Notified: May 15, 2003 Updated: May 16, 2003
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 08, 2003 Updated: June 18, 2003
Affected
New versions of the Adobe Readers for UNIX are now available from the Adobe web site. You can find version 5.07 for Linux, Solaris, HP/UX and AIX at http://www.adobe.com/products/acrobat/readstep2.html. Adobe Reader 5.07 contains a patch that closes a potential security hole whereby a weblink could execute shell commands. Adobe recommends that all users on the forementioned platforms upgrade to the latest version of the Adobe Reader. This security patch only affects Adobe Readers on Linux, Solaris, HP/UX and AIX platforms. Macintosh users (OS 9.x and OS 10.X) and Windows users are not affected. The Adobe Acrobat product line is also not affected by this security issue.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 15, 2003 Updated: May 16, 2003
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Updated: June 18, 2003
Not Affected
Mac OS X and Mac OS X Server do not ship with any products that contain the vulnerability described in this notice.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 15, 2003 Updated: May 16, 2003
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 15, 2003 Updated: May 16, 2003
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 15, 2003 Updated: May 16, 2003
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 15, 2003 Updated: May 16, 2003
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 15, 2003 Updated: May 16, 2003
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 15, 2003 Updated: September 22, 2003
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CONECTIVA LINUX SECURITY ANNOUNCEMENT PACKAGE : xpdf SUMMARY : Embedded commands execution vulnerability DATE : 2003-07-04 10:57:00 ID : CLA-2003:674 RELEVANT RELEASES : 7.0, 8, 9 DESCRIPTION Xpdf is a viewer for Portable Document Format (PDF) files. This update fixes a vulnerability that allows attackers to embed commands in document hyperlinks. If the user clicks in an hyperlink created by the attacker, it can execute malicious commands when calling a external program (web browsers, mail programs, etc). The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0434 to this issue. SOLUTION All xpdf users should upgrade. REFERENCES: 1.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0434 UPDATED PACKAGES ftp://atualizacoes.conectiva.com.br/7.0/RPMS/xpdf-0.92-2U70_2cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/SRPMS/xpdf-0.92-2U70_2cl.src.rpm ftp://atualizacoes.conectiva.com.br/8/RPMS/xpdf-0.93-2U80_2cl.i386.rpm ftp://atualizacoes.conectiva.com.br/8/SRPMS/xpdf-0.93-2U80_2cl.src.rpm ftp://atualizacoes.conectiva.com.br/9/RPMS/xpdf-2.01-22930U90_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/9/SRPMS/xpdf-2.01-22930U90_1cl.src.rpm ADDITIONAL INSTRUCTIONS The apt tool can be used to perform RPM packages upgrades: - run: apt-get update - after that, execute: apt-get upgrade Detailed instructions reagarding the use of apt and upgrade examples can be found at http://distro.conectiva.com.br/atualizacoes/#apt?idioma=en All packages are signed with Conectiva's GPG key. The key and instructions on how to import it can be found at http://distro.conectiva.com.br/seguranca/chave/?idioma=en Instructions on how to check the signatures of the RPM packages can be found at http://distro.conectiva.com.br/seguranca/politica/?idioma=en All our advisories and generic update instructions can be viewed at http://distro.conectiva.com.br/atualizacoes/?idioma=en Copyright (c) 2003 Conectiva Inc. http://www.conectiva.com subscribe: conectiva-updates-subscribe@papaleguas.conectiva.com.br unsubscribe: conectiva-updates-unsubscribe@papaleguas.conectiva.com.br -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE/BYha42jd0JmAcZARAsD0AJ41Etq1PxMurfUFqsXc0te4V0+QiQCfcxsp REDyGm0tqfrsQ0bTaaGNHiQ= =d2kV -----END PGP SIGNATURE-----
Notified: May 15, 2003 Updated: May 16, 2003
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 15, 2003 Updated: May 16, 2003
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 15, 2003 Updated: May 19, 2003
Affected
In Debian 2.2 (potato) and Debian 3.0 (woody), the URL loading feature of xpdf is disabled per default, but the bug is present if the user explicitly changes the configuration. In Debian 3.0 (woody), an example urlCommand is supplied (which is commented out). This example quotes the argument against interpretation of shell metacharacters: #urlCommand "netscape -remote 'openURL(%s)'" (though execution of other netscape -remote commands may be possible if this command is uncommented and used) In Debian 'testing' and 'unstable' (xpdf 2.02-2), xpdf is configured to quote the argument in urlCommand: urlCommand "sensible-browser '%s'"
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 15, 2003 Updated: May 16, 2003
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 15, 2003 Updated: May 16, 2003
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 15, 2003 Updated: May 16, 2003
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 15, 2003 Updated: May 16, 2003
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 15, 2003 Updated: May 16, 2003
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 15, 2003 Updated: May 16, 2003
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 15, 2003 Updated: August 08, 2003
Not Affected
Fujitsu's UXP/V o.s. is not affected by the problem in VU#200132 because the OS design does not cause the problems described.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 15, 2003 Updated: May 21, 2003
Unknown
SOURCE: Hewlett-Packard Company HP Services Software Security Response Team x-ref: SSRT3561 At the time of writing this document, Hewlett Packard is currently investigating the potential impact to HP's released Operating System software products. As further information becomes available HP will provide notice of the availability of any necessary patches through standard security bulletin announcements and be available from your normal HP Services support channel.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 15, 2003 Updated: June 18, 2003
Not Affected
NOT Vulnerable to this issue.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 15, 2003 Updated: May 16, 2003
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Updated: June 24, 2003
Unknown
IBM eServer Platform Response For information related to this and other published CERT Advisories that may relate to the IBM eServer Platforms (xSeries, iSeries, pSeries, and zSeries) please go to: https://app-06.www.ibm.com/servers/resourcelink/lib03020.nsf/pages/security=alerts?OpenDocument&pathID=3D In order to access this information you will require a Resource Link ID. To subscribe to Resource Link go to http://app-06.www.ibm.com/servers/resourcelink and follow the steps for registration. All questions should be refered to servsec@us.ibm.com.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 15, 2003 Updated: May 16, 2003
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 15, 2003 Updated: May 23, 2003
Not Affected
Ingrian Networks platforms are not vulnerable to this issue.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 15, 2003 Updated: May 16, 2003
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 15, 2003 Updated: May 16, 2003
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 15, 2003 Updated: May 16, 2003
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 15, 2003 Updated: May 16, 2003
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 15, 2003 Updated: May 16, 2003
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 15, 2003 Updated: July 14, 2003
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1 Mandrake Linux Security Update Advisory Package name: xpdf
Advisory ID: MDKSA-2003:071
Date: June 27th, 2003 Affected versions: 9.0, 9.1, Corporate Server 2.1 Problem Description: Martyn Gilmore discovered flaws in various PDF viewers, including xpdf. An attacker could place malicious external hyperlinks in a document
that, if followed, could execute arbitary shell commands with the
privileges of the person viewing the PDF document. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0434 Updated Packages: Corporate Server 2.1: 722121c3cef917ee6b8ce51f3754200c corporate/2.1/RPMS/xpdf-1.01-4.2mdk.i586.rpm
e80ab78011d0f8f79cb3f03bc092ec4b corporate/2.1/SRPMS/xpdf-1.01-4.2mdk.src.rpm Mandrake Linux 9.0: 722121c3cef917ee6b8ce51f3754200c 9.0/RPMS/xpdf-1.01-4.2mdk.i586.rpm
e80ab78011d0f8f79cb3f03bc092ec4b 9.0/SRPMS/xpdf-1.01-4.2mdk.src.rpm Mandrake Linux 9.1: c83e631cfa8b43fed2e9553b305eea23 9.1/RPMS/xpdf-2.01-2.1mdk.i586.rpm
f3c1d8c4de62fde4522403ef347fb0f2 9.1/SRPMS/xpdf-2.01-2.1mdk.src.rpm Mandrake Linux 9.1/PPC: bc5f7bbe9fa58f336bb54ad9b0b17bc9 ppc/9.1/RPMS/xpdf-2.01-2.1mdk.ppc.rpm
f3c1d8c4de62fde4522403ef347fb0f2 ppc/9.1/SRPMS/xpdf-2.01-2.1mdk.src.rpm Bug IDs fixed (see https://qa.mandrakesoft.com for more information): To upgrade automatically, use MandrakeUpdate. The verification of md5
checksums and GPG signatures is performed automatically for you. If you want to upgrade manually, download the updated package from one
of our FTP server mirrors and upgrade with "rpm -Fvh *.rpm". A list of
FTP mirrors can be obtained from: http://www.mandrakesecure.net/en/ftp.php Please verify the update prior to upgrading to ensure the integrity of
the downloaded package. You can do this with the command: rpm --checksig
Notified: May 15, 2003 Updated: May 19, 2003
Not Affected
Microsoft products are not affected by this issue.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 15, 2003 Updated: May 16, 2003
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 15, 2003 Updated: May 16, 2003
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 15, 2003 Updated: June 16, 2003
Not Affected
Subject: VU#200132 sent on June 16, 2003 [Server Products] * EWS/UP 48 Series operating system - is NOT vulnerable because because it does not support PDF viewers/readers.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 15, 2003 Updated: May 16, 2003
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 15, 2003 Updated: May 16, 2003
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 15, 2003 Updated: May 16, 2003
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 15, 2003 Updated: May 16, 2003
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 15, 2003 Updated: May 16, 2003
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 15, 2003 Updated: July 14, 2003
Not Affected
Some Nortel Networks products are distributed with documentation CDs that include a PDF reader to enable viewing of product documentation in this format. The vulnerability identified in VU#200132 can only be exploited with the presence of a hyperlink in a malicious PDF file. Provided the end-user employs the PDF reader only to read Nortel Networks product documentation, and does not use the Nortel Networks product as a workstation, this potential vulnerability cannot beexploited.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 15, 2003 Updated: May 16, 2003
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 15, 2003 Updated: May 16, 2003
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 15, 2003 Updated: May 16, 2003
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 15, 2003 Updated: June 19, 2003
Affected
See RHSA-2003:196-07.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 15, 2003 Updated: May 16, 2003
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 15, 2003 Updated: May 16, 2003
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 15, 2003 Updated: May 16, 2003
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 15, 2003 Updated: May 16, 2003
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 15, 2003 Updated: May 16, 2003
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 15, 2003 Updated: June 17, 2003
Affected
Sun does not ship a PDF viewer with Solaris and therefore Solaris is not affected by this issue. However, xpdf which is provided as an unsupported package on the Solaris Companion CD: http://wwws.sun.com/software/solaris/freeware/index.html is affected. Sites using the freeware version of xpdf from the Solaris Companion CD will have to upgrade to a later version available from: http://www.foolabs.com/xpdf/download.html Sun Linux, version 5.0 is affected by this vulnerability. Two of its PDF viewing applications, xpdf and Adobe Acrobat Reader for Linux (tm) are affected. However ghostview and kghostview are not. Sun will be issuing a Sun Alert for Sun Linux describing the patch information which will be available from: http://sunsolve.Sun.COM
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 15, 2003 Updated: May 16, 2003
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 15, 2003 Updated: May 16, 2003
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 15, 2003 Updated: May 16, 2003
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 15, 2003 Updated: May 16, 2003
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 15, 2003 Updated: July 14, 2003
Not Affected
A response to this vulnerability is available from our Security Information site: http://www.xerox.com/security.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 20, 2003 Updated: June 17, 2003
Affected
A new version of Xpdf (2.02pl1) is now available on the Xpdf web site: http://www.foolabs.com/xpdf/ This version includes a small patch that fixes a security hole in version 2.02. It was possible to construct a malicious URL link in a PDF file which would cause an arbitrary command to be run. The patch changes things to that the various characters which can cause trouble are escaped (%xx) before calling system(). This patch also changes the "launch" link verification dialog to provide a scrolling view of the command about to be run when the command string is excessively long. This security hole (and the patch) only affect the Unix viewer -- they do not affect the command tools on Unix, Windows, or other operating systems.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: May 15, 2003 Updated: May 16, 2003
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.