CVE - CVE-2007-3387

CVE-ID
CVE-2007-3387	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf before 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote attackers to execute arbitrary code via a crafted PDF file that triggers a stack-based buffer overflow in the StreamPredictor::getNextLine function.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:1018473 URL:http://www.securitytracker.com/id?1018473 MISC:20070801-01-P URL:ftp://patches.sgi.com/support/free/security/advisories/20070801-01-P.asc MISC:20070814 FLEA-2007-0044-1 tetex tetex-dvips tetex-fonts URL:http://www.securityfocus.com/archive/1/476508/100/0/threaded MISC:20070814 FLEA-2007-0045-1 poppler URL:http://www.securityfocus.com/archive/1/476519/30/5400/threaded MISC:20070816 FLEA-2007-0046-1 cups URL:http://www.securityfocus.com/archive/1/476765/30/5340/threaded MISC:25124 URL:http://www.securityfocus.com/bid/25124 MISC:26188 URL:http://secunia.com/advisories/26188 MISC:26251 URL:http://secunia.com/advisories/26251 MISC:26254 URL:http://secunia.com/advisories/26254 MISC:26255 URL:http://secunia.com/advisories/26255 MISC:26257 URL:http://secunia.com/advisories/26257 MISC:26278 URL:http://secunia.com/advisories/26278 MISC:26281 URL:http://secunia.com/advisories/26281 MISC:26283 URL:http://secunia.com/advisories/26283 MISC:26292 URL:http://secunia.com/advisories/26292 MISC:26293 URL:http://secunia.com/advisories/26293 MISC:26297 URL:http://secunia.com/advisories/26297 MISC:26307 URL:http://secunia.com/advisories/26307 MISC:26318 URL:http://secunia.com/advisories/26318 MISC:26325 URL:http://secunia.com/advisories/26325 MISC:26342 URL:http://secunia.com/advisories/26342 MISC:26343 URL:http://secunia.com/advisories/26343 MISC:26358 URL:http://secunia.com/advisories/26358 MISC:26365 URL:http://secunia.com/advisories/26365 MISC:26370 URL:http://secunia.com/advisories/26370 MISC:26395 URL:http://secunia.com/advisories/26395 MISC:26403 URL:http://secunia.com/advisories/26403 MISC:26405 URL:http://secunia.com/advisories/26405 MISC:26407 URL:http://secunia.com/advisories/26407 MISC:26410 URL:http://secunia.com/advisories/26410 MISC:26413 URL:http://secunia.com/advisories/26413 MISC:26425 URL:http://secunia.com/advisories/26425 MISC:26432 URL:http://secunia.com/advisories/26432 MISC:26436 URL:http://secunia.com/advisories/26436 MISC:26467 URL:http://secunia.com/advisories/26467 MISC:26468 URL:http://secunia.com/advisories/26468 MISC:26470 URL:http://secunia.com/advisories/26470 MISC:26514 URL:http://secunia.com/advisories/26514 MISC:26607 URL:http://secunia.com/advisories/26607 MISC:26627 URL:http://secunia.com/advisories/26627 MISC:26862 URL:http://secunia.com/advisories/26862 MISC:26982 URL:http://secunia.com/advisories/26982 MISC:27156 URL:http://secunia.com/advisories/27156 MISC:27281 URL:http://secunia.com/advisories/27281 MISC:27308 URL:http://secunia.com/advisories/27308 MISC:27637 URL:http://secunia.com/advisories/27637 MISC:30168 URL:http://secunia.com/advisories/30168 MISC:40127 URL:~~http://osvdb.org/40127~~ (Obsolete source) MISC:ADV-2007-2704 URL:~~http://www.vupen.com/english/advisories/2007/2704~~ (Obsolete source) MISC:ADV-2007-2705 URL:~~http://www.vupen.com/english/advisories/2007/2705~~ (Obsolete source) MISC:DSA-1347 URL:http://www.debian.org/security/2007/dsa-1347 MISC:DSA-1348 URL:http://www.debian.org/security/2007/dsa-1348 MISC:DSA-1349 URL:http://www.debian.org/security/2007/dsa-1349 MISC:DSA-1350 URL:http://www.debian.org/security/2007/dsa-1350 MISC:DSA-1352 URL:http://www.debian.org/security/2007/dsa-1352 MISC:DSA-1354 URL:http://www.debian.org/security/2007/dsa-1354 MISC:DSA-1355 URL:http://www.debian.org/security/2007/dsa-1355 MISC:DSA-1357 URL:http://www.debian.org/security/2007/dsa-1357 MISC:GLSA-200709-12 URL:http://security.gentoo.org/glsa/glsa-200709-12.xml MISC:GLSA-200709-17 URL:http://security.gentoo.org/glsa/glsa-200709-17.xml MISC:GLSA-200710-08 URL:http://www.gentoo.org/security/en/glsa/glsa-200710-08.xml MISC:GLSA-200710-20 URL:http://security.gentoo.org/glsa/glsa-200710-20.xml MISC:GLSA-200711-34 URL:http://security.gentoo.org/glsa/glsa-200711-34.xml MISC:GLSA-200805-13 URL:http://security.gentoo.org/glsa/glsa-200805-13.xml MISC:MDKSA-2007:158 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2007:158~~ (Obsolete source) MISC:MDKSA-2007:159 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2007:159~~ (Obsolete source) MISC:MDKSA-2007:160 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2007:160~~ (Obsolete source) MISC:MDKSA-2007:161 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2007:161~~ (Obsolete source) MISC:MDKSA-2007:162 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2007:162~~ (Obsolete source) MISC:MDKSA-2007:163 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2007:163~~ (Obsolete source) MISC:MDKSA-2007:164 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2007:164~~ (Obsolete source) MISC:MDKSA-2007:165 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2007:165~~ (Obsolete source) MISC:RHSA-2007:0720 URL:http://www.redhat.com/support/errata/RHSA-2007-0720.html MISC:RHSA-2007:0729 URL:http://www.redhat.com/support/errata/RHSA-2007-0729.html MISC:RHSA-2007:0730 URL:http://www.redhat.com/support/errata/RHSA-2007-0730.html MISC:RHSA-2007:0731 URL:http://www.redhat.com/support/errata/RHSA-2007-0731.html MISC:RHSA-2007:0732 URL:http://www.redhat.com/support/errata/RHSA-2007-0732.html MISC:RHSA-2007:0735 URL:http://www.redhat.com/support/errata/RHSA-2007-0735.html MISC:SSA:2007-222-05 URL:http://www.slackware.org/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.423670 MISC:SSA:2007-316-01 URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.761882 MISC:SUSE-SR:2007:015 URL:http://www.novell.com/linux/security/advisories/2007_15_sr.html MISC:SUSE-SR:2007:016 URL:http://www.novell.com/linux/security/advisories/2007_16_sr.html MISC:USN-496-1 URL:http://www.ubuntu.com/usn/usn-496-1 MISC:USN-496-2 URL:http://www.ubuntu.com/usn/usn-496-2 MISC:ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl1.patch URL:ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl1.patch MISC:http://bugs.gentoo.org/show_bug.cgi?id=187139 URL:http://bugs.gentoo.org/show_bug.cgi?id=187139 MISC:http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=248194 URL:http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=248194 MISC:http://sourceforge.net/project/shownotes.php?release_id=535497 URL:http://sourceforge.net/project/shownotes.php?release_id=535497 MISC:http://support.avaya.com/elmodocs2/security/ASA-2007-401.htm URL:http://support.avaya.com/elmodocs2/security/ASA-2007-401.htm MISC:http://www.kde.org/info/security/advisory-20070730-1.txt URL:http://www.kde.org/info/security/advisory-20070730-1.txt MISC:https://issues.foresightlinux.org/browse/FL-471 URL:https://issues.foresightlinux.org/browse/FL-471 MISC:https://issues.rpath.com/browse/RPL-1596 URL:https://issues.rpath.com/browse/RPL-1596 MISC:https://issues.rpath.com/browse/RPL-1604 URL:https://issues.rpath.com/browse/RPL-1604 MISC:oval:org.mitre.oval:def:11149 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11149
Assigning CNA
Red Hat, Inc.
Date Record Created
20070625	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20070625)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)