Skip to main content

Sun Solaris Gnome PDF Viewer Multiple Vulnerabilities

Last Update Date: 28 Jan 2011 Release Date: 15 Dec 2009 5555 Views

RISK: Medium Risk

Multiple vulnerabilities have been identified in Sun Solaris, which could be exploited by attackers to cause a denial of service or compromise a vulnerable system. These issues are caused by errors in the Solaris GNOME PDF rendering libraries.

1. Multiple integer overflows in "SplashBitmap::SplashBitmap()" can be exploited to cause heap-based buffer overflows.

2. An integer overflow error in "ObjectStream::ObjectStream()" can be exploited to cause a heap-based buffer overflow.

3. Multiple integer overflows in "Splash::drawImage()" can be exploited to cause heap-based buffer overflows.

4. An integer overflow error in "PSOutputDev::doImageL1Sep()" can be exploited to cause a heap-based buffer overflow when converting a PDF document to a PS file.

The vulnerabilities are reported in Solaris 10 for both the SPARC and x86 platforms.


Impact

  • Denial of Service
  • Remote Code Execution

System / Technologies affected

  • Sun Solaris 10
  • Sun OpenSolaris

Solutions

Sun OpenSolaris - Upgrade to snv_130 or later

A final resolution is pending completion for Solaris 10

Workaround:

  • Do not open PDF files from untrusted sources.

  • Vulnerability Identifier


    Source


    Related Link