[Forgot Password]
Login  Register Subscribe

24128

 
 

131573

 
 

110139

 
 

909

 
 

85964

 
 

136

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML view JSON

CVE-2007-5392Date: (C)2007-11-07   (M)2018-02-19


Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a crafted PDF file, resulting in a heap-based buffer overflow.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : CVSS Score : 9.3
Exploit Score: Exploit Score: 8.6
Impact Score: Impact Score: 10.0
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: Access Vector: NETWORK
Attack Complexity: Access Complexity: MEDIUM
Privileges Required: Authentication: NONE
User Interaction: Confidentiality: COMPLETE
Scope: Integrity: COMPLETE
Confidentiality: Availability: COMPLETE
Integrity:  
Availability:  
  
Reference:
SECTRACK-1018905
http://www.securityfocus.com/archive/1/483372
http://www.securityfocus.com/archive/1/483372
BID-26367
SECUNIA-26503
SECUNIA-27260
SECUNIA-27553
SECUNIA-27573
SECUNIA-27574
SECUNIA-27575
SECUNIA-27577
SECUNIA-27578
SECUNIA-27599
SECUNIA-27615
SECUNIA-27618
SECUNIA-27619
SECUNIA-27632
SECUNIA-27634
SECUNIA-27636
SECUNIA-27637
SECUNIA-27640
SECUNIA-27641
SECUNIA-27642
SECUNIA-27645
SECUNIA-27656
SECUNIA-27658
SECUNIA-27705
SECUNIA-27721
SECUNIA-27724
SECUNIA-27743
SECUNIA-27856
SECUNIA-28043
SECUNIA-28812
SECUNIA-29104
SECUNIA-29604
SECUNIA-30168
ADV-2007-3774
ADV-2007-3775
ADV-2007-3776
ADV-2007-3779
ADV-2007-3786
DSA-1480
DSA-1509
DSA-1537
FEDORA-2007-3031
FEDORA-2007-3059
FEDORA-2007-3100
FEDORA-2007-3390
FEDORA-2007-4031
FEDORA-2007-750
GLSA-200711-22
GLSA-200711-34
GLSA-200805-13
MDKSA-2007:219
MDKSA-2007:220
MDKSA-2007:221
MDKSA-2007:222
MDKSA-2007:223
MDKSA-2007:227
MDKSA-2007:228
MDKSA-2007:230
RHSA-2007:1021
RHSA-2007:1022
RHSA-2007:1024
RHSA-2007:1025
RHSA-2007:1026
RHSA-2007:1027
RHSA-2007:1029
RHSA-2007:1030
SSA:2007-316-01
SUSE-SA:2007:060
USN-542-1
USN-542-2
http://secunia.com/secunia_research/2007-88/advisory/
http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html
http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html
http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html
http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html
http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html
http://www.kde.org/info/security/advisory-20071107-1.txt
https://issues.rpath.com/browse/RPL-1926
xpdf-dctstreamreset-bo(38303)

CWE    1
CWE-119
OVAL    3
oval:org.mitre.oval:def:7985
oval:org.mitre.oval:def:7858
oval:org.mitre.oval:def:7107

© SecPod Technologies