Author: jmm-guest Date: 2005-12-06 22:03:40 +0000 (Tue, 06 Dec 2005) New Revision: 2958 Modified: data/CVE/list Log: kpdf confirmed vulnerable to all three xpdf issues Modified: data/CVE/list ==================================================================--- data/CVE/list 2005-12-06 21:54:53 UTC (rev 2957) +++ data/CVE/list 2005-12-06 22:03:40 UTC (rev 2958) @@ -2494,16 +2494,19 @@ - xpdf <unfixed> (bug #342281; medium) - gpdf <unfixed> (bug #342286; medium) - pdftohtml <not-affected> (Vulnerable xpdf code not contained) + - kdegraphics <unfixed> (bug #342287; medium) CVE-2005-3192 [xpdf stream predictor heap overflow] RESERVED - xpdf <unfixed> (bug #342281; medium) - gpdf <unfixed> (bug #342286; medium) - pdftohtml <unfixed> (bug filed; medium) + - kdegraphics <unfixed> (bug #342287; medium) CVE-2005-3191 [xpdf dctstream heap overflow] RESERVED - xpdf <unfixed> (bug #342281; medium) - gpdf <unfixed> (bug #342286; medium) - pdftohtml <unfixed> (bug filed; medium) + - kdegraphics <unfixed> (bug #342287; medium) CVE-2005-3190 (Buffer overflow in Computer Associates (CA) iGateway 3.0 and 4.0 ...) NOT-FOR-US: iGateway CVE-2005-3189 (Directory traversal vulnerability in Qualcomm WorldMail IMAP Server ...)