Vulnerability CVE-2008-1693 - CERT Civis.Net

Vulnerability Name:

CVE-2008-1693 (CCN-41884)

Assigned:

2008-04-17

Published:

2008-04-17

Updated:

2017-09-29

Summary:

The CairoFont::create function in CairoFontEngine.cc in Poppler, possibly before 0.8.0, as used in Xpdf, Evince, ePDFview, KWord, and other applications, does not properly handle embedded fonts in PDF files, which allows remote attackers to execute arbitrary code via a crafted font object, related to dereferencing a function pointer associated with the type of this font object.

CVSS v3 Severity:

7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

6.8 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2008-1693

Source: SUSE
Type: UNKNOWN
SUSE-SR:2008:011

Source: CCN
Type: RHSA-2008-0238
Important: kdegraphics security update

Source: CCN
Type: RHSA-2008-0239
Important: poppler security update

Source: CCN
Type: RHSA-2008-0240
Important: xpdf security update

Source: CCN
Type: RHSA-2008-0262
Important: gpdf security update

Source: CCN
Type: SA29816
Xpdf Embedded Fonts Processing Vulnerability

Source: SECUNIA
Type: UNKNOWN
29816

Source: SECUNIA
Type: UNKNOWN
29834

Source: CCN
Type: SA29836
Poppler Embedded Fonts Processing Vulnerability

Source: SECUNIA
Type: UNKNOWN
29836

Source: SECUNIA
Type: UNKNOWN
29851

Source: SECUNIA
Type: UNKNOWN
29853

Source: SECUNIA
Type: UNKNOWN
29868

Source: SECUNIA
Type: UNKNOWN
29869

Source: SECUNIA
Type: UNKNOWN
29884

Source: SECUNIA
Type: UNKNOWN
29885

Source: SECUNIA
Type: UNKNOWN
30019

Source: SECUNIA
Type: UNKNOWN
30033

Source: SECUNIA
Type: UNKNOWN
30717

Source: SECUNIA
Type: UNKNOWN
31035

Source: GENTOO
Type: UNKNOWN
GLSA-200804-18

Source: CCN
Type: SECTRACK ID: 1019893
Xpdf Bug in Processing Embedded Fonts Lets Remote Users Execute Arbitrary Code

Source: SECTRACK
Type: UNKNOWN
1019893

Source: CCN
Type: ASA-2008-201
gpdf security update (RHSA-2008-0262)

Source: DEBIAN
Type: Patch
DSA-1548

Source: DEBIAN
Type: UNKNOWN
DSA-1606

Source: DEBIAN
Type: DSA-1548
xpdf -- multiple vulnerabilities

Source: DEBIAN
Type: DSA-1606
poppler -- programming error

Source: CCN
Type: GLSA-200804-18
Poppler: User-assisted execution of arbitrary code

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2008:089

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2008:173

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2008:197

Source: SUSE
Type: UNKNOWN
SUSE-SR:2008:013

Source: REDHAT
Type: UNKNOWN
RHSA-2008:0238

Source: REDHAT
Type: UNKNOWN
RHSA-2008:0239

Source: REDHAT
Type: UNKNOWN
RHSA-2008:0240

Source: REDHAT
Type: UNKNOWN
RHSA-2008:0262

Source: BID
Type: UNKNOWN
28830

Source: CCN
Type: BID-28830
Poppler and Xpdf PDF Rendering Library Embedded Font Remote Code Execution Vulnerability

Source: CCN
Type: USN-603-1
poppler vulnerability

Source: UBUNTU
Type: UNKNOWN
USN-603-1

Source: CCN
Type: USN-603-2
KOffice vulnerability

Source: UBUNTU
Type: UNKNOWN
USN-603-2

Source: VUPEN
Type: UNKNOWN
ADV-2008-1265

Source: VUPEN
Type: UNKNOWN
ADV-2008-1266

Source: XF
Type: UNKNOWN
poppler-cairofont-code-execution(41884)

Source: XF
Type: UNKNOWN
xpdf-pdf-code-execution(41884)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:11226

Source: FEDORA
Type: UNKNOWN
FEDORA-2008-3312

Source: SUSE
Type: SUSE-SR:2008:011
SUSE Security Summary Report

Source: SUSE
Type: SUSE-SR:2008:013
SUSE Security Summary Report

Vulnerable Configuration:

Configuration 1:

cpe:/a:poppler:poppler:0.1:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.1.1:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.1.2:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.2.0:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.3.0:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.3.1:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.3.2:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.3.3:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.4.0:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.4.1:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.4.2:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.4.3:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.4.4:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.5.0:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.5.1:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.5.2:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.5.3:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.5.4:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.5.9:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.5.91:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.6.0:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.6.1:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.6.2:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.6.3:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.6.4:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.7.0:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.7.1:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.7.2:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:*:*:*:*:*:*:*:* (Version <= 0.7.3)

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

Configuration RedHat 6:

cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

Configuration RedHat 7:

cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

Configuration RedHat 8:

cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*

Configuration RedHat 9:

cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

Configuration CCN 1:

cpe:/a:poppler:poppler:0.1:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.1.1:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.1.2:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.2.0:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.3.0:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.3.1:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.3.2:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.3.3:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.4.0:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.4.1:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.4.2:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.4.3:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.4.4:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.5.0:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.5.1:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.5.2:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.5.3:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.5.4:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.5.9:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.5.91:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.6.0:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.6.1:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.6.2:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.6.3:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.6.4:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.7.0:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.7.1:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.7.2:*:*:*:*:*:*:*

OR cpe:/a:poppler:poppler:0.7.3:*:*:*:*:*:*:*

AND

cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

OR cpe:/o:canonical:ubuntu:6.06::lts:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0::x86_64:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.0::x86-64:*:*:*:*:*

OR cpe:/o:debian:debian_linux:4.0:*:*:*:*:*:*:*

OR cpe:/o:canonical:ubuntu:7.04:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:server:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*

OR cpe:/o:canonical:ubuntu:7.10:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:x86_64:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4.6.z:ga:as:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:4.6.z:ga:es:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20081693	V	CVE-2008-1693	2022-06-30
oval:org.opensuse.security:def:42285	P	Security update for e2fsprogs (Important)	2022-05-16
oval:org.opensuse.security:def:112129	P	cups-2.3.3op2-4.2 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:26220	P	Security update for MozillaFirefox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:31755	P	Security update for libvirt (Important)	2022-01-10
oval:org.opensuse.security:def:33067	P	Security update for libqt4 (Important)	2021-12-22
oval:org.opensuse.security:def:32236	P	Security update for MozillaFirefox (Important)	2021-12-12
oval:org.opensuse.security:def:31716	P	Security update for mozilla-nss (Important)	2021-12-06
oval:org.opensuse.security:def:31712	P	Security update for xen (Moderate)	2021-12-01
oval:org.opensuse.security:def:31311	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:105665	P	Security update for samba (Important)	2021-11-16
oval:org.opensuse.security:def:26160	P	Security update for binutils (Moderate)	2021-11-09
oval:org.opensuse.security:def:33028	P	Security update for git (Low)	2021-10-20
oval:org.opensuse.security:def:26139	P	Security update for libvirt (Moderate)	2021-10-04
oval:org.opensuse.security:def:32180	P	Security update for file (Important)	2021-09-02
oval:org.opensuse.security:def:26107	P	Security update for openssl-1_0_0 (Important)	2021-08-24
oval:org.opensuse.security:def:32165	P	Security update for cpio (Important)	2021-08-23
oval:org.opensuse.security:def:31667	P	Security update for fetchmail (Moderate)	2021-08-18
oval:org.opensuse.security:def:31234	P	Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)	2021-07-27
oval:org.opensuse.security:def:31656	P	Security update for systemd (Important)	2021-07-21
oval:org.opensuse.security:def:26079	P	Security update for gupnp (Important)	2021-06-18
oval:org.opensuse.security:def:32121	P	Security update for webkit2gtk3 (Important)	2021-06-17
oval:org.opensuse.security:def:42087	P	Security update for libxml2 (Moderate)	2021-06-09
oval:org.opensuse.security:def:36104	P	cups-1.3.9-8.46.56.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36386	P	cups-devel-1.3.9-8.46.56.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:42511	P	cups-1.3.9-8.46.56.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:32099	P	Security update for djvulibre (Important)	2021-05-31
oval:org.opensuse.security:def:26058	P	Security update for postgresql10 (Moderate)	2021-05-27
oval:org.opensuse.security:def:31611	P	Security update for libnettle (Important)	2021-04-28
oval:org.opensuse.security:def:31160	P	Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP3) (Important)	2021-04-28
oval:org.opensuse.security:def:31149	P	Security update for spamassassin (Important)	2021-04-12
oval:org.opensuse.security:def:31148	P	Security update for fwupdate (Important)	2021-04-08
oval:org.opensuse.security:def:32060	P	Security update for the Linux Kernel (Live Patch 32 for SLE 12 SP3) (Important)	2021-04-07
oval:org.opensuse.security:def:32285	P	Security update for MozillaFirefox (Important)	2021-03-31
oval:org.opensuse.security:def:31368	P	Security update for openssl (Moderate)	2021-03-24
oval:org.opensuse.security:def:31366	P	Security update for wavpack (Important)	2021-03-24
oval:org.opensuse.security:def:26204	P	Security update for freeradius-server (Low)	2021-03-04
oval:org.opensuse.security:def:31345	P	Security update for krb5-appl (Important)	2021-02-19
oval:org.opensuse.security:def:31346	P	Security update for java-1_8_0-openjdk (Moderate)	2021-02-19
oval:org.opensuse.security:def:26146	P	Security update for python3 (Important)	2021-02-08
oval:org.opensuse.security:def:31655	P	Security update for MozillaFirefox (Important)	2021-01-29
oval:org.opensuse.security:def:31357	P	Security update for MozillaFirefox (Important)	2021-01-12
oval:org.opensuse.security:def:31219	P	Security update for openssh (Moderate)	2021-01-05
oval:org.opensuse.security:def:31570	P	Security update for cyrus-sasl (Important)	2020-12-28
oval:org.opensuse.security:def:32011	P	Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP3) (Important)	2020-12-07
oval:org.opensuse.security:def:31087	P	Security update for the Linux Kernel (Live Patch 30 for SLE 12 SP3) (Important)	2020-12-07
oval:org.opensuse.security:def:31563	P	Security update for mutt (Important)	2020-12-07
oval:org.opensuse.security:def:35878	P	cups-1.3.9-8.46.46.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35533	P	cups-1.3.9-8.30.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35680	P	cups-1.3.9-8.44.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:41940	P	cups-1.3.9-8.30.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:25085	P	Security update for permissions (Moderate)	2020-12-01
oval:org.opensuse.security:def:25808	P	Security update for LibreOffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:31902	P	Security update for MozillaFirefox, mozilla-nss (Important)	2020-12-01
oval:org.opensuse.security:def:26877	P	cups on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25428	P	Security update for LibVNCServer (Important)	2020-12-01
oval:org.opensuse.security:def:31431	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:27349	P	mailx-openssl1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25160	P	Security update for icu (Moderate)	2020-12-01
oval:org.opensuse.security:def:25910	P	Security update for gstreamer-0_10-plugins-base (Low)	2020-12-01
oval:org.opensuse.security:def:31968	P	Security update for ipmitool (Important)	2020-12-01
oval:org.opensuse.security:def:25440	P	Security update for python-xdg (Moderate)	2020-12-01
oval:org.opensuse.security:def:26283	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:32346	P	Security update for sqlite3 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25936	P	Security update for libreoffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:25369	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25963	P	Security update for ImageMagick (Important)	2020-12-01
oval:org.opensuse.security:def:32645	P	cups on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25632	P	Security update for aspell (Moderate)	2020-12-01
oval:org.opensuse.security:def:31799	P	Security update for SDL (Moderate)	2020-12-01
oval:org.opensuse.security:def:26371	P	Security update for Chromium (Important)	2020-12-01
oval:org.opensuse.security:def:26011	P	Security update for gwenhywfar (Moderate)	2020-12-01
oval:org.opensuse.security:def:25510	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:26645	P	unrar on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25770	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:26429	P	Security update for keepalived (Moderate)	2020-12-01
oval:org.opensuse.security:def:31571	P	Security update for strongswan (Moderate)	2020-12-01
oval:org.opensuse.security:def:25714	P	Security update for libpng16 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31777	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:25232	P	Security update for sudo (Important)	2020-12-01
oval:org.opensuse.security:def:26005	P	Security update for libcdio (Moderate)	2020-12-01
oval:org.opensuse.security:def:27102	P	cups on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25653	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:26361	P	Security update for kopete (Low)	2020-12-01
oval:org.opensuse.security:def:25802	P	Recommended update for LibreOffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:32459	P	Security update for xorg-x11-libX11 (Important)	2020-12-01
oval:org.opensuse.security:def:25307	P	Security update for libX11 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31515	P	Security update for quagga (Low)	2020-12-01
oval:org.opensuse.security:def:25665	P	Security update for libqt5-qtbase (Important)	2020-12-01
oval:org.opensuse.security:def:31880	P	Security update for dhcpcd (Important)	2020-12-01
oval:org.opensuse.security:def:26565	P	hplip on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25860	P	Security update for bash (Moderate)	2020-12-01
oval:org.opensuse.security:def:31002	P	Security update for java-1_6_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:25516	P	Security update for file-roller (Moderate)	2020-12-01
oval:org.opensuse.security:def:31758	P	Security update for LibVNCServer (Important)	2020-12-01
oval:org.opensuse.security:def:32842	P	cups on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25857	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:32024	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26653	P	xorg-x11-Xvnc on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26533	P	cups on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25084	P	Security update for clamav (Important)	2020-12-01
oval:org.opensuse.security:def:25657	P	Security update for graphviz (Low)	2020-12-01
oval:org.opensuse.security:def:31863	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:26842	P	xen on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25995	P	Security update for mariadb (Moderate)	2020-12-01
oval:org.opensuse.security:def:26711	P	gnutls on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25096	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25861	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31924	P	Security update for ghostscript-library (Moderate)	2020-12-01
oval:org.opensuse.security:def:25429	P	Security update for libzypp (Moderate)	2020-12-01
oval:org.opensuse.security:def:26230	P	Security update for libreoffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:32324	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:27384	P	cups-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25935	P	Security update for libcares2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25288	P	Security update for webkit2gtk3 (Important)	2020-12-01
oval:org.opensuse.security:def:31455	P	Security update for postgresql10 (Important)	2020-12-01
oval:org.opensuse.security:def:25949	P	Security update for icu (Moderate)	2020-12-01
oval:org.opensuse.security:def:32606	P	syslog-ng on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25504	P	Security update for libvirt (Important)	2020-12-01
oval:org.opensuse.security:def:26332	P	Security update for karchive (Important)	2020-12-01
oval:org.opensuse.security:def:32390	P	Security update for tomcat6 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25947	P	Security update for freerdp (Important)	2020-12-01
oval:org.opensuse.security:def:25426	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26007	P	Security update for libid3tag (Moderate)	2020-12-01
oval:org.opensuse.security:def:25713	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31955	P	Security update for gstreamer-0_10-plugins-good (Important)	2020-12-01
oval:org.opensuse.security:def:26385	P	Security update for go (Moderate)	2020-12-01
oval:org.opensuse.security:def:25661	P	Security update for opensc (Low)	2020-12-01
oval:org.opensuse.security:def:26680	P	cups on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25231	P	Security update for gcc9 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25854	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:27067	P	LibVNCServer on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31582	P	Security update for tar (Moderate)	2020-12-01
oval:org.opensuse.security:def:26277	P	Security update for libreoffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:25763	P	Security Update for Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31821	P	Security update for avahi (Moderate)	2020-12-01
oval:org.opensuse.security:def:25243	P	Security update for java-1_8_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:31458	P	Security update for postgresql91 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25654	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:31788	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:26512	P	Security update for pdns-recursor (Moderate)	2020-12-01
oval:org.opensuse.security:def:25816	P	Security update for libqt4 (Moderate)	2020-12-01
oval:org.opensuse.security:def:32498	P	cups on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31001	P	Security update for java-1_6_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:25435	P	Security update for ghostscript (Important)	2020-12-01
oval:org.opensuse.security:def:31602	P	Security update for tomcat6	2020-12-01
oval:org.opensuse.security:def:32803	P	w3m on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25729	P	Security update for spamassassin (Important)	2020-12-01
oval:org.opensuse.security:def:31937	P	Security update for glibc (Moderate)	2020-12-01
oval:org.opensuse.security:def:26614	P	mozilla-xulrunner190 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26498	P	Security update for nextcloud (Moderate)	2020-12-01
oval:org.opensuse.security:def:31013	P	Security update for java-1_7_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:25573	P	Security update for ghostscript (Important)	2020-12-01
oval:org.opensuse.security:def:31814	P	Security update for apache2-mod_nss (Moderate)	2020-12-01
oval:org.opensuse.security:def:25938	P	Security update for evince (Important)	2020-12-01
oval:org.opensuse.security:def:26667	P	apache2 on GA media (Moderate)	2020-12-01
oval:org.mitre.oval:def:17356	P	USN-603-1 -- poppler vulnerability	2014-06-30
oval:org.mitre.oval:def:17726	P	USN-603-2 -- koffice vulnerability	2014-06-30
oval:org.mitre.oval:def:7493	P	DSA-1548 xpdf -- several vulnerabilities	2014-06-23
oval:org.mitre.oval:def:20341	P	DSA-1548-1 xpdf	2014-06-23
oval:org.mitre.oval:def:21829	P	ELSA-2008:0239: poppler security update (Important)	2014-05-26
oval:org.mitre.oval:def:11226	V	The CairoFont::create function in CairoFontEngine.cc in Poppler, possibly before 0.8.0, as used in Xpdf, Evince, ePDFview, KWord, and other applications, does not properly handle embedded fonts in PDF files, which allows remote attackers to execute arbitrary code via a crafted font object, related to dereferencing a function pointer associated with the type of this font object.	2013-04-29
oval:com.redhat.rhsa:def:20080262	P	RHSA-2008:0262: gpdf security update (Important)	2008-05-08
oval:com.redhat.rhsa:def:20080238	P	RHSA-2008:0238: kdegraphics security update (Important)	2008-04-17
oval:org.debian:def:1548	V	several vulnerabilities	2008-04-17
oval:com.redhat.rhsa:def:20080239	P	RHSA-2008:0239: poppler security update (Important)	2008-04-17
oval:com.redhat.rhsa:def:20080240	P	RHSA-2008:0240: xpdf security update (Important)	2008-04-17