French Security Incident Response Team

Termes et NomenclatureDéfinition des niveaux de risquesConfidentialité et Charte de confianceService FrSIRT VNS

FrSIRT   

      

   français Français   anglais English

 
Veille en vulnérabilités
FrSIRT VNS Publisher
Demande d'informations
Période d'essai gratuite
 

Bulletins et avis de vulnérabilités
Bulletins de sécurité et avis de vulnérabilités Linux
Virus & AlertesMenaces en temps réel / Blog Sécurité Informatique
Attaques Zero-day (0-jour)
Rechercher une vulnérabilité
 

Déclarer un incident de sécurité
Mailing liste Newsletter Sécurité informatique
 

A propos de FrSIRT / ADConsulting
Nos Clients & RéférencesFrSIRT Dans la presse
Espace Annonceurs
Offre d'emploi et stage Sécurité Informatique
Nous contacter

Mandriva Security Update Fixes Poppler Multiple Code Execution Issues

Date de Publication : 2007-11-20 © FrSIRT.COM
Titre : Mandriva Security Update Fixes Poppler Multiple Code Execution Issues
Identifiant : FrSIRT/AVIS-2007-3917
CVE ID : CVE-2007-4352 - CVE-2007-5392 - CVE-2007-5393
Risque : Elevé (3/4) -
Exploitable à distance : Oui
Exploitable en local : Oui
 

En savoir plus
 
  Description
  Produits affectés
  Solution
  Références
Description Technique    TXT (Plain Text)  PDF (Portable Document Format)  XML (Extensible Markup Language)  SMS (Short Message Service) 

Plusieurs vulnérabilités ont été identifiées dans Mandriva, elles pourraient être exploitées par des attaquants afin de causer un déni de service ou compromettre un système vulnérable [...]

Solution

Installer les mises à jour :

Mandriva Linux 2007.1:
9f040875778bb940669bd2bfdbef248c 2007.1/i586/libpoppler-qt1-0.5.4-3.3mdv2007.1.i586.rpm
804046d0a838cb3a0a5e355fb118b1bc 2007.1/i586/libpoppler-qt1-devel-0.5.4-3.3mdv2007.1.i586.rpm
dd83d0b61f2ad91ea79f314752a0f514 2007.1/i586/libpoppler-qt4-1-0.5.4-3.3mdv2007.1.i586.rpm
05d0deb14ec5dad80d8d400756b3d183 2007.1/i586/libpoppler-qt4-1-devel-0.5.4-3.3mdv2007.1.i586.rpm
a23fb37129c8756e353fe47be6d6a8be 2007.1/i586/libpoppler1-0.5.4-3.3mdv2007.1.i586.rpm
6db198b349d7ebe355d809732ddb21bb 2007.1/i586/libpoppler1-devel-0.5.4-3.3mdv2007.1.i586.rpm
3e280873492799bebdec28872351052e 2007.1/i586/poppler-0.5.4-3.3mdv2007.1.i586.rpm
40600d9ccb1e7f7a76cb4ccf447e9e40 2007.1/SRPMS/poppler-0.5.4-3.3mdv2007.1.src.rpm

Mandriva Linux 2007.1/X86_64:
b49094eb08c809397081d357f7251166 2007.1/x86_64/lib64poppler-qt1-0.5.4-3.3mdv2007.1.x86_64.rpm
e6f52d8bb5d9f84458ae6892cd7800da 2007.1/x86_64/lib64poppler-qt1-devel-0.5.4-3.3mdv2007.1.x86_64.rpm
4d08d7343c94a016928cef93490af098 2007.1/x86_64/lib64poppler-qt4-1-0.5.4-3.3mdv2007.1.x86_64.rpm
b0f8d4b4c5f1917c61687900a119e685 2007.1/x86_64/lib64poppler-qt4-1-devel-0.5.4-3.3mdv2007.1.x86_64.rpm
0955492bd1319fdc2e74c2528994e2bc 2007.1/x86_64/lib64poppler1-0.5.4-3.3mdv2007.1.x86_64.rpm
f918b50ec88a2aca954c156c33c605e8 2007.1/x86_64/lib64poppler1-devel-0.5.4-3.3mdv2007.1.x86_64.rpm
24fdcc57f5c7481e6732f45e43e49d51 2007.1/x86_64/poppler-0.5.4-3.3mdv2007.1.x86_64.rpm
40600d9ccb1e7f7a76cb4ccf447e9e40 2007.1/SRPMS/poppler-0.5.4-3.3mdv2007.1.src.rpm

Mandriva Linux 2008.0:
840730bb310636d43a3d07a6d4d4f281 2008.0/i586/libpoppler-devel-0.6-3.1mdv2008.0.i586.rpm
9d6109683ae8729ad549c56d2f8998c1 2008.0/i586/libpoppler-glib-devel-0.6-3.1mdv2008.0.i586.rpm
b69e7e912fe2f532c5a9ed7c3687eb42 2008.0/i586/libpoppler-glib2-0.6-3.1mdv2008.0.i586.rpm
cea89e4b36cbe99060e3568038474078 2008.0/i586/libpoppler-qt-devel-0.6-3.1mdv2008.0.i586.rpm
64a459904bf417570e4f2b8e0d550c77 2008.0/i586/libpoppler-qt2-0.6-3.1mdv2008.0.i586.rpm
5d1c9970275811b934599f95b5264d7d 2008.0/i586/libpoppler-qt4-2-0.6-3.1mdv2008.0.i586.rpm
7bbfdb4209d40f503bedc8e10e4687df 2008.0/i586/libpoppler-qt4-devel-0.6-3.1mdv2008.0.i586.rpm
812e34a9b25b4e28169bf84804da8325 2008.0/i586/libpoppler2-0.6-3.1mdv2008.0.i586.rpm
57380d8dcef7e2b404ed6a7571969bfe 2008.0/i586/poppler-0.6-3.1mdv2008.0.i586.rpm
697118d63ace272626e64555f7b8cffd 2008.0/SRPMS/poppler-0.6-3.1mdv2008.0.src.rpm

Mandriva Linux 2008.0/X86_64:
f64a05a64b742ac4a40a07b8c43b9545 2008.0/x86_64/lib64poppler-devel-0.6-3.1mdv2008.0.x86_64.rpm
5d9963749a1315a570e9a70783c078da 2008.0/x86_64/lib64poppler-glib-devel-0.6-3.1mdv2008.0.x86_64.rpm
8d62d129c9279da1ed306a02785d5a7f 2008.0/x86_64/lib64poppler-glib2-0.6-3.1mdv2008.0.x86_64.rpm
f844c25e098d3b295cba161a07795b36 2008.0/x86_64/lib64poppler-qt-devel-0.6-3.1mdv2008.0.x86_64.rpm
5bfdd34b678a33aeebeec9dc7b0d0dd7 2008.0/x86_64/lib64poppler-qt2-0.6-3.1mdv2008.0.x86_64.rpm
83334372f43c893ca9afdaefdd7b90d0 2008.0/x86_64/lib64poppler-qt4-2-0.6-3.1mdv2008.0.x86_64.rpm
82099121bfc50561cb3a175d9d31152b 2008.0/x86_64/lib64poppler-qt4-devel-0.6-3.1mdv2008.0.x86_64.rpm
59a614072521db19cd3b502e6d49959a 2008.0/x86_64/lib64poppler2-0.6-3.1mdv2008.0.x86_64.rpm
0a5a8795e93dc014c5f07e2ab6e73393 2008.0/x86_64/poppler-0.6-3.1mdv2008.0.x86_64.rpm
697118d63ace272626e64555f7b8cffd 2008.0/SRPMS/poppler-0.6-3.1mdv2008.0.src.rpm

Corporate 4.0:
86be8a80003ab4c7a36905eac276dbf6 corporate/4.0/i586/libpoppler-qt0-0.4.1-3.6.20060mlcs4.i586.rpm
32bae8fecaa6ec4e2b1e7e68458f889b corporate/4.0/i586/libpoppler-qt0-devel-0.4.1-3.6.20060mlcs4.i586.rpm
e9aefa230a3c897361330d91583eb4b9 corporate/4.0/i586/libpoppler0-0.4.1-3.6.20060mlcs4.i586.rpm
280a9f7aea1b3766864996d5969e69ea corporate/4.0/i586/libpoppler0-devel-0.4.1-3.6.20060mlcs4.i586.rpm
aab471f88ae46303acfef45c3464bce6 corporate/4.0/SRPMS/poppler-0.4.1-3.6.20060mlcs4.src.rpm

Corporate 4.0/X86_64:
62f84dc6ac78997484c76c0e34c74063 corporate/4.0/x86_64/lib64poppler-qt0-0.4.1-3.6.20060mlcs4.x86_64.rpm
5fda381aed07c4eaa47f48d7187449ee corporate/4.0/x86_64/lib64poppler-qt0-devel-0.4.1-3.6.20060mlcs4.x86_64.rpm
6abf5b15ba6ffa847dde37a2d0f049d0 corporate/4.0/x86_64/lib64poppler0-0.4.1-3.6.20060mlcs4.x86_64.rpm
bcbad9d141f0b9615740d5f027a24699 corporate/4.0/x86_64/lib64poppler0-devel-0.4.1-3.6.20060mlcs4.x86_64.rpm
aab471f88ae46303acfef45c3464bce6 corporate/4.0/SRPMS/poppler-0.4.1-3.6.20060mlcs4.src.rpm

Historique

2007-11-20 : Version Initiale

Recevez les bulletins FrSIRT

Le service FrSIRT VNS permet aux professionnels de la sécurité (RSSI, DSI, administrateurs et consultants) de recevoir en temps-réel, par email, SMS et flux RSS/XML, des bulletins de vulnérabilités complets, détaillés et personnalisés.
 
 

Recherche    

      

Newsletter    

    
 

Cisco Unity Security Bypass and Denial of Service

Cisco UCM SIP Remote Denial of Service

Cisco IOS Denial of Service Vulnerabilities

Cisco PIX and ASA Information Disclosure and DoS Vulnerabilities

Cisco Secure ACS EAP Remote Denial Of Service Vulnerability

Cisco Products Remote DNS Cache Poisoning Vulnerability

Cisco Wide Area Application Services CUPS Remote Vulnerability

IBM Lotus Quickr Denial of Service Vulnerabilities

IBM Tivoli Netcool/Webtop Multiple Security Bypass Vulnerabilities

IBM WebSphere Application Server Security Exposure Vulnerabilities

IBM DB2 Universal Database Multiple Denial of Service

IBM AIX "swcons" Insecure Permission Privilege Escalation Vulnerability

IBM WebSphere Application Server Cross Site Scripting Vulnerability

IBM DB2 CLR Stored Procedures Unspecified Vulnerability

Microsoft Windows Kernel Local Integer Overflow Vulnerability

Microsoft Windows Vista "WRITE_ANDX" Denial of Service Vulnerability

Microsoft Office OneNote URL Code Execution (MS08-055)

Microsoft GDI+ Multiple Code Execution Vulnerabilities (MS08-052)

Microsoft Visual Studio "Msmask32" Code Execution Vulnerability

Microsoft PowerPoint Command Execution Vulnerabilities (MS08-051)

Microsoft Windows Messenger Data Disclosure (MS08-050)

  FrSIRT.COM © Tous droits réservés 2003-2008 - Notice Légale  sécurité informatique