| Description: | The kdegraphics packages contain applications for the K Desktop Environment including kpdf, a PDF file viewer.
Marcelo Ricardo Leitner discovered that a kpdf security fix, CVE-2005-3627, was incomplete. Red Hat issued kdegraphics packages with this incomplete fix in RHSA-2005:868. An attacker could construct a carefully crafted PDF file that could cause kpdf to crash or possibly execute arbitrary code when opened. The Common Vulnerabilities and Exposures project assigned the name CVE-2006-0746 to this issue.
Users of kpdf should upgrade to these updated packages, which contain a backported patch to resolve this issue.
|