FreeBSD : xpdf -- multiple remote Stream.CC vulnerabilities (2747fc39-915b-11dc-9239-001c2514716c)

NASLDB: FreeBSD : xpdf -- multiple remote Stream.CC vulnerabilities (2747fc39-915b-11dc-9239-001c2514716c)

General

ID: 28193
Name: FreeBSD : xpdf — multiple remote Stream.CC vulnerabilities (2747fc39-915b-11dc-9239-001c2514716c)

Summary: Checks for updated packages in pkg_info output

Credits: Tenable Network Security, Inc.

Classification

Risk: –

CVSS: –
CVSS Base Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Port: 0
Family: FreeBSD Local Security Checks
Type: Local

Description

Secunia Research reports :

Secunia Research has discovered some vulnerabilities in Xpdf, which
can be exploited by malicious people to compromise a user’s system.

– An array indexing error within the
‘DCTStream::readProgressiveDataUnit()’ method in xpdf/Stream.cc can be
exploited to corrupt memory via a specially crafted PDF file.

– An integer overflow error within the ‘DCTStream::reset()’ method in
xpdf/Stream.cc can be exploited to cause a heap-based buffer overflow
via a specially crafted PDF file.

– A boundary error within the ‘CCITTFaxStream::lookChar()’ method in
xpdf/Stream.cc can be exploited to cause a heap-based buffer overflow
by tricking a user into opening a PDF file containing a specially
crafted ‘CCITTFaxDecode’ filter.

Successful exploitation may allow execution of arbitrary code.

Exploiting

Exploit Available: False
Exploitability Ease: No known exploits are available

Sources

CVE: CVE-2007-4352
OSVDB: –
Bugtraq: –
scipID: –

Timeline

Vulnerability Disclosure: 2007/11/07
Patch Release: 2007/11/12
Plugin Release: 2007/11/14

Plugin

Version: 1.12
Filename: freebsd_pkg_2747fc39915b11dc9239001c2514716c.nasl
Filesize: 5358 bytes
MD5 Hash: 51dfa0245b4a4182928d4c6d78136985

Identification: Host/local_checks_enabled
Require Keys: Host/local_checks_enabled", "Host/FreeBSD/release", "Host/FreeBSD/pkg_info
Dependencies: "ssh_get_info.nasl"