Integer overflow in the StreamPredictor::StreamPredictor function in gpdf before 2.8.2, as used in (1) poppler, (2) xpdf, (3) kpdf, (4) kdegraphics, (5) CUPS, and other products, might allow remote attackers to execute arbitrary code via a crafted PDF file.
printing, any updates here? security, this has no whiteboard set.
printing, please provide fixed versions.
what versions are affected? Are there already patches for versions where upstream has not yet released a new version?
The patch to apply is here: ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl1.patch It applies at least to cups in the pdftops dir with some minor changes (s/Stream.cc/Stream.cxx). I checked with the latest stable version (1.2.10-r1). Mandriva also issued updates for some other packages : http://secunia.com/advisories/26425/ I don't see them in our tree, but I don't know how cups is packaged, maybe you'll want to check if everything is okay.
printing, please provide an updated version with the patch from comment #4, otherwise security do a revbump of the current stable.
188863 and 187139 fixed this. cups and xpdf use poppler so the are fine.
