Contact | Site en Français               

 


 

Vulnerabilities & Threats
 
  VUPEN Security Advisories
  Linux Security Advisories

  Malware Advisories
  Security Research
  Threat Watch Blog
  Zero-Day Monitor
  Search Engine
  Mailing List & RSS
 
   

>> Fedora Security Update Fixes Evince "get_next_text()" Buffer Overflow Vulnerability

Title : Fedora Security Update Fixes Evince "get_next_text()" Buffer Overflow Vulnerability
VUPEN ID : VUPEN/ADV-2006-4956
CVE ID : CVE-2006-5864
Rated as : Moderate Risk 
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2006-12-12

Technical Description    Receive VUPEN Security alerts in a Text format  Receive VUPEN Security alerts in a PDF format  Receive VUPEN Security alerts in an XML format  Receive VUPEN Security notifications by SMS 

Fedora has released updated packages to address a vulnerability identified in Evince. This flaw could be exploited by attackers to execute arbitrary commands. For additional information, see : VUPEN/ADV-2006-4747

Affected Products

Fedora Core 6
Fedora Core 5

Solution

Upgrade the affected packages :

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/

b53b986f8db9eeced8ed000c905b9e15f3a6762f SRPMS/evince-0.5.1-4.src.rpm
b53b986f8db9eeced8ed000c905b9e15f3a6762f noarch/evince-0.5.1-4.src.rpm
95e6094d0a88d6311bc84080bac1230108867bae ppc/evince-0.5.1-4.ppc.rpm
d38559ec1b5ff4c0894dae5e91d64da39e9b6387 ppc/debug/evince-debuginfo-0.5.1-4.ppc.rpm
1420d2903a94e9f6fb0a8dd649d4bb08f1af17d9 x86_64/debug/evince-debuginfo-0.5.1-4.x86_64.rpm
2932b8cf6c89e5ec128192823db10e4c885ec07c x86_64/evince-0.5.1-4.x86_64.rpm
1576208986b1b7bf662a76389ceefb4a580ebb19 i386/debug/evince-debuginfo-0.5.1-4.i386.rpm
9b8c0d9a9858db5dc26157eb09e053db1c7e6aa2 i386/evince-0.5.1-4.i386.rpm

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/

f0bd4512e69514436229e968de8604be9d2d870f SRPMS/evince-0.6.0-5.fc6.src.rpm
f0bd4512e69514436229e968de8604be9d2d870f noarch/evince-0.6.0-5.fc6.src.rpm
fa55b2fbd8df8b62232c94cd675f76bbd1f0b56b ppc/debug/evince-debuginfo-0.6.0-5.fc6.ppc.rpm
235754d90fcdb0d52a22d3f69047fa1e5684b4b4 ppc/evince-0.6.0-5.fc6.ppc.rpm
19cfd9084445320c080e3664ce2da4ac24fc54e2 x86_64/evince-0.6.0-5.fc6.x86_64.rpm
158b63e23d39873b2faa97c7f08844a71bd1a4ed x86_64/debug/evince-debuginfo-0.6.0-5.fc6.x86_64.rpm
d6fd08599525aab277fff588aaff7e07b934026c i386/evince-0.6.0-5.fc6.i386.rpm
73e638879e32c022ba90ed844477609ed67e19ee i386/debug/evince-debuginfo-0.6.0-5.fc6.i386.rpm

References

http://www.vupen.com/english/advisories/2006/4956
https://www.redhat.com/archives/fedora-package-announce/2006-December/msg00062.html
https://www.redhat.com/archives/fedora-package-announce/2006-December/msg00063.html

ChangeLog

2006-12-12 : Initial release

Vulnerability Management

Subscribe to VUPEN VNS and receive real-time e-mail and SMS alerts when new advisories or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.
 

Vulnerability Alerting

Free 14-Day Trial
 
  Latest News

 

  >> 2009-06-10

     

  VUPEN Security Research
  Discovered Critical Flaws
  in Adobe Acrobat and MS
  Office Word


  >> 2009-06-02

     

  VUPEN Security Research
  Discovered Critical Flaws
  in ACDSee Products


  >> 2009-05-22

     

  VUPEN Discovered Two
  Critical Vulnerabilities in
  Novell GroupWise 8 / 7


  >> 2009-05-12

     

  Microsoft Patched 14
  Office PowerPoint Flaws

 

  >> 2009-04-28

     

  Adobe Reader / Acrobat
  Vulnerabilities Disclosed

 

 

More Informations    
    








Copyright 2003-2009 © VUPEN.COM - Privacy Policy