Scientific Linux Security Update : poppler on SL5.x i386/x86_64
Medium Nessus Plugin ID 60391
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionKees Cook discovered a flaw in the way poppler displayed malformed fonts embedded in PDF files. An attacker could create a malicious PDF file that would cause applications that use poppler -- such as Evince
-- to crash, or, potentially, execute arbitrary code when opened.
SolutionUpdate the affected poppler, poppler-devel and / or poppler-utils packages.