CVE-2015-8868 Oracle Enterprise Linux Security Update for poppler (ELSA-2016-2580)

漏洞类别:OEL

漏洞等级:

漏洞信息

Oracle Enterprise Linux has released security update for poppler to fix the vulnerabilities.

Affected Products:
Oracle Linux 7

漏洞危害

Sucessful exploitation of the vulnerability can allow a remote attacker to denial of service (memory corruption and crash) or possibly execute arbitrary code via an invalid blend mode in the ExtGState dictionary in a crafted PDF document.

解决方案

To resolve this issue, upgrade to the latest packages which contain a patch. Refer to Oracle Enterprise Linux advisoryOracle Linux 7 for updates and patch information.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

ELSA-2016-2580: Oracle Linux 7

0day

发表评论