aru Posted February 2, 2006 Report Share Posted February 2, 2006 Mandriva Advisories MDKSA-2006:031 : kdegraphics Updated kdegraphics packages fixes heap-based buffer overflow vulnerability February 2nd, 2006 Heap-based buffer overflow in Splash.cc in xpdf allows attackers to cause a denial of service and possibly execute arbitrary code via crafted splash images that produce certain values that exceed the width or height of the associated bitmap. Kdegraphics-kpdf uses a copy of the xpdf code and as such has the same issues. The updated packages have been patched to correct this issue. The released versions of Mandriva GNU/Linux affected are: 2006.0Full information about this advisory, including the updated packages, is available at: wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:031 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0301 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.15 2005/11/24 16:53:12 aru Exp aru $) Link to comment Share on other sites More sharing options...
Recommended Posts