Summary
The remote host is missing an update to kdegraphics announced via advisory DSA 2050-1.
Solution
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202050-1
Insight
Several local vulnerabilities have been discovered in KPDF, a PDF viewer for KDE, which allow the execution of arbitrary code or denial of service if a user is tricked into opening a crafted PDF document.
For the stable distribution (lenny), these problems have been fixed in version 4:3.5.9-3+lenny3.
The unstable distribution (sid) no longer contains kpdf. It's replacement, Okular, links against the poppler PDF library.
We recommend that you upgrade your kdegraphics packages.
Severity
Classification
-
CVE CVE-2009-1188, CVE-2009-3603, CVE-2009-3604, CVE-2009-3606, CVE-2009-3608, CVE-2009-3609 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities