RedHat Update For Poppler RHSA-2008:0239-01 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

Poppler is a PDF rendering library, used by applications such as Evince. Kees Cook discovered a flaw in the way poppler displayed malformed fonts embedded in PDF files. An attacker could create a malicious PDF file that would cause applications that use poppler -- such as Evince -- to crash, or, potentially, execute arbitrary code when opened. (CVE-2008-1693) Users are advised to upgrade to these updated packages, which contain backported patches to resolve this issue.

Affected

poppler on Red Hat Enterprise Linux (v. 5 server)

References

https://www.redhat.com/archives/rhsa-announce/2008-April/msg00021.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2008-1693
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

RedHat Security Advisory RHSA-2009:0295
RedHat Security Advisory RHSA-2009:1595
RedHat Security Advisory RHSA-2009:0010
RedHat Security Advisory RHSA-2009:0360
RedHat Security Advisory RHSA-2009:1364

RedHat Update for poppler RHSA-2008:0239-01

Take action and discover your vulnerabilities