Bug 156041 (CVE-2006-0746)

Summary: VUL-0: CVE-2006-0746: kpdf: Yet another kpdf overflow issue
Product: [Novell Products] SUSE Security Incidents Reporter: Sebastian Krahmer <krahmer>
Component: IncidentsAssignee: Security Team bot <security-team>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P5 - None CC: meissner, security-team
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
Whiteboard: CVE-2006-0746: CVSS v2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Found By: Other Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Sebastian Krahmer 2006-03-08 11:31:36 UTC 
Date: Tue, 07 Mar 2006 17:23:58 -0500
From: Josh Bressers <bressers@redhat.com>
To: Marcelo Ricardo Leitner <mrl@conectiva.com.br>
Cc: vendor-sec@lst.de, mueller@kde.org
Subject: Re: [vendor-sec] kpdf official patch for kde 3.3 does not fix
    CVE-2005-3627

> 
> --zhXaljGHf11kAtnf
> Content-Type: text/plain; charset=us-ascii
> Content-Disposition: inline
> 
> Hi all,
> 
> I was working on some xpdf updates again overhere when I noticed that even
> when I patched kpdf with the official patch publicated at
> http://www.kde.org/info/security/advisory-20051207-2.txt it crashed with
> Chris' bad11.pdf testcase.
> 
> Then I applied the official patch and went by checking chunk by chunk
> against the xpdf's official, available at
> http://www.foolabs.com/xpdf/download.html (12097 bytes version) and noticed
> some missing chunks.
> 
> Here follows my diffs against the official patch just for reference and then
> the patch I'm currently using.

Nice catch Marcelo.

Let's use CVE-2006-0746 for this since the original CVE id (CVE-2005-3627)
covered a handful of overflows, one of which is missed in kdegraphics.

-- 
    JB
Comment 1 Dirk Mueller 2006-03-08 17:29:40 UTC 
I'm looking at it, because I don't think the patch he posted fixes it either, but I'm recompiling from clean sources to be sure.
Comment 2 Dirk Mueller 2006-03-09 17:02:12 UTC 
update for 9.2 submitted
Comment 3 Sebastian Krahmer 2006-03-13 13:58:22 UTC 
Ok, 9.2 the only affected target? Will submit patchinfo then.
Comment 4 Sebastian Krahmer 2006-03-14 09:31:15 UTC 
Maintenance-Tracker-3776
Comment 5 Sebastian Krahmer 2006-03-14 09:42:54 UTC 
Patchinfos submitted. Please go ahead.
Comment 6 Marcus Meissner 2006-03-16 09:44:19 UTC 
updcates released.
Comment 7 Thomas Biege 2009-10-13 22:59:50 UTC 
CVE-2006-0746: CVSS v2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)