CVE - CVE-2007-5393

CVE-ID
CVE-2007-5393	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Heap-based buffer overflow in the CCITTFaxStream::lookChar method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a PDF file that contains a crafted CCITTFaxDecode filter.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BUGTRAQ:20071107 Secunia Research: Xpdf "Stream.cc" Multiple Vulnerabilities URL:http://www.securityfocus.com/archive/1/483372 MISC:http://secunia.com/secunia_research/2007-88/advisory/ CONFIRM:http://www.kde.org/info/security/advisory-20071107-1.txt CONFIRM:http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html CONFIRM:http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html CONFIRM:http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html CONFIRM:http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html CONFIRM:http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html CONFIRM:http://support.avaya.com/elmodocs2/security/ASA-2007-476.htm CONFIRM:https://issues.rpath.com/browse/RPL-1926 DEBIAN:DSA-1408 URL:http://www.debian.org/security/2007/dsa-1408 DEBIAN:DSA-1480 URL:http://www.debian.org/security/2008/dsa-1480 DEBIAN:DSA-1509 URL:http://www.debian.org/security/2008/dsa-1509 DEBIAN:DSA-1537 URL:http://www.debian.org/security/2008/dsa-1537 FEDORA:FEDORA-2007-3100 URL:https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html FEDORA:FEDORA-2007-3031 URL:https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html FEDORA:FEDORA-2007-3059 URL:https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html FEDORA:FEDORA-2007-4031 URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html FEDORA:FEDORA-2007-3390 URL:https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html FEDORA:FEDORA-2007-750 URL:https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html GENTOO:GLSA-200711-22 URL:http://security.gentoo.org/glsa/glsa-200711-22.xml GENTOO:GLSA-200711-34 URL:http://security.gentoo.org/glsa/glsa-200711-34.xml GENTOO:GLSA-200805-13 URL:http://security.gentoo.org/glsa/glsa-200805-13.xml MANDRIVA:MDKSA-2007:219 URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:219 MANDRIVA:MDKSA-2007:220 URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:220 MANDRIVA:MDKSA-2007:221 URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:221 MANDRIVA:MDKSA-2007:222 URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:222 MANDRIVA:MDKSA-2007:223 URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:223 MANDRIVA:MDKSA-2007:227 URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:227 MANDRIVA:MDKSA-2007:228 URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:228 MANDRIVA:MDKSA-2007:230 URL:http://www.mandriva.com/security/advisories?name=MDKSA-2007:230 REDHAT:RHSA-2007:1021 URL:http://www.redhat.com/support/errata/RHSA-2007-1021.html REDHAT:RHSA-2007:1022 URL:http://www.redhat.com/support/errata/RHSA-2007-1022.html REDHAT:RHSA-2007:1023 URL:http://www.redhat.com/support/errata/RHSA-2007-1023.html REDHAT:RHSA-2007:1025 URL:http://www.redhat.com/support/errata/RHSA-2007-1025.html REDHAT:RHSA-2007:1026 URL:http://www.redhat.com/support/errata/RHSA-2007-1026.html REDHAT:RHSA-2007:1027 URL:http://www.redhat.com/support/errata/RHSA-2007-1027.html REDHAT:RHSA-2007:1028 URL:http://www.redhat.com/support/errata/RHSA-2007-1028.html REDHAT:RHSA-2007:1029 URL:http://www.redhat.com/support/errata/RHSA-2007-1029.html REDHAT:RHSA-2007:1030 URL:http://www.redhat.com/support/errata/RHSA-2007-1030.html REDHAT:RHSA-2007:1031 URL:http://www.redhat.com/support/errata/RHSA-2007-1031.html REDHAT:RHSA-2007:1024 URL:http://www.redhat.com/support/errata/RHSA-2007-1024.html REDHAT:RHSA-2007:1051 URL:http://www.redhat.com/support/errata/RHSA-2007-1051.html SLACKWARE:SSA:2007-316-01 URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.761882 SUSE:SUSE-SA:2007:060 URL:http://www.novell.com/linux/security/advisories/2007_60_pdf.html UBUNTU:USN-542-1 URL:http://www.ubuntu.com/usn/usn-542-1 UBUNTU:USN-542-2 URL:http://www.ubuntu.com/usn/usn-542-2 BID:26367 URL:http://www.securityfocus.com/bid/26367 OVAL:oval:org.mitre.oval:def:9839 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9839 VUPEN:ADV-2007-3774 URL:http://www.vupen.com/english/advisories/2007/3774 VUPEN:ADV-2007-3775 URL:http://www.vupen.com/english/advisories/2007/3775 VUPEN:ADV-2007-3776 URL:http://www.vupen.com/english/advisories/2007/3776 VUPEN:ADV-2007-3779 URL:http://www.vupen.com/english/advisories/2007/3779 VUPEN:ADV-2007-3786 URL:http://www.vupen.com/english/advisories/2007/3786 SECTRACK:1018905 URL:http://www.securitytracker.com/id?1018905 SECUNIA:27260 URL:http://secunia.com/advisories/27260 SECUNIA:27553 URL:http://secunia.com/advisories/27553 SECUNIA:27573 URL:http://secunia.com/advisories/27573 SECUNIA:27574 URL:http://secunia.com/advisories/27574 SECUNIA:27575 URL:http://secunia.com/advisories/27575 SECUNIA:27577 URL:http://secunia.com/advisories/27577 SECUNIA:27578 URL:http://secunia.com/advisories/27578 SECUNIA:27579 URL:http://secunia.com/advisories/27579 SECUNIA:27615 URL:http://secunia.com/advisories/27615 SECUNIA:27637 URL:http://secunia.com/advisories/27637 SECUNIA:27599 URL:http://secunia.com/advisories/27599 SECUNIA:26503 URL:http://secunia.com/advisories/26503 SECUNIA:27618 URL:http://secunia.com/advisories/27618 SECUNIA:27619 URL:http://secunia.com/advisories/27619 SECUNIA:27640 URL:http://secunia.com/advisories/27640 SECUNIA:27641 URL:http://secunia.com/advisories/27641 SECUNIA:27642 URL:http://secunia.com/advisories/27642 SECUNIA:27656 URL:http://secunia.com/advisories/27656 SECUNIA:27632 URL:http://secunia.com/advisories/27632 SECUNIA:27645 URL:http://secunia.com/advisories/27645 SECUNIA:27636 URL:http://secunia.com/advisories/27636 SECUNIA:27634 URL:http://secunia.com/advisories/27634 SECUNIA:27658 URL:http://secunia.com/advisories/27658 SECUNIA:27705 URL:http://secunia.com/advisories/27705 SECUNIA:27721 URL:http://secunia.com/advisories/27721 SECUNIA:27724 URL:http://secunia.com/advisories/27724 SECUNIA:27743 URL:http://secunia.com/advisories/27743 SECUNIA:27772 URL:http://secunia.com/advisories/27772 SECUNIA:27856 URL:http://secunia.com/advisories/27856 SECUNIA:28043 URL:http://secunia.com/advisories/28043 SECUNIA:27718 URL:http://secunia.com/advisories/27718 SECUNIA:28812 URL:http://secunia.com/advisories/28812 SECUNIA:29104 URL:http://secunia.com/advisories/29104 SECUNIA:29604 URL:http://secunia.com/advisories/29604 SECUNIA:30168 URL:http://secunia.com/advisories/30168 XF:xpdf-ccittfaxstreamlookchar-bo(38304) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/38304
Assigning CNA
N/A
Date Entry Created
20071012	Disclaimer: The entry creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20071012)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an entry on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: cve@mitre.org