Debian Security Advisory DSA 971-1 (xpdf) Network Vulnerability

Summary

The remote host is missing an update to xpdf announced via advisory DSA 971-1. SuSE researchers discovered heap overflow errors in xpdf, the Portable Document Format (PDF) suite, that can allow attackers to cause a denial of service by crashing the application or possibly execute arbitrary code. The old stable distribution (woody) is not affected.

Solution

For the stable distribution (sarge) these problems have been fixed in version 3.00-13.5. For the unstable distribution (sid) these problems have been fixed in version 3.01-6. We recommend that you upgrade your xpdf packages. https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20971-1

Severity

Classification

CVE CVE-2006-0301

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Debian Security Advisory DSA 102-2 (at)
Debian Security Advisory DSA 1070-1 (kernel-source-2.4.19,kernel-image-sparc-2.4,kernel-patch-2.4.19-mips)
Debian Security Advisory DSA 081-1 (w3m, w3m-ssl)
Debian Security Advisory DSA 079-1 (uucp)
Debian Security Advisory DSA 016-1 (wu-ftpd)

Take action and discover your vulnerabilities