Oracle Linux 6 : poppler (ELSA-2017-2550)
Medium Nessus Plugin ID 102850
SynopsisThe remote Oracle Linux host is missing one or more security updates.
DescriptionFrom Red Hat Security Advisory 2017:2550 :
An update for poppler is now available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Poppler is a Portable Document Format (PDF) rendering library, used by applications such as Evince.
Security Fix(es) :
* An integer overflow leading to heap-based buffer overflow was found in the poppler library. An attacker could create a malicious PDF file that would cause applications that use poppler (such as Evince) to crash, or potentially execute arbitrary code when opened.
SolutionUpdate the affected poppler packages.