CESA-2010:0751 -- centos 4 i386 xpdfID: oval:org.secpod.oval:def:200168 | Date: (C)2012-01-31 (M)2021-09-11 |
Class: PATCH | Family: unix |
Xpdf is an X Window System based viewer for Portable Document Format files. An uninitialized pointer use flaw was discovered in Xpdf. An attacker could create a malicious PDF file that, when opened, would cause Xpdf to crash or, potentially, execute arbitrary code. An array index error was found in the way Xpdf parsed PostScript Type 1 fonts embedded in PDF documents. An attacker could create a malicious PDF file that, when opened, would cause Xpdf to crash or, potentially, execute arbitrary code. Users are advised to upgrade to this updated package, which contains backported patches to correct these issues.