ID CVE-2007-3387
Summary Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf before 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote attackers to execute arbitrary code via a crafted PDF file that triggers a stack-based buffer overflow in the StreamPredictor::getNextLine function.
References
Vulnerable Configurations
  • cpe:2.3:o:redhat:enterprise_linux:4.0:*:as:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux:4.0:*:as:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux:4.0:*:es:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux:4.0:*:es:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux:4.0:*:ws:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux:4.0:*:ws:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:easy_software_products:cups:*:*:*:*:*:*:*:*
    cpe:2.3:a:easy_software_products:cups:*:*:*:*:*:*:*:*
  • cpe:2.3:a:gnome:gpdf:*:*:*:*:*:*:*:*
    cpe:2.3:a:gnome:gpdf:*:*:*:*:*:*:*:*
  • cpe:2.3:a:kde:kdegraphics:*:*:*:*:*:*:*:*
    cpe:2.3:a:kde:kdegraphics:*:*:*:*:*:*:*:*
  • cpe:2.3:a:kde:kpdf:*:*:*:*:*:*:*:*
    cpe:2.3:a:kde:kpdf:*:*:*:*:*:*:*:*
  • cpe:2.3:a:pdfedit:pdfedit:*:*:*:*:*:*:*:*
    cpe:2.3:a:pdfedit:pdfedit:*:*:*:*:*:*:*:*
  • cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*
    cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*
  • cpe:2.3:a:xpdf:xpdf:3.02:*:*:*:*:*:*:*
    cpe:2.3:a:xpdf:xpdf:3.02:*:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 16-10-2018 - 16:48)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
oval via4
accepted 2013-04-29T04:11:52.378-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 3
    oval oval:org.mitre.oval:def:11782
  • comment CentOS Linux 3.x
    oval oval:org.mitre.oval:def:16651
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
  • comment The operating system installed on the system is Red Hat Enterprise Linux 5
    oval oval:org.mitre.oval:def:11414
  • comment The operating system installed on the system is CentOS Linux 5.x
    oval oval:org.mitre.oval:def:15802
  • comment Oracle Linux 5.x
    oval oval:org.mitre.oval:def:15459
description Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf before 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote attackers to execute arbitrary code via a crafted PDF file that triggers a stack-based buffer overflow in the StreamPredictor::getNextLine function.
family unix
id oval:org.mitre.oval:def:11149
status accepted
submitted 2010-07-09T03:56:16-04:00
title Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf before 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote attackers to execute arbitrary code via a crafted PDF file that triggers a stack-based buffer overflow in the StreamPredictor::getNextLine function.
version 24
redhat via4
advisories
  • bugzilla
    id 248194
    title CVE-2007-3387 xpdf integer overflow
    oval
    OR
    • AND
      • comment Red Hat Enterprise Linux 3 is installed
        oval oval:com.redhat.rhba:tst:20070026001
      • OR
        • AND
          • comment cups is earlier than 1:1.1.17-13.3.45
            oval oval:com.redhat.rhsa:tst:20070720002
          • comment cups is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070123003
        • AND
          • comment cups-devel is earlier than 1:1.1.17-13.3.45
            oval oval:com.redhat.rhsa:tst:20070720004
          • comment cups-devel is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070123007
        • AND
          • comment cups-libs is earlier than 1:1.1.17-13.3.45
            oval oval:com.redhat.rhsa:tst:20070720006
          • comment cups-libs is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070123005
    • AND
      • comment Red Hat Enterprise Linux 4 is installed
        oval oval:com.redhat.rhba:tst:20070304001
      • OR
        • AND
          • comment cups is earlier than 1:1.1.22-0.rc1.9.20.2
            oval oval:com.redhat.rhsa:tst:20070720009
          • comment cups is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070123003
        • AND
          • comment cups-devel is earlier than 1:1.1.22-0.rc1.9.20.2
            oval oval:com.redhat.rhsa:tst:20070720010
          • comment cups-devel is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070123007
        • AND
          • comment cups-libs is earlier than 1:1.1.22-0.rc1.9.20.2
            oval oval:com.redhat.rhsa:tst:20070720011
          • comment cups-libs is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070123005
    • AND
      • comment Red Hat Enterprise Linux 5 is installed
        oval oval:com.redhat.rhba:tst:20070331001
      • OR
        • AND
          • comment cups is earlier than 1:1.2.4-11.5.3.el5
            oval oval:com.redhat.rhsa:tst:20070720013
          • comment cups is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070123014
        • AND
          • comment cups-devel is earlier than 1:1.2.4-11.5.3.el5
            oval oval:com.redhat.rhsa:tst:20070720017
          • comment cups-devel is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070123020
        • AND
          • comment cups-libs is earlier than 1:1.2.4-11.5.3.el5
            oval oval:com.redhat.rhsa:tst:20070720019
          • comment cups-libs is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070123018
        • AND
          • comment cups-lpd is earlier than 1:1.2.4-11.5.3.el5
            oval oval:com.redhat.rhsa:tst:20070720015
          • comment cups-lpd is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070123016
    rhsa
    id RHSA-2007:0720
    released 2007-07-30
    severity Important
    title RHSA-2007:0720: cups security update (Important)
  • bugzilla
    id 248194
    title CVE-2007-3387 xpdf integer overflow
    oval
    OR
    • AND
      • comment Red Hat Enterprise Linux 4 is installed
        oval oval:com.redhat.rhba:tst:20070304001
      • OR
        • AND
          • comment kdegraphics is earlier than 7:3.3.1-4.RHEL4
            oval oval:com.redhat.rhsa:tst:20070729002
          • comment kdegraphics is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070729003
        • AND
          • comment kdegraphics-devel is earlier than 7:3.3.1-4.RHEL4
            oval oval:com.redhat.rhsa:tst:20070729004
          • comment kdegraphics-devel is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070729005
    • AND
      • comment Red Hat Enterprise Linux 5 is installed
        oval oval:com.redhat.rhba:tst:20070331001
      • OR
        • AND
          • comment kdegraphics is earlier than 7:3.5.4-2.el5
            oval oval:com.redhat.rhsa:tst:20070729007
          • comment kdegraphics is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070729008
        • AND
          • comment kdegraphics-devel is earlier than 7:3.5.4-2.el5
            oval oval:com.redhat.rhsa:tst:20070729009
          • comment kdegraphics-devel is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070729010
    rhsa
    id RHSA-2007:0729
    released 2007-07-30
    severity Important
    title RHSA-2007:0729: kdegraphics security update (Important)
  • bugzilla
    id 248194
    title CVE-2007-3387 xpdf integer overflow
    oval
    AND
    • comment Red Hat Enterprise Linux 4 is installed
      oval oval:com.redhat.rhba:tst:20070304001
    • comment gpdf is earlier than 0:2.8.2-7.7
      oval oval:com.redhat.rhsa:tst:20070730002
    • comment gpdf is signed with Red Hat master key
      oval oval:com.redhat.rhsa:tst:20070730003
    rhsa
    id RHSA-2007:0730
    released 2007-07-30
    severity Important
    title RHSA-2007:0730: gpdf security update (Important)
  • bugzilla
    id 248194
    title CVE-2007-3387 xpdf integer overflow
    oval
    OR
    • AND
      • comment Red Hat Enterprise Linux 3 is installed
        oval oval:com.redhat.rhba:tst:20070026001
      • OR
        • AND
          • comment tetex is earlier than 0:1.0.7-67.10
            oval oval:com.redhat.rhsa:tst:20070731002
          • comment tetex is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070731003
        • AND
          • comment tetex-afm is earlier than 0:1.0.7-67.10
            oval oval:com.redhat.rhsa:tst:20070731010
          • comment tetex-afm is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070731011
        • AND
          • comment tetex-dvips is earlier than 0:1.0.7-67.10
            oval oval:com.redhat.rhsa:tst:20070731006
          • comment tetex-dvips is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070731007
        • AND
          • comment tetex-fonts is earlier than 0:1.0.7-67.10
            oval oval:com.redhat.rhsa:tst:20070731012
          • comment tetex-fonts is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070731013
        • AND
          • comment tetex-latex is earlier than 0:1.0.7-67.10
            oval oval:com.redhat.rhsa:tst:20070731004
          • comment tetex-latex is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070731005
        • AND
          • comment tetex-xdvi is earlier than 0:1.0.7-67.10
            oval oval:com.redhat.rhsa:tst:20070731008
          • comment tetex-xdvi is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070731009
    • AND
      • comment Red Hat Enterprise Linux 4 is installed
        oval oval:com.redhat.rhba:tst:20070304001
      • OR
        • AND
          • comment tetex is earlier than 0:2.0.2-22.0.1.EL4.8
            oval oval:com.redhat.rhsa:tst:20070731015
          • comment tetex is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070731003
        • AND
          • comment tetex-afm is earlier than 0:2.0.2-22.0.1.EL4.8
            oval oval:com.redhat.rhsa:tst:20070731020
          • comment tetex-afm is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070731011
        • AND
          • comment tetex-doc is earlier than 0:2.0.2-22.0.1.EL4.8
            oval oval:com.redhat.rhsa:tst:20070731017
          • comment tetex-doc is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070731018
        • AND
          • comment tetex-dvips is earlier than 0:2.0.2-22.0.1.EL4.8
            oval oval:com.redhat.rhsa:tst:20070731021
          • comment tetex-dvips is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070731007
        • AND
          • comment tetex-fonts is earlier than 0:2.0.2-22.0.1.EL4.8
            oval oval:com.redhat.rhsa:tst:20070731016
          • comment tetex-fonts is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070731013
        • AND
          • comment tetex-latex is earlier than 0:2.0.2-22.0.1.EL4.8
            oval oval:com.redhat.rhsa:tst:20070731022
          • comment tetex-latex is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070731005
        • AND
          • comment tetex-xdvi is earlier than 0:2.0.2-22.0.1.EL4.8
            oval oval:com.redhat.rhsa:tst:20070731019
          • comment tetex-xdvi is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070731009
    • AND
      • comment Red Hat Enterprise Linux 5 is installed
        oval oval:com.redhat.rhba:tst:20070331001
      • OR
        • AND
          • comment tetex is earlier than 0:3.0-33.1.el5
            oval oval:com.redhat.rhsa:tst:20070731024
          • comment tetex is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070731025
        • AND
          • comment tetex-afm is earlier than 0:3.0-33.1.el5
            oval oval:com.redhat.rhsa:tst:20070731036
          • comment tetex-afm is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070731037
        • AND
          • comment tetex-doc is earlier than 0:3.0-33.1.el5
            oval oval:com.redhat.rhsa:tst:20070731030
          • comment tetex-doc is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070731031
        • AND
          • comment tetex-dvips is earlier than 0:3.0-33.1.el5
            oval oval:com.redhat.rhsa:tst:20070731032
          • comment tetex-dvips is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070731033
        • AND
          • comment tetex-fonts is earlier than 0:3.0-33.1.el5
            oval oval:com.redhat.rhsa:tst:20070731034
          • comment tetex-fonts is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070731035
        • AND
          • comment tetex-latex is earlier than 0:3.0-33.1.el5
            oval oval:com.redhat.rhsa:tst:20070731026
          • comment tetex-latex is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070731027
        • AND
          • comment tetex-xdvi is earlier than 0:3.0-33.1.el5
            oval oval:com.redhat.rhsa:tst:20070731028
          • comment tetex-xdvi is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070731029
    rhsa
    id RHSA-2007:0731
    released 2007-08-01
    severity Important
    title RHSA-2007:0731: tetex security update (Important)
  • bugzilla
    id 248194
    title CVE-2007-3387 xpdf integer overflow
    oval
    AND
    • comment Red Hat Enterprise Linux 5 is installed
      oval oval:com.redhat.rhba:tst:20070331001
    • OR
      • AND
        • comment poppler is earlier than 0:0.5.4-4.1.el5
          oval oval:com.redhat.rhsa:tst:20070732002
        • comment poppler is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070732003
      • AND
        • comment poppler-devel is earlier than 0:0.5.4-4.1.el5
          oval oval:com.redhat.rhsa:tst:20070732004
        • comment poppler-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070732005
      • AND
        • comment poppler-utils is earlier than 0:0.5.4-4.1.el5
          oval oval:com.redhat.rhsa:tst:20070732006
        • comment poppler-utils is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20070732007
    rhsa
    id RHSA-2007:0732
    released 2007-07-30
    severity Important
    title RHSA-2007:0732: poppler security update (Important)
  • bugzilla
    id 248194
    title CVE-2007-3387 xpdf integer overflow
    oval
    OR
    • AND
      • comment Red Hat Enterprise Linux 3 is installed
        oval oval:com.redhat.rhba:tst:20070026001
      • comment xpdf is earlier than 1:2.02-10.RHEL3
        oval oval:com.redhat.rhsa:tst:20070735002
      • comment xpdf is signed with Red Hat master key
        oval oval:com.redhat.rhsa:tst:20070735003
    • AND
      • comment Red Hat Enterprise Linux 4 is installed
        oval oval:com.redhat.rhba:tst:20070304001
      • comment xpdf is earlier than 1:3.00-12.RHEL4
        oval oval:com.redhat.rhsa:tst:20070735005
      • comment xpdf is signed with Red Hat master key
        oval oval:com.redhat.rhsa:tst:20070735003
    rhsa
    id RHSA-2007:0735
    released 2007-07-30
    severity Important
    title RHSA-2007:0735: xpdf security update (Important)
rpms
  • cups-1:1.1.17-13.3.45
  • cups-devel-1:1.1.17-13.3.45
  • cups-libs-1:1.1.17-13.3.45
  • cups-1:1.1.22-0.rc1.9.20.2
  • cups-devel-1:1.1.22-0.rc1.9.20.2
  • cups-libs-1:1.1.22-0.rc1.9.20.2
  • cups-1:1.2.4-11.5.3.el5
  • cups-devel-1:1.2.4-11.5.3.el5
  • cups-libs-1:1.2.4-11.5.3.el5
  • cups-lpd-1:1.2.4-11.5.3.el5
  • kdegraphics-7:3.3.1-4.RHEL4
  • kdegraphics-devel-7:3.3.1-4.RHEL4
  • kdegraphics-7:3.5.4-2.el5
  • kdegraphics-devel-7:3.5.4-2.el5
  • gpdf-0:2.8.2-7.7
  • tetex-0:1.0.7-67.10
  • tetex-afm-0:1.0.7-67.10
  • tetex-dvips-0:1.0.7-67.10
  • tetex-fonts-0:1.0.7-67.10
  • tetex-latex-0:1.0.7-67.10
  • tetex-xdvi-0:1.0.7-67.10
  • tetex-0:2.0.2-22.0.1.EL4.8
  • tetex-afm-0:2.0.2-22.0.1.EL4.8
  • tetex-doc-0:2.0.2-22.0.1.EL4.8
  • tetex-dvips-0:2.0.2-22.0.1.EL4.8
  • tetex-fonts-0:2.0.2-22.0.1.EL4.8
  • tetex-latex-0:2.0.2-22.0.1.EL4.8
  • tetex-xdvi-0:2.0.2-22.0.1.EL4.8
  • tetex-0:3.0-33.1.el5
  • tetex-afm-0:3.0-33.1.el5
  • tetex-doc-0:3.0-33.1.el5
  • tetex-dvips-0:3.0-33.1.el5
  • tetex-fonts-0:3.0-33.1.el5
  • tetex-latex-0:3.0-33.1.el5
  • tetex-xdvi-0:3.0-33.1.el5
  • poppler-0:0.5.4-4.1.el5
  • poppler-devel-0:0.5.4-4.1.el5
  • poppler-utils-0:0.5.4-4.1.el5
  • xpdf-1:2.02-10.RHEL3
  • xpdf-1:3.00-12.RHEL4
refmap via4
bid 25124
bugtraq
  • 20070814 FLEA-2007-0044-1 tetex tetex-dvips tetex-fonts
  • 20070814 FLEA-2007-0045-1 poppler
  • 20070816 FLEA-2007-0046-1 cups
confirm
debian
  • DSA-1347
  • DSA-1348
  • DSA-1349
  • DSA-1350
  • DSA-1352
  • DSA-1354
  • DSA-1355
  • DSA-1357
gentoo
  • GLSA-200709-12
  • GLSA-200709-17
  • GLSA-200710-08
  • GLSA-200710-20
  • GLSA-200711-34
  • GLSA-200805-13
mandriva
  • MDKSA-2007:158
  • MDKSA-2007:159
  • MDKSA-2007:160
  • MDKSA-2007:161
  • MDKSA-2007:162
  • MDKSA-2007:163
  • MDKSA-2007:164
  • MDKSA-2007:165
misc
osvdb 40127
sectrack 1018473
secunia
  • 26188
  • 26251
  • 26254
  • 26255
  • 26257
  • 26278
  • 26281
  • 26283
  • 26292
  • 26293
  • 26297
  • 26307
  • 26318
  • 26325
  • 26342
  • 26343
  • 26358
  • 26365
  • 26370
  • 26395
  • 26403
  • 26405
  • 26407
  • 26410
  • 26413
  • 26425
  • 26432
  • 26436
  • 26467
  • 26468
  • 26470
  • 26514
  • 26607
  • 26627
  • 26862
  • 26982
  • 27156
  • 27281
  • 27308
  • 27637
  • 30168
sgi 20070801-01-P
slackware
  • SSA:2007-222-05
  • SSA:2007-316-01
suse
  • SUSE-SR:2007:015
  • SUSE-SR:2007:016
ubuntu
  • USN-496-1
  • USN-496-2
vupen
  • ADV-2007-2704
  • ADV-2007-2705
Last major update 16-10-2018 - 16:48
Published 30-07-2007 - 23:17
Back to Top