| |||||||||||||||||||
rPath alert rPSA-2007-0154-1 (cups)
rPath Security Advisory: 2007-0154-1 Published: 2007-08-10 Products: rPath Linux 1 Rating: Severe Exposure Level Classification: Remote System User Deterministic Privilege Escalation Updated Versions: cups=/conary.rpath.com@rpl:devel//1/1.1.23-14.2-1 poppler=/conary.rpath.com@rpl:devel//1/0.4.5-1.2-1 tetex=/conary.rpath.com@rpl:devel//1/2.0.2-28.7-1 tetex-afm=/conary.rpath.com@rpl:devel//1/2.0.2-28.7-1 tetex-dvips=/conary.rpath.com@rpl:devel//1/2.0.2-28.7-1 tetex-fonts=/conary.rpath.com@rpl:devel//1/2.0.2-28.7-1 tetex-latex=/conary.rpath.com@rpl:devel//1/2.0.2-28.7-1 tetex-xdvi=/conary.rpath.com@rpl:devel//1/2.0.2-28.7-1 References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3191 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3192 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3193 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0720 https://issues.rpath.com/browse/RPL-1596 https://issues.rpath.com/browse/RPL-1609 https://issues.rpath.com/browse/RPL-1173 Description: Previous versions of multiple packages are vulnerable to multiple attacks involving PDF files, the worst of which may allow an authenticated or user-assisted attacker to execute arbitrary code. Note that in the case of CUPS, authentication may be as simple as being connected to a trusted network. In addition, a minor Denial of Service attack against the cups daemon is ameliorated in this update. Copyright 2007 rPath, Inc. This file is distributed under the terms of the MIT License. A copy is available at http://www.rpath.com/permanent/mit-license.html (Log in to post comments)
|
|||||||||||||||||||