Contact | Site en Français               

 


 

VUPEN VNS v4.0
 
  Features and Options
  Free 14-Day Trial

  Partner Program
  Receive More Information
 
   
 

Latest Intelligence
 
  VUPEN Security Advisories

  Virus and Malware Alerts
  VUPEN Security Research
  Threat Watch Blog
  Zero-Day Monitor
  Search Engine
  Mailing List & RSS
 
   

>> Mandriva Security Update Fixes poppler PDF File Integer Overflow Vulnerability

Title : Mandriva Security Update Fixes poppler PDF File Integer Overflow Vulnerability
VUPEN ID : VUPEN/ADV-2007-2865
CVE ID : CVE-2007-3387
CWE ID : VUPEN VNS Only
CVSS V2 : VUPEN VNS Only
Rated as : High Risk 
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-08-14

Technical Description    Receive VUPEN Security alerts in a Text format  Receive VUPEN Security alerts in a PDF format  Receive VUPEN Security alerts in an XML format 

A vulnerability has been identified in Mandriva, which could be exploited by remote attackers to cause a denial of service or compromise an affected system. This issue is caused by an error in poppler. For additional information, see : VUPEN/ADV-2007-2704

Affected Products

Mandriva Linux 2007.0
Mandriva Linux 2007.1
Mandriva Corporate Server 4.0

Solution

Upgrade the affected packages :

Mandriva Linux 2007

ff1a936825b13adf6e0d244d0128efa4 2007.0/i586/libpoppler-qt1-0.5.3-5.3mdv2007.0.i586.rpm
9d28c724d9e3913761fa1d0528cb7cb8 2007.0/i586/libpoppler-qt1-devel-0.5.3-5.3mdv2007.0.i586.rpm
fa4b5cf01b38c572d741ef08fe04b293 2007.0/i586/libpoppler-qt4-1-0.5.3-5.3mdv2007.0.i586.rpm
e35a3598cbc0f29c4c21e675e6391ff3 2007.0/i586/libpoppler-qt4-1-devel-0.5.3-5.3mdv2007.0.i586.rpm
1702a9c16e72fe89f9aa1b78ff6055b5 2007.0/i586/libpoppler1-0.5.3-5.3mdv2007.0.i586.rpm
0f1f330e28674ce2e67e56f3614b4d2c 2007.0/i586/libpoppler1-devel-0.5.3-5.3mdv2007.0.i586.rpm
b619db3ef9b9545adf9f864f2972db97 2007.0/i586/poppler-0.5.3-5.3mdv2007.0.i586.rpm
9a311578c1933c8ec6ddb2f8b4e93445 2007.0/SRPMS/poppler-0.5.3-5.3mdv2007.0.src.rpm

Mandriva Linux 2007/X86_64

c8b111069fa66ce0682dacf1e3de01f9 2007.0/x86_64/lib64poppler-qt1-0.5.3-5.3mdv2007.0.x86_64.rpm
7434c137fd66482914aa6996f1aae55c 2007.0/x86_64/lib64poppler-qt1-devel-0.5.3-5.3mdv2007.0.x86_64.rpm
1b01f4d5f77ce2f08f09ca942c409b60 2007.0/x86_64/lib64poppler-qt4-1-0.5.3-5.3mdv2007.0.x86_64.rpm
cbc85b288f7e0e35a3c97c0e3731e6ef 2007.0/x86_64/lib64poppler-qt4-1-devel-0.5.3-5.3mdv2007.0.x86_64.rpm
db95938d3c09131729b80a7283d359c9 2007.0/x86_64/lib64poppler1-0.5.3-5.3mdv2007.0.x86_64.rpm
ccc128242680e5f90fb49026b83daa04 2007.0/x86_64/lib64poppler1-devel-0.5.3-5.3mdv2007.0.x86_64.rpm
714996d0cc629e62649360749a9050f0 2007.0/x86_64/poppler-0.5.3-5.3mdv2007.0.x86_64.rpm
9a311578c1933c8ec6ddb2f8b4e93445 2007.0/SRPMS/poppler-0.5.3-5.3mdv2007.0.src.rpm

Corporate Server 4.0

f8b99d883919ba20e7f46aa71448edb5 corporate/4.0/i586/libpoppler-qt0-0.4.1-3.5.20060mlcs4.i586.rpm
89e37529b304258acd4999c5fbfadec7 corporate/4.0/i586/libpoppler-qt0-devel-0.4.1-3.5.20060mlcs4.i586.rpm
97b9de6aa6c6617c21b7e9bbea3a517b corporate/4.0/i586/libpoppler0-0.4.1-3.5.20060mlcs4.i586.rpm
94232bb5dad116fdd2a4b342c7205eb3 corporate/4.0/i586/libpoppler0-devel-0.4.1-3.5.20060mlcs4.i586.rpm
45ba9d12e59c1cbb4aae41988d5983c3 corporate/4.0/SRPMS/poppler-0.4.1-3.5.20060mlcs4.src.rpm

Corporate Server 4.0/X86_64

4ee1af44c82311a075abd9bec021935c corporate/4.0/x86_64/lib64poppler-qt0-0.4.1-3.5.20060mlcs4.x86_64.rpm
53fbebb09587d1949951ad4a9d6a9eab corporate/4.0/x86_64/lib64poppler-qt0-devel-0.4.1-3.5.20060mlcs4.x86_64.rpm
2153b37ce8cd3a29bbf6d31a68a50558 corporate/4.0/x86_64/lib64poppler0-0.4.1-3.5.20060mlcs4.x86_64.rpm
43bacfb48b585a0f8903c32ed5ebe775 corporate/4.0/x86_64/lib64poppler0-devel-0.4.1-3.5.20060mlcs4.x86_64.rpm
45ba9d12e59c1cbb4aae41988d5983c3 corporate/4.0/SRPMS/poppler-0.4.1-3.5.20060mlcs4.src.rpm

Mandriva Linux 2007.1

2ef41e36faff21f62fbec2bf89e7b6f1 2007.1/i586/libpoppler-qt1-0.5.4-3.2mdv2007.1.i586.rpm
377e85d2c599a82f3871f138494f322c 2007.1/i586/libpoppler-qt1-devel-0.5.4-3.2mdv2007.1.i586.rpm
a3219588e17b2cc3189e5395ec5dd475 2007.1/i586/libpoppler-qt4-1-0.5.4-3.2mdv2007.1.i586.rpm
81344c8e3eb0437559e3e5c0eac62631 2007.1/i586/libpoppler-qt4-1-devel-0.5.4-3.2mdv2007.1.i586.rpm
b78ab182aac571c2a99fae0a5d470927 2007.1/i586/libpoppler1-0.5.4-3.2mdv2007.1.i586.rpm
87893636c37eb5db131127f89695df0f 2007.1/i586/libpoppler1-devel-0.5.4-3.2mdv2007.1.i586.rpm
6ff7146293ee8aec15574d4aa89d6a2f 2007.1/i586/poppler-0.5.4-3.2mdv2007.1.i586.rpm
87111ab66842ea16932e76614932f024 2007.1/SRPMS/poppler-0.5.4-3.2mdv2007.1.src.rpm

Mandriva Linux 2007.1/X86_64

6739512a718b2ba794d33c567703f9ad 2007.1/x86_64/lib64poppler-qt1-0.5.4-3.2mdv2007.1.x86_64.rpm
37b8f40a836b910455ed43a252303dc7 2007.1/x86_64/lib64poppler-qt1-devel-0.5.4-3.2mdv2007.1.x86_64.rpm
747be5e90c821630dd349ba16ef698b4 2007.1/x86_64/lib64poppler-qt4-1-0.5.4-3.2mdv2007.1.x86_64.rpm
153745ad2a655b8e1262c82ae1fc70a4 2007.1/x86_64/lib64poppler-qt4-1-devel-0.5.4-3.2mdv2007.1.x86_64.rpm
b59db62be7a4d73a8f0de227da0d5354 2007.1/x86_64/lib64poppler1-0.5.4-3.2mdv2007.1.x86_64.rpm
47541453858a863a482a316cf14d56b6 2007.1/x86_64/lib64poppler1-devel-0.5.4-3.2mdv2007.1.x86_64.rpm
9ac6efa64431cf7144e77375ba90769b 2007.1/x86_64/poppler-0.5.4-3.2mdv2007.1.x86_64.rpm
87111ab66842ea16932e76614932f024 2007.1/SRPMS/poppler-0.5.4-3.2mdv2007.1.src.rpm

References

http://www.vupen.com/english/advisories/2007/2865
http://www.mandriva.com/security/advisories?name=MDKSA-2007:161

ChangeLog

2007-08-14 : Initial release

Vulnerability Management

Subscribe to VUPEN VNS and receive real-time alerts with CVE, CWE, and CVSS when new advisories or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.
 

VUPEN Vulnerability
Notification Service
 

Latest Advisories
  

   
    





Copyright VUPEN © 2004-2010 - Privacy Policy