Okular PDB file RLE unzipping Heap Overflow Vulnerability
Release date: 2010-08-26
Updated on: 2010-08-26
Affected Systems:
KDE Okular 4.4.5
Description:
--------------------------------------------------------------------------------
Cve id: CVE-2010-2575
Okular is a KPDF-based universal document viewer on KDE 4.
Okular generators/plucker/unpluck/image. the TranscribePalmImageToJPEG () function in the cpp file does not properly process RLE decompression. If you are cheated to open a specially crafted PDB file, heap overflow can be triggered, resulting in arbitrary code execution.
<* Source: Stefan Cornelius
Link: http://secunia.com/secunia_research/2010-109
Http://www.kde.org/info/security/advisory-20100825-1.txt
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
KDE
---
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Svn: // anonsvn.kde.org/home/kde/branches/KDE/4.3/kdegraphics
Svn: // anonsvn.kde.org/home/kde/branches/KDE/4.4/kdegraphics
Svn: // anonsvn.kde.org/home/kde/branches/KDE/4.5/kdegraphics