[KDE Security Advisory] UPDATE: kpdf/xpdf multiple integer overflow
Posted on: 01/04/2006 05:50 PM
KDE Security Advisory [UPDATED]: kpdf/xpdf multiple integer overflows
Original Release Date: 2005-12-07
Final Release Date: 2006-01-03
1. Systems affected:
KDE 3.2.0 up to including KDE 3.5.0
KOffice 1.3.0 up to including KOffice 1.4.2
kpdf, the KDE pdf viewer, shares code with xpdf. xpdf contains
multiple integer overflow vulnerabilities that allow specially
crafted pdf files, when opened, to overflow heap allocated
buffers and execute arbitrary code.
The patches announced in the KDE security advisory 20051207-1
were incomplete. This re-issued advisory contains updated patches
that correct issues with the original upstream patch that were
found and fixed by Ludwig Nussel, Martin Pitt and Chris Evans.
The previous patches and advisory have been removed.
Remotely supplied pdf files can be used to execute arbitrary
code on the client machine.
Source code patches have been made available which fix these
vulnerabilities. Contact your OS vendor / binary package provider
for information about how to obtain updated binary packages.
Patch for KDE 3.5.0 is available from ftp://ftp.kde.org/pub/kde/security_patches
Patch for KDE 3.4.3 is available from ftp://ftp.kde.org/pub/kde/security_patches
Patch for KDE 3.3.2 is available from ftp://ftp.kde.org/pub/kde/security_patches
Patch for KDE 3.2.3 is available from ftp://ftp.kde.org/pub/kde/security_patches
Patch for KOffice 1.3.0 and newer is available from ftp://ftp.kde.org/pub/kde/security_patches