In association with heise online

18 April 2008, 09:55

Hole in Xpdf enables code injection

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Kees Cook of the Ubuntu Security Team has discovered a security hole in Xpdf and libraries and applications based on it, via which attackers can inject and execute malicious code using crafted PDF files. The hole can be exploited merely by opening the PDF file.

The problem is caused by inadequate checking while typefaces embedded in PDF files are being processed, but no further details are known as yet. When manipulated PDF files are opened, injected code can be executed with the user's rights. An entry has already been added to the Common Vulnerabilities and Exposures (CVE) database, but it gives no further details.

In addition to Xpdf, affected software includes the poppler project and, in some Linux distributions, also KOffice, if code from Xpdf is statically linked in, as is the case with Ubuntu. Several Linux distributors are already issuing updated Xpdf, poppler and KOffice packages that fix the problem. Administrators should install these updates without delay.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit