Mandrake Linux Security Advisory : gpdf (MDKSA-2005:016)
High Nessus Plugin ID 16253
SynopsisThe remote Mandrake Linux host is missing a security update.
DescriptionA buffer overflow vulnerability was discovered in the xpdf PDF code, which could allow for arbitrary code execution as the user viewing a PDF file. The vulnerability exists due to insufficient bounds checking while processing a PDF file that provides malicious values in the /Encrypt /Length tag. Gpdf uses xpdf code and is susceptible to the same vulnerability.
The updated packages have been patched to prevent these problems.
SolutionUpdate the affected gpdf package.