Package: kpdf Version: 3.x Severity: grave Tags: security sarge sid patch The version in woody is not affected by this problem.
TITLE: KDE kpdf "Decrypt::makeFileKey2()" Buffer Overflow SECUNIA ADVISORY ID: SA13916 VERIFY ADVISORY: http://secunia.com/advisories/13916/ CRITICAL: Highly critical IMPACT: System access WHERE: >From remote SOFTWARE: KDE 3.x http://secunia.com/product/219/ DESCRIPTION: The vendor has acknowledged a vulnerability in kpdf, which can be exploited by malicious people to compromise a user's system. For more information: SA13903 SOLUTION: Apply patches. KDE 3.2.3: ftp://ftp.kde.org/pub/kde/security_patches/post-3.2.3-kdegraphics-3.diff KDE 3.3.2: ftp://ftp.kde.org/pub/kde/security_patches/post-3.3.2-kdegraphics-3.diff ORIGINAL ADVISORY: http://www.kde.org/info/security/advisory-20050119-1.txt OTHER REFERENCES: SA13903: http://secunia.com/advisories/13903/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
