Multiple Security Vulnerabilities in the Solaris Gnome PDF Viewer (gpdf(1)) may Allow a Denial of Service (DoS) Condition or Lead to Execution of Arbitrary Code

Category
Security

Release Phase
Resolved

Product
Solaris 10 Operating System

Bug Id
6374946

Date of Workaround Release
20-JUN-2007

Date of Resolved Release
06-AUG-2007

Impact

Multiple security vulnerabilities in the Solaris Gnome PDF Document Viewer (gpdf(1)) may allow a local or remote unprivileged user to cause the PDF Document Viewer application to crash or hang (potentially consuming excessive amounts of disk space, which may affect system performance), or may allow that user to execute arbitrary code with the privileges of the user opening a specially crafted PDF document with gpdf(1). The ability to crash or hang the gpdf(1) application or to cause it to consume excess disk space, are all types of Denial of Service (DoS).

These issues are also referenced in the following documents:

CVE-2005-3191 at: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3191
CVE-2005-3192 at: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3192
CVE-2005-3193 at: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3193
CVE-2005-3624 at: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3624
CVE-2005-3625 at: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3625
CVE-2005-3626 at: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3626
CVE-2005-3627 at: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3627
CVE-2005-2097 at: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2097

Contributing Factors

These issues can occur in the following releases:

SPARC Platform

Solaris 10 without patch 120739-04

x86 Platform

Solaris 10 without patch 120740-04

Note: Solaris 9 and Solaris 8 do not ship Gnome PDF Viewer and are not affected by these issues.

These issues only occur in Gnome PDF Viewer version 0.132 or earlier. To determine the version of gpdf(1) installed on the system, the following command can be run:

    $ gpdf --version
    Gnome gpdf 0.132

Symptoms

Due to these vulnerabilities, the GNOME PDF Viewer may crash or hang (potentially consuming excessive disk space) while opening certain PDF documents.

There are no predictable symptoms to indicate that these issues have been exploited to execute arbitrary code.

Workaround

Until the resolution patches can be applied, it may be possible to work around the described issues by not opening untrusted PDF files with the GNOME PDF Viewer.

Resolution

This issue is addressed in the following releases:

SPARC Platform

Solaris 10 with patch 120739-04 or later

x86 Platform

Solaris 10 with patch 120740-04 or later

Modification History
Date: 06-AUG-2007

State: Resolved
Updated Contributing Factors and Resolution sections

References

120739-04
120740-04

Attachments

This solution has no attachment