Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:24640
HistoryAug 30, 2010 - 12:00 a.m.

Secunia Research: KDE Okular PDB Parsing RLE Decompression Buffer Overflow

2010-08-3000:00:00
vulners.com
5
JSON

======================================================================

                 Secunia Research 25/08/2010

- KDE Okular PDB Parsing RLE Decompression Buffer Overflow -

======================================================================
Table of Contents

Affected Software…1
Severity…2
Vendor's Description of Software…3
Description of Vulnerability…4
Solution…5
Time Table…6
Credits…7
References…8
About Secunia…9
Verification…10

======================================================================
1) Affected Software

  • KDE Okular 4.4.5

NOTE: Other versions may also be affected.

======================================================================
2) Severity

Rating: Moderately critical
Impact: System access
Where: Remote

======================================================================
3) Vendor's Description of Software

"Okular is a universal document viewer based on KPDF for KDE 4.".

Product Link:
http://okular.kde.org/

======================================================================
4) Description of Vulnerability

Secunia Research has discovered a vulnerability in KDE Okular, which
can be exploited by malicious people to potentially compromise a
user's system.

The vulnerability is caused by a boundary error within the RLE
decompression in the "TranscribePalmImageToJPEG()" function in
generators/plucker/unpluck/image.cpp. This can be exploited to cause
a heap-based buffer overflow by e.g. tricking a user into opening a
specially crafted PDB file.

======================================================================
5) Solution

Apply patches. See the vendor's advisory for additional details.
http://www.kde.org/info/security/advisory-20100825-1.txt

======================================================================
6) Time Table

11/08/2010 - Vendor notified.
11/08/2010 - Vendor response.
25/08/2010 - Public disclosure.

======================================================================
7) Credits

Discovered by Stefan Cornelius, Secunia Research.

======================================================================
8) References

The Common Vulnerabilities and Exposures (CVE) project has assigned
CVE-2010-2575 for the vulnerability.

======================================================================
9) About Secunia

Secunia offers vulnerability management solutions to corporate
customers with verified and reliable vulnerability intelligence
relevant to their specific system configuration:

http://secunia.com/advisories/business_solutions/

Secunia also provides a publicly accessible and comprehensive advisory
database as a service to the security community and private
individuals, who are interested in or concerned about IT-security.

http://secunia.com/advisories/

Secunia believes that it is important to support the community and to
do active vulnerability research in order to aid improving the
security and reliability of software in general:

http://secunia.com/secunia_research/

Secunia regularly hires new skilled team members. Check the URL below
to see currently vacant positions:

http://secunia.com/corporate/jobs/

Secunia offers a FREE mailing list called Secunia Security Advisories:

http://secunia.com/advisories/mailing_lists/

======================================================================
10) Verification

Please verify this advisory by visiting the Secunia website:
http://secunia.com/secunia_research/2010-109/

Complete list of vulnerability reports published by Secunia Research:
http://secunia.com/secunia_research/

======================================================================

Related

openvas 13
nessus 12
ubuntucve 1
ubuntu 1
gentoo 1
fedora 3
securityvulns 2
prion 1
slackware 1
debiancve 1
cve 1
openvas
openvas
Fedora Update for kdegraphics FEDORA-2010-13629
2010-08-30 00:00:00
Mandriva Update for kdegraphics4 MDVSA-2010:162 (kdegraphics4)
2010-08-30 00:00:00
Fedora Update for kdegraphics FEDORA-2010-13589
2010-12-02 00:00:00
nessus
nessus
openSUSE Security Update : gwenview (openSUSE-SU-2010:0691-1)
2010-10-06 00:00:00
openSUSE Security Update : gwenview (openSUSE-SU-2010:0691-1)
2010-10-06 00:00:00
Fedora 14 : kdegraphics-4.5.0-2.fc14 (2010-13589)
2010-08-26 00:00:00
ubuntucve
ubuntucve
CVE-2010-2575
2010-08-30 00:00:00
ubuntu
ubuntu
okular vulnerability
2010-08-27 00:00:00
gentoo
gentoo
Okular: Arbitrary code execution
2013-11-28 00:00:00
fedora
fedora
[SECURITY] Fedora 12 Update: kdegraphics-4.4.5-3.fc12
2010-08-27 06:54:07
[SECURITY] Fedora 14 Update: kdegraphics-4.5.0-2.fc14
2010-08-26 03:23:45
[SECURITY] Fedora 13 Update: kdegraphics-4.4.5-3.fc13
2010-08-27 06:48:48
securityvulns
securityvulns
[USN-979-1] okular vulnerability
2010-08-30 00:00:00
KDE okular buffer overflow
2010-08-30 00:00:00
prion
prion
Heap overflow
2010-08-30 21:00:00
slackware
slackware
[slackware-security] kdegraphics
2010-08-28 16:52:45
debiancve
debiancve
CVE-2010-2575
2010-08-30 21:00:00
cve
cve
CVE-2010-2575
2010-08-30 21:00:00
JSON
Related for SECURITYVULNS:DOC:24640
openvas13nessus12ubuntucve1ubuntu1gentoo1fedora3securityvulns2prion1slackware1debiancve1cve1