SuSE 10 Security Update : poppler (ZYPP Patch Number 6315)

This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.


Synopsis :

The remote SuSE 10 host is missing a security-related patch.

Description :

This update of poppler: fix various security bugs that occur while
decoding JBIG2. (CVE-2009-0146 / CVE-2009-0147 / CVE-2009-0165 /
CVE-2009-0166 / CVE-2009-0799 / CVE-2009-0800 / CVE-2009-1179 /
CVE-2009-1180 / CVE-2009-1181 / CVE-2009-1182 / CVE-2009-1183)

Further a denial of service bug in function
FormWidgetChoice::loadDefaults() (CVE-2009-0755) and
JBIG2Stream::readSymbolDictSeg() (CVE-2009-0756) was closed that could
be triggered via malformed PDF files.

See also :

http://support.novell.com/security/cve/CVE-2009-0146.html
http://support.novell.com/security/cve/CVE-2009-0147.html
http://support.novell.com/security/cve/CVE-2009-0165.html
http://support.novell.com/security/cve/CVE-2009-0166.html
http://support.novell.com/security/cve/CVE-2009-0755.html
http://support.novell.com/security/cve/CVE-2009-0756.html
http://support.novell.com/security/cve/CVE-2009-0799.html
http://support.novell.com/security/cve/CVE-2009-0800.html
http://support.novell.com/security/cve/CVE-2009-1179.html
http://support.novell.com/security/cve/CVE-2009-1180.html
http://support.novell.com/security/cve/CVE-2009-1181.html
http://support.novell.com/security/cve/CVE-2009-1182.html
http://support.novell.com/security/cve/CVE-2009-1183.html

Solution :

Apply ZYPP patch number 6315.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now