CVE-2007-3387

MEDIUM

Description

Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf before 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote attackers to execute arbitrary code via a crafted PDF file that triggers a stack-based buffer overflow in the StreamPredictor::getNextLine function.

References

ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl1.patch

ftp://patches.sgi.com/support/free/security/advisories/20070801-01-P.asc

http://bugs.gentoo.org/show_bug.cgi?id=187139

http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=248194

http://osvdb.org/40127

http://secunia.com/advisories/26188

http://secunia.com/advisories/26251

http://secunia.com/advisories/26254

http://secunia.com/advisories/26255

http://secunia.com/advisories/26257

http://secunia.com/advisories/26278

http://secunia.com/advisories/26281

http://secunia.com/advisories/26283

http://secunia.com/advisories/26292

http://secunia.com/advisories/26293

http://secunia.com/advisories/26297

http://secunia.com/advisories/26307

http://secunia.com/advisories/26318

http://secunia.com/advisories/26325

http://secunia.com/advisories/26342

http://secunia.com/advisories/26343

http://secunia.com/advisories/26358

http://secunia.com/advisories/26365

http://secunia.com/advisories/26370

http://secunia.com/advisories/26395

http://secunia.com/advisories/26403

http://secunia.com/advisories/26405

http://secunia.com/advisories/26407

http://secunia.com/advisories/26410

http://secunia.com/advisories/26413

http://secunia.com/advisories/26425

http://secunia.com/advisories/26432

http://secunia.com/advisories/26436

http://secunia.com/advisories/26467

http://secunia.com/advisories/26468

http://secunia.com/advisories/26470

http://secunia.com/advisories/26514

http://secunia.com/advisories/26607

http://secunia.com/advisories/26627

http://secunia.com/advisories/26862

http://secunia.com/advisories/26982

http://secunia.com/advisories/27156

http://secunia.com/advisories/27281

http://secunia.com/advisories/27308

http://secunia.com/advisories/27637

http://secunia.com/advisories/30168

http://security.gentoo.org/glsa/glsa-200709-12.xml

http://security.gentoo.org/glsa/glsa-200709-17.xml

http://security.gentoo.org/glsa/glsa-200710-20.xml

http://security.gentoo.org/glsa/glsa-200711-34.xml

http://security.gentoo.org/glsa/glsa-200805-13.xml

http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.761882

http://sourceforge.net/project/shownotes.php?release_id=535497

http://support.avaya.com/elmodocs2/security/ASA-2007-401.htm

http://www.debian.org/security/2007/dsa-1347

http://www.debian.org/security/2007/dsa-1348

http://www.debian.org/security/2007/dsa-1349

http://www.debian.org/security/2007/dsa-1350

http://www.debian.org/security/2007/dsa-1352

http://www.debian.org/security/2007/dsa-1354

http://www.debian.org/security/2007/dsa-1355

http://www.debian.org/security/2007/dsa-1357

http://www.gentoo.org/security/en/glsa/glsa-200710-08.xml

http://www.kde.org/info/security/advisory-20070730-1.txt

http://www.mandriva.com/security/advisories?name=MDKSA-2007:158

http://www.mandriva.com/security/advisories?name=MDKSA-2007:159

http://www.mandriva.com/security/advisories?name=MDKSA-2007:160

http://www.mandriva.com/security/advisories?name=MDKSA-2007:161

http://www.mandriva.com/security/advisories?name=MDKSA-2007:162

http://www.mandriva.com/security/advisories?name=MDKSA-2007:163

http://www.mandriva.com/security/advisories?name=MDKSA-2007:164

http://www.mandriva.com/security/advisories?name=MDKSA-2007:165

http://www.novell.com/linux/security/advisories/2007_15_sr.html

http://www.novell.com/linux/security/advisories/2007_16_sr.html

http://www.redhat.com/support/errata/RHSA-2007-0720.html

http://www.redhat.com/support/errata/RHSA-2007-0729.html

http://www.redhat.com/support/errata/RHSA-2007-0730.html

http://www.redhat.com/support/errata/RHSA-2007-0731.html

http://www.redhat.com/support/errata/RHSA-2007-0732.html

http://www.redhat.com/support/errata/RHSA-2007-0735.html

http://www.securityfocus.com/archive/1/476508/100/0/threaded

http://www.securityfocus.com/archive/1/476519/30/5400/threaded

http://www.securityfocus.com/archive/1/476765/30/5340/threaded

http://www.securityfocus.com/bid/25124

http://www.securitytracker.com/id?1018473

http://www.slackware.org/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.423670

http://www.ubuntu.com/usn/usn-496-1

http://www.ubuntu.com/usn/usn-496-2

http://www.vupen.com/english/advisories/2007/2704

http://www.vupen.com/english/advisories/2007/2705

https://issues.foresightlinux.org/browse/FL-471

https://issues.rpath.com/browse/RPL-1596

https://issues.rpath.com/browse/RPL-1604

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11149

Details

Source: MITRE

Published: 2007-07-30

Updated: 2018-10-16

Type: CWE-189

Risk Information

CVSS v2.0

Base Score: 6.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 8.6

Severity: MEDIUM