Bug#292002: "Decrypt::makeFileKey2()" Buffer Overflow
Package: kpdf
Version: 3.x
Severity: grave
Tags: security patch
TITLE:
KOffice "Decrypt::makeFileKey2()" Buffer Overflow
SECUNIA ADVISORY ID:
SA13934
VERIFY ADVISORY:
http://secunia.com/advisories/13934/
CRITICAL:
Highly critical
IMPACT:
System access
WHERE:
>From remote
SOFTWARE:
KOffice 1.x
http://secunia.com/product/4155/
DESCRIPTION:
A vulnerability has been reported in KOffice, which can be exploited
by malicious people to compromise a user's system.
For more information:
SA13903
The vulnerability has been reported in versions 1.3 through 1.3.5.
SOLUTION:
Apply patch.
KOffice 1.3.5:
ftp://ftp.kde.org/pub/kde/security_patches/post-1.3.5-koffice.diff
ORIGINAL ADVISORY:
http://www.kde.org/info/security/advisory-20050120-1.txt
OTHER REFERENCES:
SA13903:
http://secunia.com/advisories/13903/
Reply to: