| Revision Date: | 2013-04-29 | Version: | 12 | | Title: | The CairoFont::create function in CairoFontEngine.cc in Poppler, possibly before 0.8.0, as used in Xpdf, Evince, ePDFview, KWord, and other applications, does not properly handle embedded fonts in PDF files, which allows remote attackers to execute arbitrary code via a crafted font object, related to dereferencing a function pointer associated with the type of this font object. | | Description: | The CairoFont::create function in CairoFontEngine.cc in Poppler, possibly before 0.8.0, as used in Xpdf, Evince, ePDFview, KWord, and other applications, does not properly handle embedded fonts in PDF files, which allows remote attackers to execute arbitrary code via a crafted font object, related to dereferencing a function pointer associated with the type of this font object. | | Family: | unix | Class: | vulnerability | | Status: | ACCEPTED | Reference(s): | CVE-2008-1693
| | Platform(s): | CentOS Linux 4
CentOS Linux 5
Oracle Linux 4
Oracle Linux 5
Red Hat Enterprise Linux 4
Red Hat Enterprise Linux 5
| Product(s): | | | Definition Synopsis | | OS Section: RHEL4, CentOS4, Oracle Linux 4 RHEL4, CentOS4 or Oracle Linux 4
The operating system installed on the system is Red Hat Enterprise Linux 4
OR CentOS Linux 4.x
OR Oracle Linux 4.x
AND Configuration section
kdegraphics-devel is earlier than 0:3.3.1-9.el4_6
OR gpdf is earlier than 0:2.8.2-7.7.2
OR xpdf is earlier than 1:3.00-16.el4
OR kdegraphics is earlier than 0:3.3.1-9.el4_6
OR OS Section: RHEL5, CentOS5, Oracle Linux 5
RHEL5, CentOS5 or Oracle Linux 5
The operating system installed on the system is Red Hat Enterprise Linux 5
OR The operating system installed on the system is CentOS Linux 5.x
OR Oracle Linux 5.x
AND Configuration section
poppler-utils is earlier than 0:0.5.4-4.4.el5_1
OR poppler-devel is earlier than 0:0.5.4-4.4.el5_1
OR poppler is earlier than 0:0.5.4-4.4.el5_1
|
|