lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Wed, 4 Jan 2006 15:50:01 +0100
From: Dirk Mueller <mueller@....org>
To: kde-announce@....org
Cc: bugtraq@...urityfocus.com
Subject: [KDE Security Advisory] UPDATE: kpdf/xpdf multiple
	integer overflows



KDE Security Advisory [UPDATED]: kpdf/xpdf multiple integer overflows
Original Release Date: 2005-12-07
Final Release Date:    2006-01-03
URL: http://www.kde.org/info/security/advisory-20051207-2.txt

0. References
        CAN-2005-3191
        CAN-2005-3192
        CAN-2005-3193
        CVE-2005-3624
        CVE-2005-3625
        CVE-2005-3626
        CVE-2005-3627
        CESA-2005-003


1. Systems affected:

        KDE 3.2.0 up to including KDE 3.5.0
	KOffice 1.3.0 up to including KOffice 1.4.2


2. Overview:

        kpdf, the KDE pdf viewer, shares code with xpdf. xpdf contains
        multiple integer overflow vulnerabilities that allow specially
	crafted pdf files, when opened, to overflow heap allocated
	buffers and execute arbitrary code.

        The patches announced in the KDE security advisory 20051207-1
        were incomplete. This re-issued advisory contains updated patches
        that correct issues with the original upstream patch that were
        found and fixed by Ludwig Nussel, Martin Pitt and Chris Evans.
        The previous patches and advisory have been removed.


3. Impact:

        Remotely supplied pdf files can be used to execute arbitrary
	code on the client machine.


4. Solution:

        Source code patches have been made available which fix these
        vulnerabilities. Contact your OS vendor / binary package provider
        for information about how to obtain updated binary packages.


5. Patch:

        Patch for KDE 3.5.0 is available from 
        ftp://ftp.kde.org/pub/kde/security_patches :

        17ea076e986be5e26a4feea3cd264f7e
        post-3.5.0-kdegraphics-CAN-2005-3193.diff

        Patch for KDE 3.4.3 is available from 
        ftp://ftp.kde.org/pub/kde/security_patches :

        e8dde74416769d4589dcca25072aea3e
        post-3.4.3-kdegraphics-CAN-2005-3193.diff

        Patch for KDE 3.3.2 is available from 
        ftp://ftp.kde.org/pub/kde/security_patches :

        fe38b0728e5e2b000eb04e037536f330
        post-3.3.2-kdegraphics-CAN-2005-3193.diff

        Patch for KDE 3.2.3 is available from 
        ftp://ftp.kde.org/pub/kde/security_patches :

        51ae90242b7e65ba34c704b38c91cfbe 
        post-3.2.3-kdegraphics-CAN-2005-3193.diff

        Patch for KOffice 1.3.0 and newer is available from 
        ftp://ftp.kde.org/pub/kde/security_patches :

        939b41e59cfb5f738e9b6fcfff4faf48
        post-1.3-koffice-CAN-2005-3193.diff

Powered by blists - more mailing lists