TechTalkz.com Technology & Computer Troubleshooting Forums - View Single Post

07-11-2007, 11:44 PM

On Tue, 21 Aug 2007 11:46:44 -0400, Virus Guy <Virus@Guy.com> wrote:

> "David W. Hodgins" wrote:
>
>> http://www.cve.mitre.org/cgi-bin/cve...=cve-2007-3387
>> Affects many open source implementations of pdf readers.
>
> Is there a date on the above-quoted CVE?
From the above page ...

BUGTRAQ:20070813 [SECURITY] [DSA 1354-1] New gpdf packages fix arbitrarycode execution
Candidate assigned on 20070625

So, the fixes were released August 13th, for a bug assigned on June 25th..

> Does secunia list vulnerabilities according to file type or file
> format (as opposed to application programs or operating systems)?

The vulnerabilities, are in the software, not the file format, so
it wouldn't make sense to list them by file type.

Regards, Dave Hodgins

--
Change nomail.afraid.org to ody.ca to reply by email.
(nomail.afraid.org has been set up specifically for
use in usenet. Feel free to use it yourself.)

07-11-2007, 11:44 PM	#26
David W. Hodgins Guest Posts: n/a	Re: New .PDF malware (?) On Tue, 21 Aug 2007 11:46:44 -0400, Virus Guy <Virus@Guy.com> wrote: > "David W. Hodgins" wrote: > >> http://www.cve.mitre.org/cgi-bin/cve...=cve-2007-3387 >> Affects many open source implementations of pdf readers. > > Is there a date on the above-quoted CVE? From the above page ... BUGTRAQ:20070813 [SECURITY] [DSA 1354-1] New gpdf packages fix arbitrarycode execution Candidate assigned on 20070625 So, the fixes were released August 13th, for a bug assigned on June 25th.. > Does secunia list vulnerabilities according to file type or file > format (as opposed to application programs or operating systems)? The vulnerabilities, are in the software, not the file format, so it wouldn't make sense to list them by file type. Regards, Dave Hodgins -- Change nomail.afraid.org to ody.ca to reply by email. (nomail.afraid.org has been set up specifically for use in usenet. Feel free to use it yourself.)