[Openvas-commits] r3338 - trunk/openvas-plugins/scripts

scm-commit@wald.intevation.org scm-commit at wald.intevation.org
Tue May 12 16:52:20 CEST 2009


Author: reinke
Date: 2009-05-12 16:52:19 +0200 (Tue, 12 May 2009)
New Revision: 3338

Modified:
   trunk/openvas-plugins/scripts/deb_1790_1.nasl
Log:


Modified: trunk/openvas-plugins/scripts/deb_1790_1.nasl
===================================================================
--- trunk/openvas-plugins/scripts/deb_1790_1.nasl	2009-05-12 14:30:53 UTC (rev 3337)
+++ trunk/openvas-plugins/scripts/deb_1790_1.nasl	2009-05-12 14:52:19 UTC (rev 3338)
@@ -40,86 +40,9 @@
 Several vulnerabilities have been identified in xpdf, a suite of tools
 for viewing and converting Portable Document Format (PDF) files.
 
-The Common Vulnerabilities and Exposures project identifies the
-following problems:
+For details on the issues addressed with this update, please visit
+the referenced security advisories.
 
-CVE-2009-0146
-
-Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and
-earlier, CUPS 1.3.9 and earlier, and other products allow remote
-attackers to cause a denial of service (crash) via a crafted PDF file,
-related to (1) JBIG2SymbolDict::setBitmap and (2)
-JBIG2Stream::readSymbolDictSeg.
-
-CVE-2009-0147
-
-Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and
-earlier, CUPS 1.3.9 and earlier, and other products allow remote
-attackers to cause a denial of service (crash) via a crafted PDF file,
-related to (1) JBIG2Stream::readSymbolDictSeg, (2)
-JBIG2Stream::readSymbolDictSeg, and (3) JBIG2Stream::readGenericBitmap.
-
-CVE-2009-0165
-
-Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, as
-used in Poppler and other products, when running on Mac OS X, has
-unspecified impact, related to g*allocn.
-
-CVE-2009-0166
-
-The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and
-earlier, and other products allows remote attackers to cause a denial
-of service (crash) via a crafted PDF file that triggers a free of
-uninitialized memory.
-
-CVE-2009-0799
-
-The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier,
-Poppler before 0.10.6, and other products allows remote attackers to
-cause a denial of service (crash) via a crafted PDF file that triggers
-an out-of-bounds read.
-
-CVE-2009-0800
-
-Multiple input validation flaws in the JBIG2 decoder in Xpdf 3.02pl2
-and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other
-products allow remote attackers to execute arbitrary code via a crafted
-PDF file.
-
-CVE-2009-1179
-
-Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS
-1.3.9 and earlier, Poppler before 0.10.6, and other products allows
-remote attackers to execute arbitrary code via a crafted PDF file.
-
-CVE-2009-1180
-
-The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier,
-Poppler before 0.10.6, and other products allows remote attackers to
-execute arbitrary code via a crafted PDF file that triggers a free of
-invalid data.
-
-CVE-2009-1181
-
-The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier,
-Poppler before 0.10.6, and other products allows remote attackers to
-cause a denial of service (crash) via a crafted PDF file that triggers a
-NULL pointer dereference.
-
-CVE-2009-1182
-
-Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and
-earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other
-products allow remote attackers to execute arbitrary code via a crafted
-PDF file.
-
-CVE-2009-1183
-
-The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and
-earlier, Poppler before 0.10.6, and other products allows remote
-attackers to cause a denial of service (infinite loop and hang) via a
-crafted PDF file.
-
 For the old stable distribution (etch), these problems have been fixed in version
 3.01-9.1+etch6.
 



More information about the Openvas-commits mailing list