‘XPDF arbitrary Arbitrary Code Execution Vulnerabilities’

Summary

XPDF contains multiple vulnerabilities that could lead to arbitrary code execution.’

Credit:

‘The information has been provided by Jonathan Brossard.
The original article can be found at: http://www.toucan-system.eu/advisories/tssa-2011-01.txt


Details

Vulnerable Systems:
 * Xpdf versions up to 3.02pl5

Immune Systems:
 * Xpdf version 3.02pl6

The linux version of xpdf is linked against t1lib, which is vulnerable to multiple vulnerabilities including off by ones, integer overflows and heap corruptions. At least one of those is exploitable and allows arbitrary code to be executed on the target machine when opening a specially crafted pdf file.

When parsing specially crafted Type 1 fonts, the t1lib library is subject to several memory corruption vulnerabilities.

CVE Information:
CVE-2011-0764

Disclosure Timeline:
Date Published: 28/03/2011
Last Update: 28/03/2011′

Categories: UNIX