aru Posted February 2, 2006 Report Share Posted February 2, 2006 Mandriva Advisories MDKSA-2006:032 : xpdf Updated xpdf packages fixes heap-based buffer overflow vulnerability February 2nd, 2006 Heap-based buffer overflow in Splash.cc in xpdf allows attackers to cause a denial of service and possibly execute arbitrary code via crafted splash images that produce certain values that exceed the width or height of the associated bitmap. The updated packages have been patched to correct this issue. The released versions of Mandriva GNU/Linux affected are: CS3.0 2006.0 Full information about this advisory, including the updated packages, is available at: wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:032 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0301 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.15 2005/11/24 16:53:12 aru Exp aru $) Link to comment Share on other sites More sharing options...
Recommended Posts