Vulnerabilità: CVE-2006-0301


Heap buffer overflow in Splash.cc in xpdf, come usato in altri prodotti quali (1) poppler, (2) kdegraphics, (3) GPDF, (4) pdfkit.framework, e altri, consente agli aggressori di provocare una negazione di servizio ed eventualmente eseguire codice arbitrario tramite immagini spruzzata artigianali che producono certi valori che superano la larghezza o altezza della bitmap associata.


http://www.securityfocus.com/archive/1/423899/100/0/threaded
https://bugzilla.novell.com/show_bug.cgi?id=141242
http://www.debian.org/security/2006/dsa-971
http://www.debian.org/security/2006/dsa-972
http://www.debian.org/security/2006/dsa-974
http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00039.html
http://www.securityfocus.com/archive/1/427990/100/0/threaded
http://www.gentoo.org/security/en/glsa/glsa-200602-04.xml
http://www.gentoo.org/security/en/glsa/glsa-200602-05.xml
http://www.gentoo.org/security/en/glsa/glsa-200602-12.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2006:030
http://www.mandriva.com/security/advisories?name=MDKSA-2006:031
http://www.mandriva.com/security/advisories?name=MDKSA-2006:032
http://www.kde.org/info/security/advisory-20060202-1.txt
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=179046
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10850
http://www.redhat.com/support/errata/RHSA-2006-0201.html
http://rhn.redhat.com/errata/RHSA-2006-0206.html
http://securitytracker.com/id?1015576
http://secunia.com/advisories/18274
http://secunia.com/advisories/18677
http://secunia.com/advisories/18707
http://secunia.com/advisories/18825
http://secunia.com/advisories/18826
http://secunia.com/advisories/18834
http://secunia.com/advisories/18837
http://secunia.com/advisories/18838
http://secunia.com/advisories/18839
http://secunia.com/advisories/18860
http://secunia.com/advisories/18862
http://secunia.com/advisories/18864
http://secunia.com/advisories/18875
http://secunia.com/advisories/18882
http://secunia.com/advisories/18908
http://secunia.com/advisories/18913
http://secunia.com/advisories/18983
http://secunia.com/advisories/19377
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683
http://securityreason.com/securityalert/470
http://www.ubuntu.com/usn/usn-249-1
http://www.vupen.com/english/advisories/2006/0389
http://www.vupen.com/english/advisories/2006/0422
https://exchange.xforce.ibmcloud.com/vulnerabilities/24391
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0301


E' possibile lasciare un commento come utenti registrati al sito, accedendo tramite social, account wordpress oppure come utenti anonimi. Nel caso in cui si desideri lasciare un commento come utenti anonimi si verrà avvisati via email di un'eventuale risposta solo se si inserisce l'indirizzo email (facoltativo). L'inserimento di qualsiasi dato nei campi dei commenti è totalmente facoltativo. Chiunque decida di inserire un qualsiasi dato accetta il trattamento di questi ultimi per i fini inerenti al servizio ovvero la risposta al commento e le comunicazioni strettamente necessarie.


Rispondi