Bugtraq mailing list archives
[ GLSA 200804-18 ] Poppler: User-assisted execution of arbitrary code
From: Robert Buchholz <rbu () gentoo org>
Date: Thu, 17 Apr 2008 14:34:28 +0200
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200804-18:02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Poppler: User-assisted execution of arbitrary code Date: April 17, 2008 Updated: April 17, 2008 Bugs: #216850 ID: 200804-18:02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Poppler does not handle fonts inside PDF files safely, allowing for execution of arbitrary code. Background ========== Poppler is a cross-platform PDF rendering library originally based on Xpdf. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-text/poppler < 0.6.3 >= 0.6.3 Description =========== Kees Cook from the Ubuntu Security Team reported that the CairoFont::create() function in the file CairoFontEngine.cc does not verify the type of an embedded font object inside a PDF file before dereferencing a function pointer from it. Impact ====== A remote attacker could entice a user to open a specially crafted PDF file with a Poppler-based PDF viewer such as Gentoo's Xpdf, Epdfview, or Evince, potentially resulting in the execution of arbitrary code with the privileges of the user running the application. Workaround ========== There is no known workaround at this time. Resolution ========== All Poppler users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=app-text/poppler-0.6.3" References ========== [ 1 ] CVE-2008-1693 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1693 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200804-18.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security () gentoo org or alternatively, you may file a bug at http://bugs.gentoo.org. License ======= Copyright 2008 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5
Attachment:
signature.asc
Description: This is a digitally signed message part.
Current thread:
- [ GLSA 200804-18 ] Poppler: User-assisted execution of arbitrary code Robert Buchholz (Apr 17)