漏洞信息详情
RIM Xpdf JBIG2解码器JBIG2多个缓冲区溢出和拒绝服务漏洞
- CNNVD编号:CNNVD-200907-422
- 危害等级: 中危
- CVE编号: CVE-2009-2646
- 漏洞类型: 资料不足
- 发布时间: 2009-04-16
- 威胁类型: 远程
- 更新时间: 2009-08-06
- 厂 商: rim
- 漏洞来源: Alin Rad Pop Will ...
漏洞简介
Xpdf是便携文档格式(PDF)文件的开放源码查看器 。 Xpdf的JBIG2解码器中存在多个整数溢出、缓冲区溢出、空指针引用和死循环漏洞。攻击者可以创建恶意的PDF文件,如果打开了该文件就会导致Xpdf崩溃或执行任意代码 。
漏洞公告
目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接: Debian Linux 5.0 alpha Debian kamera_3.5.9-3+lenny1_alpha.deb http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5. 9-3+lenny1_alpha.deb Debian kcoloredit_3.5.9-3+lenny1_alpha.deb http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_ 3.5.9-3+lenny1_alpha.deb Debian kdegraphics-dbg_3.5.9-3+lenny1_alpha.deb http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics -dbg_3.5.9-3+lenny1_alpha.deb Debian kdegraphics-dev_3.5.9-3+lenny1_alpha.deb http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics -dev_3.5.9-3+lenny1_alpha.deb Debian kdegraphics-doc-HTML_3.5.9-3+lenny1_all.deb http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics -doc-HTML_3.5.9-3+lenny1_all.deb Debian kdegraphics-kfile-plugins_3.5.9-3+lenny1_alpha.deb http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics -kfile-plugins_3.5.9-3+lenny1_alpha.deb Debian kdegraphics_3.5.9-3+lenny1_all.deb http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics _3.5.9-3+lenny1_all.deb Debian kdvi_3.5.9-3+lenny1_alpha.deb http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9- 3+lenny1_alpha.deb Debian kfax_3.5.9-3+lenny1_alpha.deb http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9- 3+lenny1_alpha.deb Debian kfaxview_3.5.9-3+lenny1_alpha.deb http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3. 5.9-3+lenny1_alpha.deb Debian kgamma_3.5.9-3+lenny1_alpha.deb http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5. 9-3+lenny1_alpha.deb Debian kghostview_3.5.9-3+lenny1_alpha.deb http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_ 3.5.9-3+lenny1_alpha.deb Debian kiconedit_3.5.9-3+lenny1_alpha.deb http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3 .5.9-3+lenny1_alpha.deb Debian kmrml_3.5.9-3+lenny1_alpha.deb http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9 -3+lenny1_alpha.deb Debian kolourpaint_3.5.9-3+lenny1_alpha.deb http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint _3.5.9-3+lenny1_alpha.deb Debian kooka_3.5.9-3+lenny1_alpha.deb http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9 -3+lenny1_alpha.deb Debian kpdf_3.5.9-3+lenny1_alpha.deb http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9- 3+lenny1_alpha.deb Debian kpovmodeler_3.5.9-3+lenny1_alpha.deb http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler _3.5.9-3+lenny1_alpha.deb Debian kruler_3.5.9-3+lenny1_alpha.deb http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5. 9-3+lenny1_alpha.deb Debian ksnapshot_3.5.9-3+lenny1_alpha.deb http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3 .5.9-3+lenny1_alpha.deb Debian ksvg_3.5.9-3+lenny1_alpha.deb http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9- 3+lenny1_alpha.deb Debian kuickshow_3.5.9-3+lenny1_alpha.deb http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3 .5.9-3+lenny1_alpha.deb Debian kview_3.5.9-3+lenny1_alpha.deb http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9 -3+lenny1_alpha.deb Debian kviewshell_3.5.9-3+lenny1_alpha.deb http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_ 3.5.9-3+lenny1_alpha.deb Debian libkscan-dev_3.5.9-3+lenny1_alpha.deb http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-de v_3.5.9-3+lenny1_alpha.deb Debian libkscan1_3.5.9-3+lenny1_alpha.deb http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3 .5.9-3+lenny1_alpha.deb Debian xpdf-common_3.02-1.4+lenny1_all.deb http://security.debian.org/pool/updates/main/x/xpdf/xpdf-common_3.02-1 .4+lenny1_all.deb Debian xpdf-reader_3.02-1.4+lenny1_alpha.deb http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1 .4+lenny1_alpha.deb Debian xpdf-utils_3.02-1.4+lenny1_alpha.deb http://security.debian.org/pool/updates/main/x/xpdf/xpdf-utils_3.02-1. 4+lenny1_alpha.deb Debian xpdf_3.02-1.4+lenny1_all.deb http://security.debian.org/pool/updates/main/x/xpdf/xpdf_3.02-1.4+lenn y1_all.deb CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple Safari 3.1 CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple Safari4.0Leo.dmg http://www.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com/safari/download/ CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple Safari4.0Ti.dmg http://www.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com/safari/download/ Debian Linux 5.0 armel Debian kamera_3.5.9-3+lenny1_armel.deb http://security.debian.org/pool/updates/main/k/kdegraphics/kamera_3.5. 9-3+lenny1_armel.deb Debian kcoloredit_3.5.9-3+lenny1_armel.deb http://security.debian.org/pool/updates/main/k/kdegraphics/kcoloredit_ 3.5.9-3+lenny1_armel.deb Debian kdegraphics-dbg_3.5.9-3+lenny1_armel.deb http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics -dbg_3.5.9-3+lenny1_armel.deb Debian kdegraphics-dev_3.5.9-3+lenny1_armel.deb http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics -dev_3.5.9-3+lenny1_armel.deb Debian kdegraphics-doc-HTML_3.5.9-3+lenny1_all.deb http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics -doc-HTML_3.5.9-3+lenny1_all.deb Debian kdegraphics-kfile-plugins_3.5.9-3+lenny1_armel.deb http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics -kfile-plugins_3.5.9-3+lenny1_armel.deb Debian kdegraphics_3.5.9-3+lenny1_all.deb http://security.debian.org/pool/updates/main/k/kdegraphics/kdegraphics _3.5.9-3+lenny1_all.deb Debian kdvi_3.5.9-3+lenny1_armel.deb http://security.debian.org/pool/updates/main/k/kdegraphics/kdvi_3.5.9- 3+lenny1_armel.deb Debian kfax_3.5.9-3+lenny1_armel.deb http://security.debian.org/pool/updates/main/k/kdegraphics/kfax_3.5.9- 3+lenny1_armel.deb Debian kfaxview_3.5.9-3+lenny1_armel.deb http://security.debian.org/pool/updates/main/k/kdegraphics/kfaxview_3. 5.9-3+lenny1_armel.deb Debian kgamma_3.5.9-3+lenny1_armel.deb http://security.debian.org/pool/updates/main/k/kdegraphics/kgamma_3.5. 9-3+lenny1_armel.deb Debian kghostview_3.5.9-3+lenny1_armel.deb http://security.debian.org/pool/updates/main/k/kdegraphics/kghostview_ 3.5.9-3+lenny1_armel.deb Debian kiconedit_3.5.9-3+lenny1_armel.deb http://security.debian.org/pool/updates/main/k/kdegraphics/kiconedit_3 .5.9-3+lenny1_armel.deb Debian kmrml_3.5.9-3+lenny1_armel.deb http://security.debian.org/pool/updates/main/k/kdegraphics/kmrml_3.5.9 -3+lenny1_armel.deb Debian kolourpaint_3.5.9-3+lenny1_armel.deb http://security.debian.org/pool/updates/main/k/kdegraphics/kolourpaint _3.5.9-3+lenny1_armel.deb Debian kooka_3.5.9-3+lenny1_armel.deb http://security.debian.org/pool/updates/main/k/kdegraphics/kooka_3.5.9 -3+lenny1_armel.deb Debian kpdf_3.5.9-3+lenny1_armel.deb http://security.debian.org/pool/updates/main/k/kdegraphics/kpdf_3.5.9- 3+lenny1_armel.deb Debian kpovmodeler_3.5.9-3+lenny1_armel.deb http://security.debian.org/pool/updates/main/k/kdegraphics/kpovmodeler _3.5.9-3+lenny1_armel.deb Debian kruler_3.5.9-3+lenny1_armel.deb http://security.debian.org/pool/updates/main/k/kdegraphics/kruler_3.5. 9-3+lenny1_armel.deb Debian ksnapshot_3.5.9-3+lenny1_armel.deb http://security.debian.org/pool/updates/main/k/kdegraphics/ksnapshot_3 .5.9-3+lenny1_armel.deb Debian ksvg_3.5.9-3+lenny1_armel.deb http://security.debian.org/pool/updates/main/k/kdegraphics/ksvg_3.5.9- 3+lenny1_armel.deb Debian kuickshow_3.5.9-3+lenny1_armel.deb http://security.debian.org/pool/updates/main/k/kdegraphics/kuickshow_3 .5.9-3+lenny1_armel.deb Debian kview_3.5.9-3+lenny1_armel.deb http://security.debian.org/pool/updates/main/k/kdegraphics/kview_3.5.9 -3+lenny1_armel.deb Debian kviewshell_3.5.9-3+lenny1_armel.deb http://security.debian.org/pool/updates/main/k/kdegraphics/kviewshell_ 3.5.9-3+lenny1_armel.deb Debian libkscan-dev_3.5.9-3+lenny1_armel.deb http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan-de v_3.5.9-3+lenny1_armel.deb Debian libkscan1_3.5.9-3+lenny1_armel.deb http://security.debian.org/pool/updates/main/k/kdegraphics/libkscan1_3 .5.9-3+lenny1_armel.deb Debian xpdf-common_3.02-1.4+lenny1_all.deb http://security.debian.org/pool/updates/main/x/xpdf/xpdf-common_3.02-1 .4+lenny1_all.deb Debian xpdf-reader_3.02-1.4+lenny1_armel.deb http://security.debian.org/pool/updates/main/x/xpdf/xpdf-reader_3.02-1 .4+lenny1_armel.deb Debian xpdf-utils_3.02-1.4+lenny1_armel.deb
参考网址
来源: www.blackberry.com 链接:http://www.blackberry.com/btsc/KB17953
受影响实体
- Rim Blackberry_enterprise_server:4.1
- Rim Blackberry_enterprise_server:4.1.6:Mr4
- Rim Blackberry_enterprise_server:4.1.4
- Rim Blackberry_enterprise_server:4.1.6
- Rim Blackberry_enterprise_server:4.1.3
补丁
暂无
评论