RHSA-2009:1503: Important: gpdf security update
GPdf is a viewer for Portable Document Format (PDF) files.Multiple integer overflow flaws were found in GPdf. An attacker couldcreate a malicious PDF file that would cause GPdf to crash or, potentially,execute arbitrary code when opened. (CVE-2009-0791, CVE-2009-1188,CVE-2009-3604, CVE-2009-3608, CVE-2009-3609)Red Hat would like to thank Adam Zabrocki for reporting the CVE-2009-3604issue, and Chris Rohlf for reporting the CVE-2009-3608 issue.Users are advised to upgrade to this updated package, which contains abackported patch to correct these issues.
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of RHSA-2009:1503?
The severity of RHSA-2009:1503 is classified as critical due to the potential for arbitrary code execution.
How do I fix RHSA-2009:1503?
To fix RHSA-2009:1503, you should update the GPdf package to version 2.8.2-7.7.2.el4_8.5.
What are the vulnerabilities associated with RHSA-2009:1503?
RHSA-2009:1503 addresses multiple integer overflow vulnerabilities, including CVE-2009-0791 and CVE-2009-1188.
Who is affected by RHSA-2009:1503?
Users of GPdf versions prior to 2.8.2-7.7.2.el4_8.5 are at risk from the vulnerabilities outlined in RHSA-2009:1503.
Can RHSA-2009:1503 lead to a system compromise?
Yes, RHSA-2009:1503 can potentially lead to system compromise through execution of arbitrary code.