CVE - CVE-2007-0104

CVE-ID
CVE-2007-0104	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
The Adobe PDF specification 1.3, as implemented by (a) xpdf 3.0.1 patch 2, (b) kpdf in KDE before 3.5.5, (c) poppler before 0.5.4, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BID:21910 URL:http://www.securityfocus.com/bid/21910 BUGTRAQ:20070116 [KDE Security Advisory] kpdf/kword/xpdf denial of service vulnerability URL:http://www.securityfocus.com/archive/1/457055/100/0/threaded CERT:TA07-072A URL:http://www.us-cert.gov/cas/techalerts/TA07-072A.html CONFIRM:http://docs.info.apple.com/article.html?artnum=305214 CONFIRM:http://support.novell.com/techcenter/psdb/44d7cb9b669d58e0ce5aa5d7ab2c7c53.html CONFIRM:http://www.kde.org/info/security/advisory-20070115-1.txt CONFIRM:https://issues.rpath.com/browse/RPL-964 MANDRIVA:MDKSA-2007:018 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2007:018~~ (Obsolete source) MANDRIVA:MDKSA-2007:019 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2007:019~~ (Obsolete source) MANDRIVA:MDKSA-2007:020 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2007:020~~ (Obsolete source) MANDRIVA:MDKSA-2007:021 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2007:021~~ (Obsolete source) MANDRIVA:MDKSA-2007:022 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2007:022~~ (Obsolete source) MANDRIVA:MDKSA-2007:024 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2007:024~~ (Obsolete source) MISC:http://projects.info-pull.com/moab/MOAB-06-01-2007.html SECTRACK:1017514 URL:http://securitytracker.com/id?1017514 SECTRACK:1017749 URL:http://www.securitytracker.com/id?1017749 SECUNIA:23791 URL:http://secunia.com/advisories/23791 SECUNIA:23799 URL:http://secunia.com/advisories/23799 SECUNIA:23808 URL:http://secunia.com/advisories/23808 SECUNIA:23813 URL:http://secunia.com/advisories/23813 SECUNIA:23815 URL:http://secunia.com/advisories/23815 SECUNIA:23839 URL:http://secunia.com/advisories/23839 SECUNIA:23844 URL:http://secunia.com/advisories/23844 SECUNIA:23876 URL:http://secunia.com/advisories/23876 SECUNIA:24204 URL:http://secunia.com/advisories/24204 SECUNIA:24479 URL:http://secunia.com/advisories/24479 SUSE:SUSE-SR:2007:003 URL:http://www.novell.com/linux/security/advisories/2007_3_sr.html UBUNTU:USN-410-1 URL:http://www.ubuntu.com/usn/usn-410-1 UBUNTU:USN-410-2 URL:http://www.ubuntu.com/usn/usn-410-2 VUPEN:ADV-2007-0203 URL:~~http://www.vupen.com/english/advisories/2007/0203~~ (Obsolete source) VUPEN:ADV-2007-0212 URL:~~http://www.vupen.com/english/advisories/2007/0212~~ (Obsolete source) VUPEN:ADV-2007-0244 URL:~~http://www.vupen.com/english/advisories/2007/0244~~ (Obsolete source) VUPEN:ADV-2007-0930 URL:~~http://www.vupen.com/english/advisories/2007/0930~~ (Obsolete source) XF:multiple-vendor-pdf-code-execution(31364) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/31364
Assigning CNA
MITRE Corporation
Date Record Created
20070108	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20070108)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)