kpdf of KDE 3.3.x heap based buffer overflow

2006.03.11
Credit: Dirk Mueller
Risk: Medium
Local: Yes
Remote: Yes
CWE: CWE-119


CVSS Base Score: 7.5/10
Impact Subscore: 6.4/10
Exploitability Subscore: 10/10
Exploit range: Remote
Attack complexity: Low
Authentication: No required
Confidentiality impact: Partial
Integrity impact: Partial
Availability impact: Partial

KDE Security Advisory: kpdf/xpdf heap based buffer overflow Original Release Date: 2006-03-10 URL: http://www.kde.org/info/security/advisory-20060202-1.txt 0. References CVE-2006-0746 1. Systems affected: KDE 3.3.2 with patch from CVE-2005-3627 applied. Please note that the patch for KDE 3.4.x and newer was correct and is unaffected. 2. Overview: kpdf, the KDE pdf viewer, shares code with xpdf. xpdf contains multiple vulnerabilities, one of them being CVE-2005-3627, that was patched in the KDE security advisory 20051207-2. However, the patch published for KDE 3.3.x was faulty and only partially fixed the vulnerability. We'd like to thank Marcelo Ricardo Leitner for bringing this error to our attention. The Common Vulnerabilities and Exposures project has assigned CVE-2006-0746 to this issue. 3. Impact: Remotely supplied pdf files can be used to execute arbitrary code on the client machine. 4. Solution: Source code patches have been made available which fix these vulnerabilities. Contact your OS vendor / binary package provider for information about how to obtain updated binary packages. 5. Patch: Patch for KDE 3.3.2 and newer is available from ftp://ftp.kde.org/pub/kde/security_patches : ea346b89a3b39915abbfd56841b9df23 post-3.3.2-kdegraphics-CVE-2006-0746.diff -- Dirk//-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) iD8DBQBEEYk/vsXr+iuy1UoRApcSAKCp8tSRzja9XlXgFjqrnhOFG2d+aACdFeOX aAjpOeuOJEbb5BVEeg2O6Q4= =Zd0t -----END PGP SIGNATURE-----


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top