179056 – CVE-2006-0301 PDF splash handling heap overflow

Bug 179056 - CVE-2006-0301 PDF splash handling heap overflow

Summary: CVE-2006-0301 PDF splash handling heap overflow

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	kdegraphics
Sub Component:
Version:	4
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	high
Target Milestone:	---
Assignee:	Than Ngo
QA Contact:
Docs Contact:
URL:
Whiteboard:	impact=important,embargo=yes,reported...
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2006-01-26 21:12 UTC by Josh Bressers
Modified:	2007-11-30 22:11 UTC (History)
CC List:	1 user (show)
Fixed In Version:	FC5
Clone Of:
Environment:
Last Closed:	2006-09-22 02:17:17 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Josh Bressers 2006-01-26 21:12:45 UTC

PDF splash handling heap overflow

Dirk Mueller told vendor-sec about a buffer overflow issue in the xpdf
codebase when handling splash images.

The proposed patch is attachment 123745 [details]

Comment 3 Than Ngo 2006-02-07 10:54:31 UTC

it's now fixed in kdegraphics-3_5_1-0_2_fc4

Comment 4 Fedora Update System 2006-02-10 15:28:49 UTC

From User-Agent: XML-RPC

kdegraphics-3.5.1-0.2.fc4 has been pushed for FC4, which should resolve this issue.  If these problems are still present in this version, then please make note of it in this bug report.

Comment 5 Bill Nottingham 2006-09-22 02:17:17 UTC

Closing bugs in MODIFIED state from prior Fedora releases. If this bug persists
in a current Fedora release (such as Fedora Core 5 or later), please reopen and
set the version appropriately.

Note You need to log in before you can comment on or make changes to this bug.