[Forgot Password]
Login  Register Subscribe

23631

 
 

126941

 
 

98250

 
 

909

 
 

79281

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2007-5392

Date: (C)2007-11-07   (M)2017-11-18 


Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a crafted PDF file, resulting in a heap-based buffer overflow.

CVSS Score: 9.3Access Vector: NETWORK
Exploit Score: 8.6Access Complexity: MEDIUM
Impact Score: 10.0Authentication: NONE
 Confidentiality: COMPLETE
 Integrity: COMPLETE
 Availability: COMPLETE





Reference:
SECTRACK-1018905
http://www.securityfocus.com/archive/1/483372
http://www.securityfocus.com/archive/1/483372
BID-26367
SECUNIA-26503
SECUNIA-27260
SECUNIA-27553
SECUNIA-27573
SECUNIA-27574
SECUNIA-27575
SECUNIA-27577
SECUNIA-27578
SECUNIA-27599
SECUNIA-27615
SECUNIA-27618
SECUNIA-27619
SECUNIA-27632
SECUNIA-27634
SECUNIA-27636
SECUNIA-27637
SECUNIA-27640
SECUNIA-27641
SECUNIA-27642
SECUNIA-27645
SECUNIA-27656
SECUNIA-27658
SECUNIA-27705
SECUNIA-27721
SECUNIA-27724
SECUNIA-27743
SECUNIA-27856
SECUNIA-28043
SECUNIA-28812
SECUNIA-29104
SECUNIA-29604
SECUNIA-30168
ADV-2007-3774
ADV-2007-3775
ADV-2007-3776
ADV-2007-3779
ADV-2007-3786
DSA-1480
DSA-1509
DSA-1537
FEDORA-2007-3031
FEDORA-2007-3059
FEDORA-2007-3100
FEDORA-2007-3390
FEDORA-2007-4031
FEDORA-2007-750
GLSA-200711-22
GLSA-200711-34
GLSA-200805-13
MDKSA-2007:219
MDKSA-2007:220
MDKSA-2007:221
MDKSA-2007:222
MDKSA-2007:223
MDKSA-2007:227
MDKSA-2007:228
MDKSA-2007:230
RHSA-2007:1021
RHSA-2007:1022
RHSA-2007:1024
RHSA-2007:1025
RHSA-2007:1026
RHSA-2007:1027
RHSA-2007:1029
RHSA-2007:1030
SSA:2007-316-01
SUSE-SA:2007:060
USN-542-1
USN-542-2
http://secunia.com/secunia_research/2007-88/advisory/
http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html
http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html
http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html
http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html
http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html
http://www.kde.org/info/security/advisory-20071107-1.txt
https://issues.rpath.com/browse/RPL-1926
xpdf-dctstreamreset-bo(38303)

CWE    1
CWE-119
OVAL    3
oval:org.mitre.oval:def:7985
oval:org.mitre.oval:def:7858
oval:org.mitre.oval:def:7107

© 2013 SecPod Technologies