How to Buy
This script is Copyright (C) 2004-2014 Tenable Network Security, Inc.
The remote Red Hat host is missing a security update.
An updated xpdf package that fixes a number of integer overflow
security flaws is now available.
Xpdf is an X Window System based viewer for Portable Document Format
During a source code audit, Chris Evans and others discovered a number
of integer overflow bugs that affected all versions of xpdf. An
attacker could construct a carefully crafted PDF file that could cause
xpdf to crash or possibly execute arbitrary code when opened. The
Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2004-0888 to this issue.
Users of xpdf are advised to upgrade to this errata package, which
contains a backported patch correcting these issues.
See also :
Update the affected xpdf package.
Risk factor :
Critical / CVSS Base Score : 10.0
Family: Red Hat Local Security Checks
Nessus Plugin ID: 15632 ()
CVE ID: CVE-2004-0888
Nessus Professional: Scan unlimited IPs, run compliance checks & moreNessus Cloud: The power of Nessus for teams – from the cloud
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.