ID de Prueba:	1.3.6.1.4.1.25623.1.0.58717
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2007:1029
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2007:1029. Xpdf is an X Window System-based viewer for Portable Document Format (PDF) files. Alin Rad Pop discovered several flaws in the handling of PDF files. An attacker could create a malicious PDF file that would cause Xpdf to crash, or potentially execute arbitrary code when opened. (CVE-2007-4352, CVE-2007-5392, CVE-2007-5393) Users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2007-1029.html http://www.redhat.com/security/updates/classification/#important Risk factor : Critical CVSS Score: 9.3
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-4352 BugTraq ID: 26367 http://www.securityfocus.com/bid/26367 Bugtraq: 20071107 Secunia Research: Xpdf "Stream.cc" Multiple Vulnerabilities (Google Search) http://www.securityfocus.com/archive/1/483372 Debian Security Information: DSA-1480 (Google Search) http://www.debian.org/security/2008/dsa-1480 Debian Security Information: DSA-1509 (Google Search) http://www.debian.org/security/2008/dsa-1509 Debian Security Information: DSA-1537 (Google Search) http://www.debian.org/security/2008/dsa-1537 https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html http://security.gentoo.org/glsa/glsa-200711-22.xml http://security.gentoo.org/glsa/glsa-200711-34.xml http://security.gentoo.org/glsa/glsa-200805-13.xml http://www.mandriva.com/security/advisories?name=MDKSA-2007:219 http://www.mandriva.com/security/advisories?name=MDKSA-2007:220 http://www.mandriva.com/security/advisories?name=MDKSA-2007:221 http://www.mandriva.com/security/advisories?name=MDKSA-2007:222 http://www.mandriva.com/security/advisories?name=MDKSA-2007:223 http://www.mandriva.com/security/advisories?name=MDKSA-2007:227 http://www.mandriva.com/security/advisories?name=MDKSA-2007:228 http://www.mandriva.com/security/advisories?name=MDKSA-2007:230 http://secunia.com/secunia_research/2007-88/advisory/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9979 http://www.redhat.com/support/errata/RHSA-2007-1021.html http://www.redhat.com/support/errata/RHSA-2007-1022.html http://www.redhat.com/support/errata/RHSA-2007-1024.html http://www.redhat.com/support/errata/RHSA-2007-1025.html http://www.redhat.com/support/errata/RHSA-2007-1026.html http://www.redhat.com/support/errata/RHSA-2007-1027.html http://www.redhat.com/support/errata/RHSA-2007-1029.html http://www.redhat.com/support/errata/RHSA-2007-1030.html http://www.securitytracker.com/id?1018905 http://secunia.com/advisories/26503 http://secunia.com/advisories/27260 http://secunia.com/advisories/27553 http://secunia.com/advisories/27573 http://secunia.com/advisories/27574 http://secunia.com/advisories/27575 http://secunia.com/advisories/27577 http://secunia.com/advisories/27578 http://secunia.com/advisories/27599 http://secunia.com/advisories/27615 http://secunia.com/advisories/27618 http://secunia.com/advisories/27619 http://secunia.com/advisories/27632 http://secunia.com/advisories/27634 http://secunia.com/advisories/27636 http://secunia.com/advisories/27637 http://secunia.com/advisories/27640 http://secunia.com/advisories/27641 http://secunia.com/advisories/27642 http://secunia.com/advisories/27645 http://secunia.com/advisories/27656 http://secunia.com/advisories/27658 http://secunia.com/advisories/27705 http://secunia.com/advisories/27721 http://secunia.com/advisories/27724 http://secunia.com/advisories/27743 http://secunia.com/advisories/27856 http://secunia.com/advisories/28043 http://secunia.com/advisories/28812 http://secunia.com/advisories/29104 http://secunia.com/advisories/29604 http://secunia.com/advisories/30168 http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.761882 SuSE Security Announcement: SUSE-SA:2007:060 (Google Search) http://www.novell.com/linux/security/advisories/2007_60_pdf.html http://www.ubuntu.com/usn/usn-542-1 http://www.ubuntu.com/usn/usn-542-2 http://www.vupen.com/english/advisories/2007/3774 http://www.vupen.com/english/advisories/2007/3775 http://www.vupen.com/english/advisories/2007/3776 http://www.vupen.com/english/advisories/2007/3779 http://www.vupen.com/english/advisories/2007/3786 XForce ISS Database: xpdf-dctstreamread-memory-corruption(38306) https://exchange.xforce.ibmcloud.com/vulnerabilities/38306 Common Vulnerability Exposure (CVE) ID: CVE-2007-5392 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10036 XForce ISS Database: xpdf-dctstreamreset-bo(38303) https://exchange.xforce.ibmcloud.com/vulnerabilities/38303 Common Vulnerability Exposure (CVE) ID: CVE-2007-5393 Debian Security Information: DSA-1408 (Google Search) http://www.debian.org/security/2007/dsa-1408 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9839 http://www.redhat.com/support/errata/RHSA-2007-1023.html http://www.redhat.com/support/errata/RHSA-2007-1028.html http://www.redhat.com/support/errata/RHSA-2007-1031.html http://www.redhat.com/support/errata/RHSA-2007-1051.html http://secunia.com/advisories/27579 http://secunia.com/advisories/27718 http://secunia.com/advisories/27772 XForce ISS Database: xpdf-ccittfaxstreamlookchar-bo(38304) https://exchange.xforce.ibmcloud.com/vulnerabilities/38304
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.