Users of Poppler please be advised of an Important security update fix arbitrary code execution vulnerability that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)
Amplify’d from www.criticalwatch.com
RHSA-2010:0859-03: [RHSA-2010:0859-03] Important: poppler security update
Product: Red Hat Enterprise Linux
Description:
Poppler is a Portable Document Format (PDF) rendering library, used by
applications such as Evince.
Two uninitialized pointer use flaws were discovered in poppler. An attacker
could create a malicious PDF file that, when opened, would cause
applications that use poppler (such as Evince) to crash or, potentially,
execute arbitrary code. (CVE-2010-3702, CVE-2010-3703)
An array index error was found in the way poppler parsed PostScript Type 1
fonts embedded in PDF documents. An attacker could create a malicious PDF
file that, when opened, would cause applications that use poppler (such as
Evince) to crash or, potentially, execute arbitrary code. (CVE-2010-3704)
Read more at www.criticalwatch.com
See this Amp at http://bit.ly/9r7ret
No comments:
Post a Comment