OpenBSD VuXML: Documenting security issues in the OpenBSD Ports & Packages Collection

tetex -- buffer overflow vunerability in included xpdf

Affected packages
teTeX_base < 2.0.2p1
teTeX_base-no_x11 < 2.0.2p1

Details

VuXML ID 682743ae-5774-11d9-8c22-080020f8e4df
Discovery 2004-12-21
Entry 2004-12-25

teTeX includes its own version of xpdf in order to link pdftex and is affected by the following xpdf vulnerability.

iDEFENSE reports:

Remote exploitation of a buffer overflow vulnerability in the xpdf PDF viewer, as included in multiple Linux distributions, could allow attackers to execute arbitrary code as the user viewing a PDF file. The offending code can be found in the Gfx::doImage() function in the source file xpdf/Gfx.cc.

[source]

References

URL http://www.idefense.com/application/poi/display?id=172&type=vulnerabilities&flashstatus=false

Copyright © 2003-2005 Jacques Vidrine, Robert Nagy, and contributors.
Please see the source of this document for full copyright information.