Oval Definition:oval:com.redhat.rhsa:def:20100749
Revision Date:2010-10-07Version:641
Title:RHSA-2010:0749: poppler security update (Important)
Description:Poppler is a Portable Document Format (PDF) rendering library, used by applications such as Evince.

  • An uninitialized pointer use flaw was discovered in poppler. An attacker could create a malicious PDF file that, when opened, would cause applications that use poppler (such as Evince) to crash or, potentially, execute arbitrary code. (CVE-2010-3702)

  • An array index error was found in the way poppler parsed PostScript Type 1 fonts embedded in PDF documents. An attacker could create a malicious PDF file that, when opened, would cause applications that use poppler (such as Evince) to crash or, potentially, execute arbitrary code. (CVE-2010-3704)

    Users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2010-3702
    CVE-2010-3704
    RHSA-2010:0749
    RHSA-2010:0749-01
    RHSA-2010:0749-01
    Platform(s):Red Hat Enterprise Linux 5
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND
  • poppler is earlier than 0:0.5.4-4.4.el5_5.14
  • AND poppler is signed with Red Hat redhatrelease2 key
  • poppler-devel is earlier than 0:0.5.4-4.4.el5_5.14
  • AND poppler-devel is signed with Red Hat redhatrelease2 key
  • poppler-utils is earlier than 0:0.5.4-4.4.el5_5.14
  • AND poppler-utils is signed with Red Hat redhatrelease2 key
    • BACK