Stay Secure with the Latest Linux Advisories

security advisorydenial of servicebuffer overflow

Fedora Core 4: 2006-103 Critical: Heap-Based Buffer Overflow in Poppler

Heap-based buffer overflow in Splash.cc in poppler, allows attackers to cause a denial of service and possibly execute arbitrary code via crafted splash images that produce certain values that exceed the width or height of the associated bitmap.. ---------------------------------------------------------------------Fedora Update Notification FEDORA-2006-103 2006-02-10 ---------------------------------------------------------------------Product : Fedora Core 4 Name : poppler Version : 0.4.5 Release : 1.1 Summary : PDF rendering library Description : Poppler, a PDF rendering library, it's a fork of the xpdf PDF viewer developed by Derek Noonburg of Glyph and Cog, LLC. ---------------------------------------------------------------------Update Information: Heap-based buffer overflow in Splash.cc in poppler, allows attackers to cause a denial of service and possibly execute arbitrary code via crafted splash images that produce certain values that exceed the width or height of the associated bitmap. ---------------------------------------------------------------------* Thu Feb 9 2006 Kristian Høgsberg 0.4.5-1.1 - Security release: CVE-2006-0301. ---------------------------------------------------------------------This update can be downloaded from: a6389ee0a029cd9d00554e895379b58141be1e9d SRPMS/poppler-0.4.5-1.1.src.rpm 55b7d8faeda8942de95da47256dd63324826ab0d ppc/poppler-0.4.5-1.1.ppc.rpm 4e2cf64d7b1cf1f6dcd2f4d4dec6abfe37032cbf ppc/poppler-devel-0.4.5-1.1.ppc.rpm b04be63e76106bb65bb7e9e1a99c74a8e973514d ppc/debug/poppler-debuginfo-0.4.5-1.1.ppc.rpm 249b969c8751b1a53722e8264d2f3fc8fc5e9979 x86_64/poppler-0.4.5-1.1.x86_64.rpm f5e61e706c434ad24bd6cece6affa754361d80cd x86_64/poppler-devel-0.4.5-1.1.x86_64.rpm cfb05d07796ee23f56ed3aa19111f875d54e4b7f x86_64/debug/poppler-debuginfo-0.4.5-1.1.x86_64.rpm 8dc27611a2cde6baeb0d6212a88e7ad6d8035808 i386/poppler-0.4.5-1.1.i386.rpm 73f916b518fa1e32a1ecba95cf9cc36a6e2bc49a i386/poppler-devel-0.4.5-1.1.i386.rpm 7026c75efdce668f7e35bc2332f5d516496aef1f i386/debug/poppler-debuginfo-0.4.5-1.1.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at . ----------------------------------------------------------------------- fedora-announce-list mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Memory corruption vulnerability in libcairo impacts Fedora 34, enabling service disruptions and possible code execution through specially designed graphics files.. Fedora Update, Poppler Patch, Exploit Fix. . Severity: Critical. LinuxSecurity.com Team

Feb 10, 2006 •Critical Fedora