xpdf漏洞

xpdf对内嵌字体缺乏必要的验证,存在漏洞。攻击者可利用此漏洞,打开恶意的pdf会导致执行恶意代码。Debian已放出安全补丁,其他发行版应该也有相应的补丁。请尽快升级。如果暂时不能升级,请不要用xpdf打开来源可疑的pdf,尤其是不要以root身份运行xpdf。可换用其他pdf查看器,或通过其他方法查看pdf。

This entry was posted on Friday, April 18th, 2008 at 2:10 pm and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply