‘KDE Okular PDB Parsing RLE Decompression Buffer Overflow Vulnerability’
‘The information has been provided by Stefan Cornelius.
The original article can be found at: http://secunia.com/secunia_research/2010-109/‘
KDE Okular version 4.4.5
The vulnerability is caused by a boundary error within the RLE decompression in the ‘TranscribePalmImageToJPEG()’ function in generators/plucker/unpluck/image.cpp. This can be exploited to cause a heap-based buffer overflow by e.g. tricking a user into opening a specially crafted PDB file.
Apply patches. See the vendor’s advisory for additional details.
11/08/2010 – Vendor notified.
25/08/2010 – Public disclosure.’