[ GLSA 200410-20 ] Xpdf, CUPS: Multiple integer overflows

[GLSA]

Gentoo Linux Security Advisory

Title: Xpdf, CUPS: Multiple integer overflows (GLSA 200410-20)
Severity: normal
Exploitable: remote
Date: October 21, 2004
Updated: November 06, 2004
Bug(s): #69662
ID: 200410-20

Synopsis


Multiple integer overflows were discovered in Xpdf, potentially resulting
in execution of arbitrary code upon viewing a malicious PDF file. CUPS
includes Xpdf code and therefore is vulnerable to the same issues.


Background


Xpdf is an open source viewer for Portable Document Format (PDF) files. The
Common UNIX Printing System (CUPS) is a cross-platform print spooler that
includes some Xpdf code.


Affected Packages

Package: app-text/xpdf
Vulnerable: <= 3.00-r4
Unaffected: >= 3.00-r5
Architectures: All supported architectures

Package: net-print/cups
Vulnerable: <= 1.1.20-r4
Unaffected: >= 1.1.20-r5
Architectures: All supported architectures


Description


Chris Evans discovered multiple integer overflow issues in Xpdf.


Impact


An attacker could entice an user to open a specially-crafted PDF file,
potentially resulting in execution of arbitrary code with the rights of the
user running Xpdf. By enticing an user to directly print the PDF file to a
CUPS printer, an attacker could also crash the CUPS spooler or execute
arbitrary code with the rights of the CUPS spooler, which is usually the
"lp" user.


Workaround


There is no known workaround at this time.


Resolution


All Xpdf users should upgrade to the latest version: