Stilgar
18th June 2003, 23:45
Security Advisory - RHSA-2003:196-07
------------------------------------------------------------------------------
Summary:
Updated Xpdf packages fix security vulnerability
Updated Xpdf packages are available that fix a vulnerability where a
malicious PDF document could run arbitrary code.
Description:
Xpdf is an X Window System based viewer for Portable Document Format
(PDF) files.
Martyn Gilmore discovered a flaw in various PDF viewers and readers. An
attacker can embed malicious external-type hyperlinks that if activated or
followed by a victim can execute arbitrary shell commands. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2003-0434 to this issue.
All users of Xpdf are advised to upgrade to these errata packages, which
contain a patch to correct this issue.
References:
http://lists.netsys.com/pipermail/full-disclosure/2003-June/010397.html
------------------------------------------------------------------------------
Summary:
Updated Xpdf packages fix security vulnerability
Updated Xpdf packages are available that fix a vulnerability where a
malicious PDF document could run arbitrary code.
Description:
Xpdf is an X Window System based viewer for Portable Document Format
(PDF) files.
Martyn Gilmore discovered a flaw in various PDF viewers and readers. An
attacker can embed malicious external-type hyperlinks that if activated or
followed by a victim can execute arbitrary shell commands. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2003-0434 to this issue.
All users of Xpdf are advised to upgrade to these errata packages, which
contain a patch to correct this issue.
References:
http://lists.netsys.com/pipermail/full-disclosure/2003-June/010397.html