- Advisory ID
- Betroffene Versionen
- 6.1 i586 , 6.0 i586 , 7.0 i586 , 7.1 i586
There is a potential race condation when using tmpnam() and fopen() in xpdf versions prior to 0.91. This exploit can be only used as root to overwrite arbitrary files if a symlink is created between the calls to tmpname() and fopen(). There is also a problem with malicious URL-type links in PDF documents that contain quote characters which could also potentially be used to execute arbitrary commands. This is due to xpdf calling system() with a netscape (or similar) command plus the URL. The 0.91 release of xpdf fixes both of these potential problems. Although there are no known exploits, users are encouraged to upgrade their system with these updates.
37e41179955b5e36dcd873449274e57a 6.1/RPMS/xpdf-0.91-2mdk.i586.rpm a7e0a28dec18bf6b568aed6457b7d1d4 6.1/SRPMS/xpdf-0.91-2mdk.src.rpm
db2848a72dc63c924d649d0cd08b57b5 6.0/RPMS/xpdf-0.91-2mdk.i586.rpm a7e0a28dec18bf6b568aed6457b7d1d4 6.0/SRPMS/xpdf-0.91-2mdk.src.rpm
79ec9e813bd183a544ae439078f8326b 7.0/RPMS/xpdf-0.91-2mdk.i586.rpm a7e0a28dec18bf6b568aed6457b7d1d4 7.0/SRPMS/xpdf-0.91-2mdk.src.rpm
3bb4134dece9deb3190e1fbf0de0159d 7.1/RPMS/xpdf-0.91-3mdk.i586.rpm 8648f98a0a8927e039fddcb50b57eca8 7.1/SRPMS/xpdf-0.91-3mdk.src.rpm