PDF document. For the stable distribution (lenny), these problems have been fixed in version 0.8.7-3. An update for the old stable distribution (etch) will be issued soon as version 0.4.5-5.1etch4. For the unstable distribution (sid), these problems will be fixed soon. We recommend that you upgrade your poppler packages.

Severity

Classification

CVE CVE-2009-0755, CVE-2009-3606, CVE-2009-3607, CVE-2009-3608, CVE-2009-3903, CVE-2009-3904, CVE-2009-3905, CVE-2009-3909, CVE-2009-3938

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Debian Security Advisory DSA 1021-1 (netpbm-free)
Debian Security Advisory DSA 107-1 (jgroff)
Debian Security Advisory DSA 059-1 (man-db)
Debian Security Advisory DSA 1043-1 (abcmidi)
Debian Security Advisory DSA 096-1 (mutt)

Take action and discover your vulnerabilities