Support / Security / Advisories / Mandriva Linux 2007 / MDKSA-2007:223

Package name: pdftohtml
Date: 2007-11-17
Advisory ID: MDKSA-2007:223
Affected versions: 2007.1 x86_64 , 2007.1 i586 , 2007.0 x86_64 , 2007.0 i586

Problem description

Alin Rad Pop found several flaws in how PDF files are handled
in pdftohtml. An attacker could create a malicious PDF file that
would cause pdftohtml to crash or potentially execute arbitrary code
when opened.

The updated packages have been patched to correct this issue.

Updated packages

2007.1 x86_64

 3d168d492c922339bd46e77d38d3ecee  2007.1/x86_64/pdftohtml-0.39-1.2mdv2007.1.x86_64.rpm 
 f99c3523b19e76caf7fe0d25fac005f9  2007.1/SRPMS/pdftohtml-0.39-1.2mdv2007.1.src.rpm

2007.1 i586

 ceffaf54873223fe405acfc1d62eb12e  2007.1/i586/pdftohtml-0.39-1.2mdv2007.1.i586.rpm 
 f99c3523b19e76caf7fe0d25fac005f9  2007.1/SRPMS/pdftohtml-0.39-1.2mdv2007.1.src.rpm

2007.0 x86_64

 11b13089a2f357f6082ffd49cf896768  2007.0/x86_64/pdftohtml-0.36-5.3mdv2007.0.x86_64.rpm 
 d3cc008572bf9a179f6c4d1695f7433f  2007.0/SRPMS/pdftohtml-0.36-5.3mdv2007.0.src.rpm

2007.0 i586

 49fc5029a7e8269f057dfab6090ea37f  2007.0/i586/pdftohtml-0.36-5.3mdv2007.0.i586.rpm 
 d3cc008572bf9a179f6c4d1695f7433f  2007.0/SRPMS/pdftohtml-0.36-5.3mdv2007.0.src.rpm

MDKSA-2007:223