Bug#322458: CAN-2005-2097: DoS vulnerability through PDFs with crafted loca tables

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#322458: CAN-2005-2097: DoS vulnerability through PDFs with crafted loca tables
From: Moritz Muehlenhoff <jmm@inutil.org>
Date: Wed, 10 Aug 2005 21:00:52 +0200
Message-id: <[🔎] E1E2voq-0001SS-Lv@localhost.localdomain>
Reply-to: Moritz Muehlenhoff <jmm@inutil.org>, 322458@bugs.debian.org

Package: kpdf
Severity: important
Tags: security patch

A DoS vulnerability has been found in xpdf that affects the kpdf
of the soon to be uploaded 3.4.1 packages:

| kpdf, the KDE pdf viewer, shares code with xpdf. xpdf contains
| a vulnerability that causes it to write a file in $TMPDIR with
| almost infinite size, which can severly impact system performance.

Please see this URL for details and a patch:
http://www.kde.org/info/security/advisory-20050809-1.txt

Cheers,
        Moritz

-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.12-rc5
Locale: LANG=C, LC_CTYPE=de_DE.ISO-8859-15@euro (charmap=ISO-8859-15)

Reply to:

Follow-Ups:
- Bug#322458: CAN-2005-2097: DoS vulnerability through PDFs with crafted loca tables
  - From: Isaac Clerencia <isaac@warp.es>
- Bug#322458: marked as done (CAN-2005-2097: DoS vulnerability through PDFs with crafted loca tables)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: Bug#322403: qt4-dev-tools: dangling symlink to linguist manpage
Next by Date: Bug#322458: CAN-2005-2097: DoS vulnerability through PDFs with crafted loca tables
Previous by thread: Bug#322403: marked as done (qt4-dev-tools: dangling symlink to linguist manpage)
Next by thread: Bug#322458: CAN-2005-2097: DoS vulnerability through PDFs with crafted loca tables
Index(es):
- Date
- Thread