Explore top 10 tips to secure your open-source projects now. Read More
×
PDFResurrect could be made to crash or run programs as your login if it
opened a specially crafted file.
Software Description:
- pdfresurrect: tool for extracting versioning data from PDF documents
Details:
It was discovered that PDFResurrect incorrectly handled certain memory
operations during PDF summary generation. An attacker could use this to
cause out-of-bounds writes, resulting in a denial of service (system crash)
or arbitrary code execution.
The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS: pdfresurrect 0.12-6ubuntu0.2 In general, a standard system update will make all the necessary changes.
https://ubuntu.com/security/notices/USN-4642-1
CVE-2020-9549
Get the latest Linux and open source security news straight to your inbox.