+++ This bug was initially created as a clone of Bug #184307 +++ The initial fix for CVE-2005-3627 was incomplete in kdegraphics. The complete patch is attachment 125771 [details] The reproducer is attachment 125772 [details] Here is Chris Evans' original advisory, it has links to various other bad pdf files: http://scary.beasts.org/security/CESA-2005-003.txt
there's kde-3.5.1 in FC4-update. It's not effected in this new kde version http://www.kde.org/info/security/advisory-20060202-1.txt