Oval Definition:oval:com.redhat.rhsa:def:20100859
Revision Date:2010-11-10Version:634
Title:RHSA-2010:0859: poppler security update (Important)
Description:Poppler is a Portable Document Format (PDF) rendering library, used by applications such as Evince.

  • Two uninitialized pointer use flaws were discovered in poppler. An attacker could create a malicious PDF file that, when opened, would cause applications that use poppler (such as Evince) to crash or, potentially, execute arbitrary code. (CVE-2010-3702, CVE-2010-3703)

  • An array index error was found in the way poppler parsed PostScript Type 1 fonts embedded in PDF documents. An attacker could create a malicious PDF file that, when opened, would cause applications that use poppler (such as Evince) to crash or, potentially, execute arbitrary code. (CVE-2010-3704)

    Users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2010-3702
    CVE-2010-3702
    CVE-2010-3703
    CVE-2010-3703
    CVE-2010-3704
    CVE-2010-3704
    RHSA-2010:0859
    RHSA-2010:0859-03
    RHSA-2010:0859-03
    Platform(s):Red Hat Enterprise Linux 6
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 6 is installed
  • AND
  • poppler is earlier than 0:0.12.4-3.el6_0.1
  • AND poppler is signed with Red Hat redhatrelease2 key
  • poppler-devel is earlier than 0:0.12.4-3.el6_0.1
  • AND poppler-devel is signed with Red Hat redhatrelease2 key
  • poppler-glib is earlier than 0:0.12.4-3.el6_0.1
  • AND poppler-glib is signed with Red Hat redhatrelease2 key
  • poppler-glib-devel is earlier than 0:0.12.4-3.el6_0.1
  • AND poppler-glib-devel is signed with Red Hat redhatrelease2 key
  • poppler-qt is earlier than 0:0.12.4-3.el6_0.1
  • AND poppler-qt is signed with Red Hat redhatrelease2 key
  • poppler-qt-devel is earlier than 0:0.12.4-3.el6_0.1
  • AND poppler-qt-devel is signed with Red Hat redhatrelease2 key
  • poppler-qt4 is earlier than 0:0.12.4-3.el6_0.1
  • AND poppler-qt4 is signed with Red Hat redhatrelease2 key
  • poppler-qt4-devel is earlier than 0:0.12.4-3.el6_0.1
  • AND poppler-qt4-devel is signed with Red Hat redhatrelease2 key
  • poppler-utils is earlier than 0:0.12.4-3.el6_0.1
  • AND poppler-utils is signed with Red Hat redhatrelease2 key
    • BACK