Oracle Linux 4 : gpdf (ELSA-2009-1681)
High Nessus Plugin ID 67977
SynopsisThe remote Oracle Linux host is missing a security update.
DescriptionFrom Red Hat Security Advisory 2009:1681 :
An updated gpdf package that fixes a security issue is now available for Red Hat Enterprise Linux 4.
This update has been rated as having important security impact by the Red Hat Security Response Team.
GPdf is a viewer for Portable Document Format (PDF) files.
Petr Gajdos and Christian Kornacker of SUSE reported a buffer overflow flaw in GPdf's Type 1 font parser. A specially crafted PDF file with an embedded Type 1 font could cause GPdf to crash or, possibly, execute arbitrary code when opened. (CVE-2009-4035)
Users are advised to upgrade to this updated package, which contains a backported patch to correct this issue.
SolutionUpdate the affected gpdf package.