[VIM] Xpdf/kpdf mess

Steven M. Christey coley at linus.mitre.org
Fri Jan 6 12:05:42 EST 2006


On Fri, 6 Jan 2006, security curmudgeon wrote:

> So we have: cups, poppler, gpdf, pdftohtml, tetex, pdff, kword, kpdf
>
> This makes it sound like an underlying library, or each utility shared the
> vulnerable code?

One or the other, probably.  Based on the xpdf issues of a couple month
ago, it appears that xpdf is used heavily in other libraries.
CVE-2005-3191 through CVE-2005-3193 each have multiple references for
different packages, including CUPS, poppler, pdftohtml, tetex, kword,
kpdf.

- Steve


More information about the VIM mailing list