FreeBSD : xpdf -- multiple remote Stream.CC vulnerabilities (2747fc39-915b-11dc-9239-001c2514716c)

This script is Copyright (C) 2007-2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

Secunia Research reports :

Secunia Research has discovered some vulnerabilities in Xpdf, which
can be exploited by malicious people to compromise a user's system.

- An array indexing error within the
'DCTStream::readProgressiveDataUnit()' method in xpdf/Stream.cc can be
exploited to corrupt memory via a specially crafted PDF file.

- An integer overflow error within the 'DCTStream::reset()' method in
xpdf/Stream.cc can be exploited to cause a heap-based buffer overflow
via a specially crafted PDF file.

- A boundary error within the 'CCITTFaxStream::lookChar()' method in
xpdf/Stream.cc can be exploited to cause a heap-based buffer overflow
by tricking a user into opening a PDF file containing a specially
crafted 'CCITTFaxDecode' filter.

Successful exploitation may allow execution of arbitrary code.

See also :

http://www.nessus.org/u?fe7fd6f0

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.9
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 28193 (freebsd_pkg_2747fc39915b11dc9239001c2514716c.nasl)

Bugtraq ID: 26367

CVE ID: CVE-2007-4352
CVE-2007-5392
CVE-2007-5393