Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!

TUCoPS :: Linux :: Apps N-Z :: xpdf.htm

Xpdf race condition



    xpdf, xpdf-i


    There  is  a  potential  race  condation  when  using tmpnam() and
    fopen() in xpdf versions prior to 0.91.  This exploit can be  only
    used as root to overwrite arbitrary files if a symlink is  created
    between  the  calls  to  tmpname()  and  fopen().  There is also a
    problem  with  malicious  URL-type  links  in  PDF  documents that
    contain quote characters which  could also potentially be  used to
    execute arbitrary commands.  This is due to xpdf calling  system()
    with  a  netscape  (or  similar)  command  plus the URL.  The 0.91
    release of xpdf fixes both of these potential problems.   Although
    there  are  no  known  exploits,  users  are encouraged to upgrade
    their system with these updates.


    Patches for Linux Mandrake:

        Linux-Mandrake 6.0: 6.0/RPMS/xpdf-0.91-4mdk.i586.rpm

        Linux-Mandrake 6.1: 6.1/RPMS/xpdf-0.91-4mdk.i586.rpm

        Linux-Mandrake 7.0: 7.0/RPMS/xpdf-0.91-4mdk.i586.rpm

    For Debian:

    For Caldera Linux:

    For RedHat:

    For Conectiva Linux:

    For FreeBSD:

    xpdf-i < 0.90-7 is vulnerable, too.  But now is fixed.

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2015 AOH