Debian Security Advisory DSA 599-1 (tetex-bin) Network Vulnerability

Summary

The remote host is missing an update to tetex-bin announced via advisory DSA 599-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20599-1

Insight

Chris Evans discovered several integer overflows in xpdf, that are also present in tetex-bin, binary files for the teTeX distribution, which can be exploited remotely by a specially crafted PDF document and lead to the execution of arbitrary code. For the stable distribution (woody) these problems have been fixed in version 20011202-7.3. For the unstable distribution (sid) these problems have been fixed in version 2.0.2-23. We recommend that you upgrade your tetex-bin packages.

Severity

Classification

CVE CVE-2004-0888

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Debian Security Advisory DSA 1019-1 (koffice)
Debian Security Advisory DSA 073-1 (imp)
Debian Security Advisory DSA 1004-1 (vlc)
Debian Security Advisory DSA 098-1 (libgtop)
Debian Security Advisory DSA 1043-1 (abcmidi)

Take action and discover your vulnerabilities