Fedora Core Advisory: xpdfOct 22, 2004, 15:58 (0 Talkback[s])
Fedora Update Notification
Product : Fedora Core 2
Xpdf is an X Window System based viewer for Portable Document Format (PDF) files.
During a source code audit, Chris Evans and others discovered a number of integer overflow bugs that affected all versions of xpdf. An attacker could construct a carefully crafted PDF file that could cause xpdf to crash or possibly execute arbitrary code when opened. The Common Vulnerabilities and Exposures project (cve.mitre.org/) has assigned the name CAN-2004-0888 to this issue.
Users of xpdf are advised to upgrade to this errata package, which contains a backported patch correcting these issues.
This update can be downloaded from:
This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command.
0 Talkback[s] (click to add your comment)