[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2007-3387

Date: (C)2007-07-30   (M)2017-10-12
 
CVSS Score: 6.8Access Vector: NETWORK
Exploitability Subscore: 8.6Access Complexity: MEDIUM
Impact Subscore: 6.4Authentication: NONE
 Confidentiality: PARTIAL
 Integrity: PARTIAL
 Availability: PARTIAL











Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf before 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote attackers to execute arbitrary code via a crafted PDF file that triggers a stack-based buffer overflow in the StreamPredictor::getNextLine function.

Reference:
SECTRACK-1018473
20070801-01-P
http://www.securityfocus.com/archive/1/archive/1/476508/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/476519/30/5400/threaded
http://www.securityfocus.com/archive/1/archive/1/476765/30/5340/threaded
BID-25124
SECUNIA-26188
SECUNIA-26251
SECUNIA-26254
SECUNIA-26255
SECUNIA-26257
SECUNIA-26278
SECUNIA-26281
SECUNIA-26283
SECUNIA-26292
SECUNIA-26293
SECUNIA-26297
SECUNIA-26307
SECUNIA-26318
SECUNIA-26325
SECUNIA-26342
SECUNIA-26343
SECUNIA-26358
SECUNIA-26365
SECUNIA-26370
SECUNIA-26395
SECUNIA-26403
SECUNIA-26405
SECUNIA-26407
SECUNIA-26410
SECUNIA-26413
SECUNIA-26425
SECUNIA-26432
SECUNIA-26436
SECUNIA-26467
SECUNIA-26468
SECUNIA-26470
SECUNIA-26514
SECUNIA-26607
SECUNIA-26627
SECUNIA-26862
SECUNIA-26982
SECUNIA-27156
SECUNIA-27281
SECUNIA-27308
SECUNIA-27637
SECUNIA-30168
OSVDB-40127
ADV-2007-2704
ADV-2007-2705
DSA-1347
DSA-1348
DSA-1349
DSA-1350
DSA-1352
DSA-1354
DSA-1355
DSA-1357
GLSA-200709-12
GLSA-200709-17
GLSA-200710-08
GLSA-200710-20
GLSA-200711-34
GLSA-200805-13
MDKSA-2007:158
MDKSA-2007:159
MDKSA-2007:160
MDKSA-2007:161
MDKSA-2007:162
MDKSA-2007:163
MDKSA-2007:164
MDKSA-2007:165
RHSA-2007:0720
RHSA-2007:0729
RHSA-2007:0730
RHSA-2007:0731
RHSA-2007:0732
RHSA-2007:0735
SSA:2007-222-05
SSA:2007-316-01
SUSE-SR:2007:015
SUSE-SR:2007:016
USN-496-1
USN-496-2
ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl1.patch
http://bugs.gentoo.org/show_bug.cgi?id=187139
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=248194
http://sourceforge.net/project/shownotes.php?release_id=535497
http://support.avaya.com/elmodocs2/security/ASA-2007-401.htm
http://www.kde.org/info/security/advisory-20070730-1.txt
https://issues.foresightlinux.org/browse/FL-471
https://issues.rpath.com/browse/RPL-1596
https://issues.rpath.com/browse/RPL-1604

CPE    1
cpe:/a:kde:kdegraphics
CWE    1
CWE-189

© 2013 SecPod Technologies