CVE-2007-0104 Information
Description
The Adobe PDF specification 1.3 as implemented by (a) xpdf 3.0.1 patch 2 (b) kpdf in KDE before 3.5.5 (c) poppler before 0.5.4 and other products allows remote attackers to have an unknown impact possibly including denial of service (infinite loop) arbitrary code execution or memory corruption via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node.
Reference
http://docs.info.apple.com/article.html?artnum=305214 http://projects.info-pull.com/moab/MOAB-06-01-2007.html http://secunia.com/advisories/23791 http://secunia.com/advisories/23799 http://secunia.com/advisories/23808 http://secunia.com/advisories/23813 http://secunia.com/advisories/23815 http://secunia.com/advisories/23839 http://secunia.com/advisories/23844 http://secunia.com/advisories/23876 http://secunia.com/advisories/24204 http://secunia.com/advisories/24479 http://securitytracker.com/id?1017514 http://support.novell.com/techcenter/psdb/44d7cb9b669d58e0ce5aa5d7ab2c7c53.html http://www.kde.org/info/security/advisory-20070115-1.txt http://www.mandriva.com/security/advisories?name=MDKSA-2007:018 http://www.mandriva.com/security/advisories?name=MDKSA-2007:019 http://www.mandriva.com/security/advisories?name=MDKSA-2007:020 http://www.mandriva.com/security/advisories?name=MDKSA-2007:021 http://www.mandriva.com/security/advisories?name=MDKSA-2007:022 http://www.mandriva.com/security/advisories?name=MDKSA-2007:024 http://www.novell.com/linux/security/advisories/2007_3_sr.html http://www.securityfocus.com/archive/1/457055/100/0/threaded http://www.securityfocus.com/bid/21910 http://www.securitytracker.com/id?1017749 http://www.ubuntu.com/usn/usn-410-1 http://www.ubuntu.com/usn/usn-410-2 http://www.us-cert.gov/cas/techalerts/TA07-072A.html http://www.vupen.com/english/advisories/2007/0203 http://www.vupen.com/english/advisories/2007/0212 http://www.vupen.com/english/advisories/2007/0244 http://www.vupen.com/english/advisories/2007/0930 https://exchange.xforce.ibmcloud.com/vulnerabilities/31364 https://issues.rpath.com/browse/RPL-964
Share on: