English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.900457
Kategorie:Buffer overflow
Titel:Xpdf Multiple Vulnerabilities
Zusammenfassung:The PDF viewer Xpdf is prone to multiple vulnerabilities on Linux; systems that can lead to arbitrary code execution.
Beschreibung:Summary:
The PDF viewer Xpdf is prone to multiple vulnerabilities on Linux
systems that can lead to arbitrary code execution.

Vulnerability Insight:
- Integer overflow in Xpdf JBIG2 Decoder which allows the attacker create a
malicious crafted PDF File and causes code execution.

- Flaws in Xpdf JBIG2 Decoder which causes buffer overflow, freeing of
arbitrary memory causing Xpdf application to crash.

Vulnerability Impact:
Successful exploitation will let the attacker craft a malicious PDF File and
execute arbitrary codes into the context of the affected application to cause
denial of service attacks, buffer overflow attacks, remote code executions etc.

Affected Software/OS:
Xpdf version 3.02 and prior on Linux.

Solution:
Apply Xpdf v3.02 pl3 patch.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Querverweis: BugTraq ID: 34568
BugTraq ID: 34791
Common Vulnerability Exposure (CVE) ID: CVE-2009-0195
http://www.securityfocus.com/bid/34791
Bugtraq: 20090417 Secunia Research: CUPS pdftops JBIG2 Symbol Dictionary Buffer Overflow (Google Search)
http://www.securityfocus.com/archive/1/502759/100/0/threaded
Bugtraq: 20090417 Secunia Research: Xpdf JBIG2 Symbol Dictionary Buffer Overflow Vulnerability (Google Search)
http://www.securityfocus.com/archive/1/502762/100/0/threaded
http://www.mandriva.com/security/advisories?name=MDVSA-2010:087
http://secunia.com/secunia_research/2009-17/
http://secunia.com/secunia_research/2009-18/
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10076
RedHat Security Advisories: RHSA-2009:0458
http://rhn.redhat.com/errata/RHSA-2009-0458.html
http://www.redhat.com/support/errata/RHSA-2009-0480.html
http://secunia.com/advisories/34291
http://secunia.com/advisories/34481
http://secunia.com/advisories/34756
http://secunia.com/advisories/34963
http://secunia.com/advisories/35064
http://www.vupen.com/english/advisories/2010/1040
Common Vulnerability Exposure (CVE) ID: CVE-2009-0166
http://www.securityfocus.com/bid/34568
Bugtraq: 20090417 rPSA-2009-0061-1 cups (Google Search)
http://www.securityfocus.com/archive/1/502750/100/0/threaded
Debian Security Information: DSA-1790 (Google Search)
http://www.debian.org/security/2009/dsa-1790
Debian Security Information: DSA-1793 (Google Search)
http://www.debian.org/security/2009/dsa-1793
https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00567.html
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01277.html
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01291.html
http://security.gentoo.org/glsa/glsa-200904-20.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2009:101
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9778
http://www.redhat.com/support/errata/RHSA-2009-0429.html
http://www.redhat.com/support/errata/RHSA-2009-0430.html
http://www.redhat.com/support/errata/RHSA-2009-0431.html
http://www.securitytracker.com/id?1022073
http://secunia.com/advisories/34755
http://secunia.com/advisories/34852
http://secunia.com/advisories/34959
http://secunia.com/advisories/34991
http://secunia.com/advisories/35037
http://secunia.com/advisories/35065
http://secunia.com/advisories/35618
http://secunia.com/advisories/35685
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.578477
SuSE Security Announcement: SUSE-SA:2009:024 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00011.html
SuSE Security Announcement: SUSE-SR:2009:010 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html
SuSE Security Announcement: SUSE-SR:2009:012 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
http://www.vupen.com/english/advisories/2009/1065
http://www.vupen.com/english/advisories/2009/1066
http://www.vupen.com/english/advisories/2009/1077
Common Vulnerability Exposure (CVE) ID: CVE-2009-0147
http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html
Bugtraq: 20090417 rPSA-2009-0059-1 poppler (Google Search)
http://www.securityfocus.com/archive/1/502761/100/0/threaded
Cert/CC Advisory: TA09-133A
http://www.us-cert.gov/cas/techalerts/TA09-133A.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9941
http://secunia.com/advisories/35074
http://www.vupen.com/english/advisories/2009/1297
http://www.vupen.com/english/advisories/2009/1621
Common Vulnerability Exposure (CVE) ID: CVE-2009-0146
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9632
Common Vulnerability Exposure (CVE) ID: CVE-2009-1183
CERT/CC vulnerability note: VU#196617
http://www.kb.cert.org/vuls/id/196617
http://www.mandriva.com/security/advisories?name=MDVSA-2011:175
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10769
http://www.securitytracker.com/id?1022072
http://secunia.com/advisories/34746
http://www.vupen.com/english/advisories/2009/1076
Common Vulnerability Exposure (CVE) ID: CVE-2009-1182
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10735
Common Vulnerability Exposure (CVE) ID: CVE-2009-1181
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9683
Common Vulnerability Exposure (CVE) ID: CVE-2009-1179
http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11892
http://secunia.com/advisories/35379
http://www.vupen.com/english/advisories/2009/1522
Common Vulnerability Exposure (CVE) ID: CVE-2009-0800
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11323
Common Vulnerability Exposure (CVE) ID: CVE-2009-1180
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9926
Common Vulnerability Exposure (CVE) ID: CVE-2009-0799
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10204
Common Vulnerability Exposure (CVE) ID: CVE-2009-0165
XForce ISS Database: multiple-jbig2-unspecified(50377)
https://exchange.xforce.ibmcloud.com/vulnerabilities/50377
CopyrightCopyright (C) 2009 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.