‘XPDF arbitrary Arbitrary Code Execution Vulnerabilities’

Published on May 26th, 2011
Summary

XPDF contains multiple vulnerabilities that could lead to arbitrary code execution.’

Credit:

‘The information has been provided by Jonathan Brossard.
The original article can be found at: http://www.toucan-system.eu/advisories/tssa-2011-01.txt


Details

Vulnerable Systems:
 * Xpdf versions up to 3.02pl5

Immune Systems:
 * Xpdf version 3.02pl6

The linux version of xpdf is linked against t1lib, which is vulnerable to multiple vulnerabilities including off by ones, integer overflows and heap corruptions. At least one of those is exploitable and allows arbitrary code to be executed on the target machine when opening a specially crafted pdf file.

When parsing specially crafted Type 1 fonts, the t1lib library is subject to several memory corruption vulnerabilities.

CVE Information:
CVE-2011-0764

Disclosure Timeline:
Date Published: 28/03/2011
Last Update: 28/03/2011′

Categories: UNIX
Tags:

Related Posts

UNIX

‘ProFTPD Response Pool Use-After-Free Code Execution Vulnerability’

'This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the ProFTPd server.'

UNIX

‘Insight Control for Linux Multiple Vulnerabilities’

'Remote unauthorized elevation of privilege, execution of arbitrary code, encryption downgrade, information disclosure and Denial of Service (DoS) vulnerabilities were identified in Insight Control for Linux.'

UNIX

‘HP-UX Running NFS/ONCplus Denial of Service Vulnerability’

'A potential security vulnerability has been identified with NFS/ONCplus running on HP-UX.'