Package name
xpdf
Date
2006-02-02
Advisory ID
MDKSA-2006:032
Affected versions
CS3.0 i586 , 2006.0 i586 , 2006.0 x86_64 , CS3.0 x86_64

Problem description

Heap-based buffer overflow in Splash.cc in xpdf allows attackers to
cause a denial of service and possibly execute arbitrary code via
crafted splash images that produce certain values that exceed the width
or height of the associated bitmap.

The updated packages have been patched to correct this issue.

Updated packages

CS3.0 i586

 cf0b4100d5c0b55b2ce53256226a2b47  corporate/3.0/RPMS/xpdf-3.00-5.8.C30mdk.i586.rpm
 cee7a22a052ea85fc57388a801188ea3  corporate/3.0/SRPMS/xpdf-3.00-5.8.C30mdk.src.rpm

2006.0 i586

 21b6cae8bc6307f990b3358019d9b618  2006.0/RPMS/xpdf-3.01-1.2.20060mdk.i586.rpm
 bb57f993783c281c8eec21627457aa2c  2006.0/SRPMS/xpdf-3.01-1.2.20060mdk.src.rpm

2006.0 x86_64

 f170257a90c5130f3b363abe9f215ed8  x86_64/2006.0/RPMS/xpdf-3.01-1.2.20060mdk.x86_64.rpm
 bb57f993783c281c8eec21627457aa2c  x86_64/2006.0/SRPMS/xpdf-3.01-1.2.20060mdk.src.rpm

CS3.0 x86_64

 8fcdf6bd62ac3a8d634c701311cdcf11  x86_64/corporate/3.0/RPMS/xpdf-3.00-5.8.C30mdk.x86_64.rpm
 cee7a22a052ea85fc57388a801188ea3  x86_64/corporate/3.0/SRPMS/xpdf-3.00-5.8.C30mdk.src.rpm

References