Mandriva Linux Security Advisory : kdegraphics4 (MDVSA-2010:162)

medium Nessus Plugin ID 48898

Language:

Synopsis

The remote Mandriva Linux host is missing one or more security updates.

Description

A vulnerability has been found and corrected in okular (kdegraphics) :

A specially crafted PDF or PS file could cause okular to crash or execute arbitrary code (CVE-2010-2575).

The updated packages have been patched to correct this issue.

Solution

Update the affected packages.

See Also

http://www.kde.org/info/security/advisory-20100825-1.txt

Plugin Details

Severity: Medium

ID: 48898

File Name: mandriva_MDVSA-2010-162.nasl

Version: 1.14

Type: local

Published: 8/27/2010

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:kdegraphics4, p-cpe:/a:mandriva:linux:kdegraphics4-core, p-cpe:/a:mandriva:linux:kdegraphics4-devel, p-cpe:/a:mandriva:linux:kgamma, p-cpe:/a:mandriva:linux:kipi-common, p-cpe:/a:mandriva:linux:kolourpaint, p-cpe:/a:mandriva:linux:kruler, p-cpe:/a:mandriva:linux:ksnapshot, p-cpe:/a:mandriva:linux:lib64gwenviewlib4, p-cpe:/a:mandriva:linux:lib64kdcraw7, p-cpe:/a:mandriva:linux:lib64kdcraw8, p-cpe:/a:mandriva:linux:lib64kexiv2_7, p-cpe:/a:mandriva:linux:lib64kexiv2_8, p-cpe:/a:mandriva:linux:lib64kipi6, p-cpe:/a:mandriva:linux:lib64kipi7, p-cpe:/a:mandriva:linux:lib64kolourpaint_lgpl4, p-cpe:/a:mandriva:linux:lib64ksane0, p-cpe:/a:mandriva:linux:lib64okularcore1, p-cpe:/a:mandriva:linux:libgwenviewlib4, p-cpe:/a:mandriva:linux:libkdcraw-common, p-cpe:/a:mandriva:linux:libkdcraw7, p-cpe:/a:mandriva:linux:libkdcraw8, p-cpe:/a:mandriva:linux:libkexiv2_7, p-cpe:/a:mandriva:linux:libkexiv2_8, p-cpe:/a:mandriva:linux:libkipi6, p-cpe:/a:mandriva:linux:libkipi7, p-cpe:/a:mandriva:linux:libkolourpaint_lgpl4, p-cpe:/a:mandriva:linux:libksane0, p-cpe:/a:mandriva:linux:libokularcore1, p-cpe:/a:mandriva:linux:okular, cpe:/o:mandriva:linux:2009.0, cpe:/o:mandriva:linux:2010.0, cpe:/o:mandriva:linux:2010.1, p-cpe:/a:mandriva:linux:gwenview, p-cpe:/a:mandriva:linux:kamera, p-cpe:/a:mandriva:linux:kcolorchooser

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 8/26/2010

Reference Information

CVE: CVE-2010-2575

BID: 42702

MDVSA: 2010:162