RHSA-2009:1500: Important: xpdf security update
Xpdf is an X Window System based viewer for Portable Document Format (PDF)files.Multiple integer overflow flaws were found in Xpdf. An attacker couldcreate a malicious PDF file that would cause Xpdf to crash or, potentially,execute arbitrary code when opened. (CVE-2009-0791, CVE-2009-3604,CVE-2009-3606, CVE-2009-3609)Red Hat would like to thank Adam Zabrocki for reporting the CVE-2009-3604issue.Users are advised to upgrade to this updated package, which contains abackported patch to correct these issues.
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of RHSA-2009:1500?
The severity of RHSA-2009:1500 is categorized as critical due to the possibility of code execution from a malicious PDF file.
How do I fix RHSA-2009:1500?
To fix RHSA-2009:1500, update Xpdf to the patched version provided in the advisory.
What vulnerabilities does RHSA-2009:1500 address?
RHSA-2009:1500 addresses multiple integer overflow vulnerabilities in Xpdf.
Can RHSA-2009:1500 lead to remote code execution?
Yes, RHSA-2009:1500 can lead to remote code execution if a user opens a malicious PDF file.
Which software is affected by RHSA-2009:1500?
RHSA-2009:1500 affects the Xpdf software used for viewing PDF files on the X Window System.