RedHat Update For Kdegraphics RHSA-2010:0753-01 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

The kdegraphics packages contain applications for the K Desktop Environment, including KPDF, a viewer for Portable Document Format (PDF) files. An uninitialized pointer use flaw was discovered in KPDF. An attacker could create a malicious PDF file that, when opened, would cause KPDF to crash or, potentially, execute arbitrary code. (CVE-2010-3702) An array index error was found in the way KPDF parsed PostScript Type 1 fonts embedded in PDF documents. An attacker could create a malicious PDF file that, when opened, would cause KPDF to crash or, potentially, execute arbitrary code. (CVE-2010-3704) Users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.

Affected

kdegraphics on Red Hat Enterprise Linux AS version 4, Red Hat Enterprise Linux ES version 4, Red Hat Enterprise Linux WS version 4

References

https://www.redhat.com/archives/rhsa-announce/2010-October/msg00008.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-3702, CVE-2010-3704
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

RedHat Update for kdegraphics RHSA-2010:0753-01

Take action and discover your vulnerabilities