RedHat Security Advisory RHSA-2009:1682 Network Vulnerability

Summary

The remote host is missing updates announced in advisory RHSA-2009:1682. The kdegraphics packages contain applications for the K Desktop Environment, including KPDF, a viewer for Portable Document Format (PDF) files. Petr Gajdos and Christian Kornacker of SUSE reported a buffer overflow flaw in KPDF's Type 1 font parser. A specially-crafted PDF file with an embedded Type 1 font could cause KPDF to crash or, possibly, execute arbitrary code when opened. (CVE-2009-4035) Users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue.

Solution

Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date

References

http://rhn.redhat.com/errata/RHSA-2009-1682.html

Updated on 2017-03-28

Severity

Classification

CVE CVE-2009-4035
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

RedHat Security Advisory RHSA-2009:0355
RedHat Security Advisory RHSA-2009:1095
RedHat Security Advisory RHSA-2009:0397
RedHat Security Advisory RHSA-2009:0016
RedHat Security Advisory RHSA-2009:0394

Take action and discover your vulnerabilities