This script is Copyright (C) 2008-2015 Tenable Network Security, Inc.
The remote Debian host is missing a security-related update.
Alin Rad Pop (Secunia) discovered a number of vulnerabilities in xpdf,
a set of tools for display and conversion of Portable Document Format
(PDF) files. The Common Vulnerabilities and Exposures project
identifies the following three problems :
Inadequate DCT stream validation allows an attacker to
corrupt memory and potentially execute arbitrary code by
supplying a maliciously crafted PDF file.
An integer overflow vulnerability in DCT stream handling
could allow an attacker to overflow a heap buffer,
enabling the execution of arbitrary code.
A buffer overflow vulnerability in xpdf's CCITT image
compression handlers allows overflow on the heap,
allowing an attacker to execute arbitrary code by
supplying a maliciously crafted CCITTFaxDecode filter.
See also :
Upgrade the xpdf packages.
For the stable distribution (etch), these problems have been fixed in
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 8.1
Public Exploit Available : false