Advertisement

Latest News

[ Windows | Linux | Apple ]

· Gigabyte Intel Z87 Motherboard Lineup Preview and more
· Microsoft to roll out Xbox dashboard UI alterations before next-gen console
· Adobe Photoshop Express now available for Windows 8 and RT
· GNOME 3.8.2 Released
· Windows 8 is an enterprise 'non-starter' because IT sees no value in changes
· What to Expect from Unity in Ubuntu 13.10
· Analysts praise Nokia's new Lumia 925
· Best Business Laptops - May 2013 and more
· openSUSE 13.1 Milestone 1 released
· How to Install Cinnamon 1.8 on Ubuntu 13.04

Upcoming News

· Gigabyte Intel Z87 Motherboard Lineup Preview
· [ANNOUNCE] libchamplain 0.12.4
· [security-announce] SUSE-SU-2013:0810-1: important: Security update for oracle-update
· [security-announce] SUSE-SU-2013:0811-1: important: Security update for oracle-update
· [security-announce] SUSE-SU-2013:0809-1: important: Security update for Acrobat Reader
· Rosewill RDEE-12002 USB 3.0 Hard Drive Enclosure @ techPowerUp
· ASUS M5A97 R2.0 Motherboard @ Hardware Secrets
· Samsung Galaxy S4 Smartphone Review @ HardwareHeaven.com
· [RHSA-2013:0832-01] Important: kernel security update
· [Tech ARP] Hard Disk Drive Myths Debunked! Rev. 5.1

Linux Compatibility

· Dell Dimension 9100
· CL-CAM50001 UPC=3700284609322
· DFE 520 TX
· nVidia GeForce4 MX 440
· Gore: Ultimate Soldier
· SMC2802W V2 wi-fi 54Mbps PCI card
· Wireless modem router N300
· Dell P780
· ASUS A7V8X
· BricsCAD for Linux

New Forum Topics

· shutdown link ?
by: estirwent
on: 2013-05-11 17:46
18 replies, 6288 views

· Laptop keyboard drank soda
by: Zenn
on: 2013-04-30 00:27
1 replies, 624 views

· connecting to to internet with ubuntu
by: Zenn
on: 2013-04-30 00:26
2 replies, 4474 views

· Need Linux-compatible PS/2 expansion card
by: Zenn
on: 2013-04-30 00:26
1 replies, 690 views

· irql_not_less_or_equal blue screen
by: Zenn
on: 2013-04-30 00:25
2 replies, 1076 views

News Channels

· Drivers
· Guides
· Reviews
· Security
· Software
· Press Release
· Updates
· Interviews
· Linux
· General
· Debian
· Red Hat
· Slackware
· Gentoo
· Mandriva
· White Box
· SUSE
· GNOME
· KDE
· CentOS
· Ubuntu
· MEPIS
· Android

What's New

Login to see an overview of all news stories since your last visit.

Welcome to our website

To take full advantage of all features you need to login or register. Registration is completely free and takes only a few seconds.

KDE Security Advisory: KOffice PDF Import Filter Vulnerability

Posted by Philipp Esselbach on: 01/21/2005 05:13 AM [ Print | 0 comment(s) ]

KDE Security Advisory: KOffice PDF Import Filter Vulnerability
Original Release Date: 2005-01-20
URL: http://www.kde.org/info/security/advisory-20050120-1.txt

0. References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0064
http://www.idefense.com/application/poi/display?id=186type=vulnerabilities

1. Systems affected:

KOffice 1.3 up to including KOffice 1.3.5

2. Overview:

The KOffice PDF Import Filter shares code with xpdf. xpdf contains a buffer overflow that can be triggered by a specially crafted PDF file.

3. Impact:

Remotely supplied pdf files can be used to execute arbitrary code on the client machine when the user opens such file in KOffice.

4. Solution:

Source code patches have been made available which fix these vulnerabilities. Contact your OS vendor / binary package provider for information about how to obtain updated binary packages.

5. Patch:

Patch for KOffice 1.3.5 is available from

ftp://ftp.kde.org/pub/kde/security_patches :

0e6194cbfe3f6d3b3c848c2c76ef5bfb post-1.3.5-koffice.diff

6. Time line and credits:

19/01/2005 KDE Security Team alerted by Carsten Lohrke
19/01/2005 Patches from xpdf 3.00pl3 applied to KDE CVS and patches prepared.

20/01/2005 Public disclosure.

All products mentioned are registered trademarks or trademarks of their respective owners.
© 2002-2013 Esselbach Internet Solutions - All Rights Reserved. Terms and privacy policy
Powered by Contentteller® Business Edition