CVE - CVE-2007-5393

CVE-ID
CVE-2007-5393	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Heap-based buffer overflow in the CCITTFaxStream::lookChar method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a PDF file that contains a crafted CCITTFaxDecode filter.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BID:26367 URL:http://www.securityfocus.com/bid/26367 BUGTRAQ:20071107 Secunia Research: Xpdf "Stream.cc" Multiple Vulnerabilities URL:http://www.securityfocus.com/archive/1/483372 CONFIRM:http://support.avaya.com/elmodocs2/security/ASA-2007-476.htm CONFIRM:http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html CONFIRM:http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html CONFIRM:http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html CONFIRM:http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html CONFIRM:http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html CONFIRM:http://www.kde.org/info/security/advisory-20071107-1.txt CONFIRM:https://issues.rpath.com/browse/RPL-1926 DEBIAN:DSA-1408 URL:http://www.debian.org/security/2007/dsa-1408 DEBIAN:DSA-1480 URL:http://www.debian.org/security/2008/dsa-1480 DEBIAN:DSA-1509 URL:http://www.debian.org/security/2008/dsa-1509 DEBIAN:DSA-1537 URL:http://www.debian.org/security/2008/dsa-1537 FEDORA:FEDORA-2007-3031 URL:https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html FEDORA:FEDORA-2007-3059 URL:https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html FEDORA:FEDORA-2007-3100 URL:https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html FEDORA:FEDORA-2007-3390 URL:https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html FEDORA:FEDORA-2007-4031 URL:https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html FEDORA:FEDORA-2007-750 URL:https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html GENTOO:GLSA-200711-22 URL:http://security.gentoo.org/glsa/glsa-200711-22.xml GENTOO:GLSA-200711-34 URL:http://security.gentoo.org/glsa/glsa-200711-34.xml GENTOO:GLSA-200805-13 URL:http://security.gentoo.org/glsa/glsa-200805-13.xml MANDRIVA:MDKSA-2007:219 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2007:219~~ (Obsolete source) MANDRIVA:MDKSA-2007:220 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2007:220~~ (Obsolete source) MANDRIVA:MDKSA-2007:221 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2007:221~~ (Obsolete source) MANDRIVA:MDKSA-2007:222 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2007:222~~ (Obsolete source) MANDRIVA:MDKSA-2007:223 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2007:223~~ (Obsolete source) MANDRIVA:MDKSA-2007:227 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2007:227~~ (Obsolete source) MANDRIVA:MDKSA-2007:228 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2007:228~~ (Obsolete source) MANDRIVA:MDKSA-2007:230 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2007:230~~ (Obsolete source) MISC:http://secunia.com/secunia_research/2007-88/advisory/ OVAL:oval:org.mitre.oval:def:9839 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9839 REDHAT:RHSA-2007:1021 URL:http://www.redhat.com/support/errata/RHSA-2007-1021.html REDHAT:RHSA-2007:1022 URL:http://www.redhat.com/support/errata/RHSA-2007-1022.html REDHAT:RHSA-2007:1023 URL:http://www.redhat.com/support/errata/RHSA-2007-1023.html REDHAT:RHSA-2007:1024 URL:http://www.redhat.com/support/errata/RHSA-2007-1024.html REDHAT:RHSA-2007:1025 URL:http://www.redhat.com/support/errata/RHSA-2007-1025.html REDHAT:RHSA-2007:1026 URL:http://www.redhat.com/support/errata/RHSA-2007-1026.html REDHAT:RHSA-2007:1027 URL:http://www.redhat.com/support/errata/RHSA-2007-1027.html REDHAT:RHSA-2007:1028 URL:http://www.redhat.com/support/errata/RHSA-2007-1028.html REDHAT:RHSA-2007:1029 URL:http://www.redhat.com/support/errata/RHSA-2007-1029.html REDHAT:RHSA-2007:1030 URL:http://www.redhat.com/support/errata/RHSA-2007-1030.html REDHAT:RHSA-2007:1031 URL:http://www.redhat.com/support/errata/RHSA-2007-1031.html REDHAT:RHSA-2007:1051 URL:http://www.redhat.com/support/errata/RHSA-2007-1051.html SECTRACK:1018905 URL:http://www.securitytracker.com/id?1018905 SECUNIA:26503 URL:http://secunia.com/advisories/26503 SECUNIA:27260 URL:http://secunia.com/advisories/27260 SECUNIA:27553 URL:http://secunia.com/advisories/27553 SECUNIA:27573 URL:http://secunia.com/advisories/27573 SECUNIA:27574 URL:http://secunia.com/advisories/27574 SECUNIA:27575 URL:http://secunia.com/advisories/27575 SECUNIA:27577 URL:http://secunia.com/advisories/27577 SECUNIA:27578 URL:http://secunia.com/advisories/27578 SECUNIA:27579 URL:http://secunia.com/advisories/27579 SECUNIA:27599 URL:http://secunia.com/advisories/27599 SECUNIA:27615 URL:http://secunia.com/advisories/27615 SECUNIA:27618 URL:http://secunia.com/advisories/27618 SECUNIA:27619 URL:http://secunia.com/advisories/27619 SECUNIA:27632 URL:http://secunia.com/advisories/27632 SECUNIA:27634 URL:http://secunia.com/advisories/27634 SECUNIA:27636 URL:http://secunia.com/advisories/27636 SECUNIA:27637 URL:http://secunia.com/advisories/27637 SECUNIA:27640 URL:http://secunia.com/advisories/27640 SECUNIA:27641 URL:http://secunia.com/advisories/27641 SECUNIA:27642 URL:http://secunia.com/advisories/27642 SECUNIA:27645 URL:http://secunia.com/advisories/27645 SECUNIA:27656 URL:http://secunia.com/advisories/27656 SECUNIA:27658 URL:http://secunia.com/advisories/27658 SECUNIA:27705 URL:http://secunia.com/advisories/27705 SECUNIA:27718 URL:http://secunia.com/advisories/27718 SECUNIA:27721 URL:http://secunia.com/advisories/27721 SECUNIA:27724 URL:http://secunia.com/advisories/27724 SECUNIA:27743 URL:http://secunia.com/advisories/27743 SECUNIA:27772 URL:http://secunia.com/advisories/27772 SECUNIA:27856 URL:http://secunia.com/advisories/27856 SECUNIA:28043 URL:http://secunia.com/advisories/28043 SECUNIA:28812 URL:http://secunia.com/advisories/28812 SECUNIA:29104 URL:http://secunia.com/advisories/29104 SECUNIA:29604 URL:http://secunia.com/advisories/29604 SECUNIA:30168 URL:http://secunia.com/advisories/30168 SLACKWARE:SSA:2007-316-01 URL:http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.761882 SUSE:SUSE-SA:2007:060 URL:http://www.novell.com/linux/security/advisories/2007_60_pdf.html UBUNTU:USN-542-1 URL:http://www.ubuntu.com/usn/usn-542-1 UBUNTU:USN-542-2 URL:http://www.ubuntu.com/usn/usn-542-2 VUPEN:ADV-2007-3774 URL:~~http://www.vupen.com/english/advisories/2007/3774~~ (Obsolete source) VUPEN:ADV-2007-3775 URL:~~http://www.vupen.com/english/advisories/2007/3775~~ (Obsolete source) VUPEN:ADV-2007-3776 URL:~~http://www.vupen.com/english/advisories/2007/3776~~ (Obsolete source) VUPEN:ADV-2007-3779 URL:~~http://www.vupen.com/english/advisories/2007/3779~~ (Obsolete source) VUPEN:ADV-2007-3786 URL:~~http://www.vupen.com/english/advisories/2007/3786~~ (Obsolete source) XF:xpdf-ccittfaxstreamlookchar-bo(38304) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/38304
Assigning CNA
Flexera Software LLC
Date Record Created
20071012	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20071012)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)