Oval Definition:oval:org.mitre.oval:def:13235
Revision Date:2015-02-23Version:22
Title:DSA-1793-1 kdegraphics -- multiple
Description:kpdf, a Portable Document Format viewer for KDE, is based on the xpdf program and thus suffers from similar flaws to those described in DSA-1790. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-0146 Multiple buffer overflows in the JBIG2 decoder in kpdf allow remote attackers to cause a denial of service via a crafted PDF file, related to JBIG2SymbolDict::setBitmap and JBIG2Stream::readSymbolDictSeg. CVE-2009-0147 Multiple integer overflows in the JBIG2 decoder in kpdf allow remote attackers to cause a denial of service via a crafted PDF file, related to JBIG2Stream::readSymbolDictSeg, JBIG2Stream::readSymbolDictSeg, and JBIG2Stream::readGenericBitmap. CVE-2009-0165 Integer overflow in the JBIG2 decoder in kpdf has unspecified impact related to "g*allocn." CVE-2009-0166 The JBIG2 decoder in kpdf allows remote attackers to cause a denial of service via a crafted PDF file that triggers a free of uninitialised memory. CVE-2009-0799 The JBIG2 decoder in kpdf allows remote attackers to cause a denial of service via a crafted PDF file that triggers an out-of-bounds read. CVE-2009-0800 Multiple "input validation flaws" in the JBIG2 decoder in kpdf allow remote attackers to execute arbitrary code via a crafted PDF file. CVE-2009-1179 Integer overflow in the JBIG2 decoder in kpdf allows remote attackers to execute arbitrary code via a crafted PDF file. CVE-2009-1180 The JBIG2 decoder in kpdf allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data. CVE-2009-1181 The JBIG2 decoder in kpdf allows remote attackers to cause a denial of service via a crafted PDF file that triggers a NULL pointer dereference. CVE-2009-1182 Multiple buffer overflows in the JBIG2 MMR decoder in kpdf allow remote attackers to execute arbitrary code via a crafted PDF file. CVE-2009-1183 The JBIG2 MMR decoder in kpdf allows remote attackers to cause a denial of service via a crafted PDF file. We recommend that you upgrade your kdegraphics packages.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2009-0146
CVE-2009-0147
CVE-2009-0165
CVE-2009-0166
CVE-2009-0799
CVE-2009-0800
CVE-2009-1179
CVE-2009-1180
CVE-2009-1181
CVE-2009-1182
CVE-2009-1183
DSA-1793-1
Platform(s):Debian GNU/Linux 4.0
Debian GNU/Linux 5.0
Product(s):kdegraphics
Definition Synopsis
  • Release section
  • Debian GNU/Linux 5.0 is installed
  • AND Architecture section
  • Architecture independent section
  • Installed architecture is all
  • AND Packages section
  • kdegraphics DPKG is earlier than 4:3.5.9-3+lenny1
  • OR kdegraphics-doc-html DPKG is earlier than 4:3.5.9-3+lenny1
  • OR Architecture depended section
  • Supported architectures section
  • Installed architecture is s390
  • OR Installed architecture is amd64
  • OR Installed architecture is sparc
  • OR Installed architecture is arm
  • OR Installed architecture is i386
  • OR Installed architecture is armel
  • OR Installed architecture is mips
  • OR Installed architecture is ia64
  • OR Installed architecture is alpha
  • OR Installed architecture is powerpc
  • OR Installed architecture is mipsel
  • OR Installed architecture is hppa
  • AND Packages section
  • kdegraphics-kfile-plugins DPKG is earlier than 4:3.5.9-3+lenny1
  • OR ksvg DPKG is earlier than 4:3.5.9-3+lenny1
  • OR libkscan-dev DPKG is earlier than 4:3.5.9-3+lenny1
  • OR kgamma DPKG is earlier than 4:3.5.9-3+lenny1
  • OR libkscan1 DPKG is earlier than 4:3.5.9-3+lenny1
  • OR kpovmodeler DPKG is earlier than 4:3.5.9-3+lenny1
  • OR kooka DPKG is earlier than 4:3.5.9-3+lenny1
  • OR kdegraphics-dev DPKG is earlier than 4:3.5.9-3+lenny1
  • OR kghostview DPKG is earlier than 4:3.5.9-3+lenny1
  • OR kfaxview DPKG is earlier than 4:3.5.9-3+lenny1
  • OR kviewshell DPKG is earlier than 4:3.5.9-3+lenny1
  • OR kview DPKG is earlier than 4:3.5.9-3+lenny1
  • OR kfax DPKG is earlier than 4:3.5.9-3+lenny1
  • OR ksnapshot DPKG is earlier than 4:3.5.9-3+lenny1
  • OR kmrml DPKG is earlier than 4:3.5.9-3+lenny1
  • OR kpdf DPKG is earlier than 4:3.5.9-3+lenny1
  • OR kcoloredit DPKG is earlier than 4:3.5.9-3+lenny1
  • OR kiconedit DPKG is earlier than 4:3.5.9-3+lenny1
  • OR kruler DPKG is earlier than 4:3.5.9-3+lenny1
  • OR kuickshow DPKG is earlier than 4:3.5.9-3+lenny1
  • OR kdvi DPKG is earlier than 4:3.5.9-3+lenny1
  • OR kdegraphics-dbg DPKG is earlier than 4:3.5.9-3+lenny1
  • OR kolourpaint DPKG is earlier than 4:3.5.9-3+lenny1
  • OR kamera DPKG is earlier than 4:3.5.9-3+lenny1
  • OR Release section
  • Debian GNU/Linux 4.0 is installed.
  • AND Architecture section
  • Architecture independent section
  • Installed architecture is all
  • AND Packages section
  • kdegraphics DPKG is earlier than 4:3.5.5-3etch3
  • OR kdegraphics-doc-html DPKG is earlier than 4:3.5.5-3etch3
  • OR Architecture depended section
  • Supported architectures section
  • Installed architecture is s390
  • OR Installed architecture is amd64
  • OR Installed architecture is sparc
  • OR Installed architecture is powerpc
  • OR Installed architecture is i386
  • OR Installed architecture is mips
  • OR Installed architecture is ia64
  • OR Installed architecture is alpha
  • OR Installed architecture is mipsel
  • OR Installed architecture is hppa
  • AND Packages section
  • kdegraphics-kfile-plugins DPKG is earlier than 4:3.5.5-3etch3
  • OR ksvg DPKG is earlier than 4:3.5.5-3etch3
  • OR libkscan-dev DPKG is earlier than 4:3.5.5-3etch3
  • OR kgamma DPKG is earlier than 4:3.5.5-3etch3
  • OR libkscan1 DPKG is earlier than 4:3.5.5-3etch3
  • OR kpovmodeler DPKG is earlier than 4:3.5.5-3etch3
  • OR kooka DPKG is earlier than 4:3.5.5-3etch3
  • OR kdegraphics-dev DPKG is earlier than 4:3.5.5-3etch3
  • OR kghostview DPKG is earlier than 4:3.5.5-3etch3
  • OR kfaxview DPKG is earlier than 4:3.5.5-3etch3
  • OR kviewshell DPKG is earlier than 4:3.5.5-3etch3
  • OR kview DPKG is earlier than 4:3.5.5-3etch3
  • OR kfax DPKG is earlier than 4:3.5.5-3etch3
  • OR ksnapshot DPKG is earlier than 4:3.5.5-3etch3
  • OR kmrml DPKG is earlier than 4:3.5.5-3etch3
  • OR kpdf DPKG is earlier than 4:3.5.5-3etch3
  • OR kcoloredit DPKG is earlier than 4:3.5.5-3etch3
  • OR kiconedit DPKG is earlier than 4:3.5.5-3etch3
  • OR kruler DPKG is earlier than 4:3.5.5-3etch3
  • OR kuickshow DPKG is earlier than 4:3.5.5-3etch3
  • OR kdvi DPKG is earlier than 4:3.5.5-3etch3
  • OR kdegraphics-dbg DPKG is earlier than 4:3.5.5-3etch3
  • OR kolourpaint DPKG is earlier than 4:3.5.5-3etch3
  • OR kamera DPKG is earlier than 4:3.5.5-3etch3
    • BACK