CVE-2007-3387 Information

Feb 14, 2021 cve

Description

Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02 as used in (1) poppler before 0.5.91 (2) gpdf before 2.8.2 (3) kpdf (4) kdegraphics (5) CUPS (6) PDFedit and other products might allow remote attackers to execute arbitrary code via a crafted PDF file that triggers a stack-based buffer overflow in the StreamPredictor::getNextLine function.

Reference

ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl1.patch ftp://patches.sgi.com/support/free/security/advisories/20070801-01-P.asc http://bugs.gentoo.org/show_bug.cgi?id=187139 http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=248194 http://osvdb.org/40127 http://secunia.com/advisories/26188 http://secunia.com/advisories/26251 http://secunia.com/advisories/26254 http://secunia.com/advisories/26255 http://secunia.com/advisories/26257 http://secunia.com/advisories/26278 http://secunia.com/advisories/26281 http://secunia.com/advisories/26283 http://secunia.com/advisories/26292 http://secunia.com/advisories/26293 http://secunia.com/advisories/26297 http://secunia.com/advisories/26307 http://secunia.com/advisories/26318 http://secunia.com/advisories/26325 http://secunia.com/advisories/26342 http://secunia.com/advisories/26343 http://secunia.com/advisories/26358 http://secunia.com/advisories/26365 http://secunia.com/advisories/26370 http://secunia.com/advisories/26395 http://secunia.com/advisories/26403 http://secunia.com/advisories/26405 http://secunia.com/advisories/26407 http://secunia.com/advisories/26410 http://secunia.com/advisories/26413 http://secunia.com/advisories/26425 http://secunia.com/advisories/26432 http://secunia.com/advisories/26436 http://secunia.com/advisories/26467 http://secunia.com/advisories/26468 http://secunia.com/advisories/26470 http://secunia.com/advisories/26514 http://secunia.com/advisories/26607 http://secunia.com/advisories/26627 http://secunia.com/advisories/26862 http://secunia.com/advisories/26982 http://secunia.com/advisories/27156 http://secunia.com/advisories/27281 http://secunia.com/advisories/27308 http://secunia.com/advisories/27637 http://secunia.com/advisories/30168 http://security.gentoo.org/glsa/glsa-200709-12.xml http://security.gentoo.org/glsa/glsa-200709-17.xml http://security.gentoo.org/glsa/glsa-200710-20.xml http://security.gentoo.org/glsa/glsa-200711-34.xml http://security.gentoo.org/glsa/glsa-200805-13.xml http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.761882 http://sourceforge.net/project/shownotes.php?release_id=535497 http://support.avaya.com/elmodocs2/security/ASA-2007-401.htm http://www.debian.org/security/2007/dsa-1347 http://www.debian.org/security/2007/dsa-1348 http://www.debian.org/security/2007/dsa-1349 http://www.debian.org/security/2007/dsa-1350 http://www.debian.org/security/2007/dsa-1352 http://www.debian.org/security/2007/dsa-1354 http://www.debian.org/security/2007/dsa-1355 http://www.debian.org/security/2007/dsa-1357 http://www.gentoo.org/security/en/glsa/glsa-200710-08.xml http://www.kde.org/info/security/advisory-20070730-1.txt http://www.mandriva.com/security/advisories?name=MDKSA-2007:158 http://www.mandriva.com/security/advisories?name=MDKSA-2007:159 http://www.mandriva.com/security/advisories?name=MDKSA-2007:160 http://www.mandriva.com/security/advisories?name=MDKSA-2007:161 http://www.mandriva.com/security/advisories?name=MDKSA-2007:162 http://www.mandriva.com/security/advisories?name=MDKSA-2007:163 http://www.mandriva.com/security/advisories?name=MDKSA-2007:164 http://www.mandriva.com/security/advisories?name=MDKSA-2007:165 http://www.novell.com/linux/security/advisories/2007_15_sr.html http://www.novell.com/linux/security/advisories/2007_16_sr.html http://www.redhat.com/support/errata/RHSA-2007-0720.html http://www.redhat.com/support/errata/RHSA-2007-0729.html http://www.redhat.com/support/errata/RHSA-2007-0730.html http://www.redhat.com/support/errata/RHSA-2007-0731.html http://www.redhat.com/support/errata/RHSA-2007-0732.html http://www.redhat.com/support/errata/RHSA-2007-0735.html http://www.securityfocus.com/archive/1/476508/100/0/threaded http://www.securityfocus.com/archive/1/476519/30/5400/threaded http://www.securityfocus.com/archive/1/476765/30/5340/threaded http://www.securityfocus.com/bid/25124 http://www.securitytracker.com/id?1018473 http://www.slackware.org/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.423670 http://www.ubuntu.com/usn/usn-496-1 http://www.ubuntu.com/usn/usn-496-2 http://www.vupen.com/english/advisories/2007/2704 http://www.vupen.com/english/advisories/2007/2705 https://issues.foresightlinux.org/browse/FL-471 https://issues.rpath.com/browse/RPL-1596 https://issues.rpath.com/browse/RPL-1604 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A11149

Share on: