ID CVE-2007-4352
Summary Array index error in the DCTStream::readProgressiveDataUnit method in xpdf/Stream.cc in Xpdf 3.02pl1, as used in poppler, teTeX, KDE, KOffice, CUPS, and other products, allows remote attackers to trigger memory corruption and execute arbitrary code via a crafted PDF file.
References
Vulnerable Configurations
  • cpe:2.3:a:xpdf:xpdf:3.0.1_pl1:*:*:*:*:*:*:*
    cpe:2.3:a:xpdf:xpdf:3.0.1_pl1:*:*:*:*:*:*:*
CVSS
Base: 7.6 (as of 29-09-2017 - 01:29)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK HIGH NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:H/Au:N/C:C/I:C/A:C
oval via4
accepted 2013-04-29T04:23:50.604-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 3
    oval oval:org.mitre.oval:def:11782
  • comment CentOS Linux 3.x
    oval oval:org.mitre.oval:def:16651
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
  • comment The operating system installed on the system is Red Hat Enterprise Linux 5
    oval oval:org.mitre.oval:def:11414
  • comment The operating system installed on the system is CentOS Linux 5.x
    oval oval:org.mitre.oval:def:15802
  • comment Oracle Linux 5.x
    oval oval:org.mitre.oval:def:15459
description Array index error in the DCTStream::readProgressiveDataUnit method in xpdf/Stream.cc in Xpdf 3.02pl1, as used in poppler, teTeX, KDE, KOffice, CUPS, and other products, allows remote attackers to trigger memory corruption and execute arbitrary code via a crafted PDF file.
family unix
id oval:org.mitre.oval:def:9979
status accepted
submitted 2010-07-09T03:56:16-04:00
title Array index error in the DCTStream::readProgressiveDataUnit method in xpdf/Stream.cc in Xpdf 3.02pl1, as used in poppler, teTeX, KDE, KOffice, CUPS, and other products, allows remote attackers to trigger memory corruption and execute arbitrary code via a crafted PDF file.
version 30
redhat via4
advisories
  • rhsa
    id RHSA-2007:1021
  • rhsa
    id RHSA-2007:1022
  • rhsa
    id RHSA-2007:1024
  • rhsa
    id RHSA-2007:1025
  • rhsa
    id RHSA-2007:1026
  • rhsa
    id RHSA-2007:1027
  • rhsa
    id RHSA-2007:1029
  • rhsa
    id RHSA-2007:1030
rpms
  • cups-1:1.2.4-11.14.el5_1.3
  • cups-debuginfo-1:1.2.4-11.14.el5_1.3
  • cups-devel-1:1.2.4-11.14.el5_1.3
  • cups-libs-1:1.2.4-11.14.el5_1.3
  • cups-lpd-1:1.2.4-11.14.el5_1.3
  • cups-1:1.1.22-0.rc1.9.20.2.el4_5.2
  • cups-debuginfo-1:1.1.22-0.rc1.9.20.2.el4_5.2
  • cups-devel-1:1.1.22-0.rc1.9.20.2.el4_5.2
  • cups-libs-1:1.1.22-0.rc1.9.20.2.el4_5.2
  • kdegraphics-7:3.3.1-6.el4_5
  • kdegraphics-debuginfo-7:3.3.1-6.el4_5
  • kdegraphics-devel-7:3.3.1-6.el4_5
  • gpdf-0:2.8.2-7.7.1
  • gpdf-debuginfo-0:2.8.2-7.7.1
  • poppler-0:0.5.4-4.3.el5_1
  • poppler-debuginfo-0:0.5.4-4.3.el5_1
  • poppler-devel-0:0.5.4-4.3.el5_1
  • poppler-utils-0:0.5.4-4.3.el5_1
  • tetex-0:2.0.2-22.0.1.EL4.10
  • tetex-0:3.0-33.2.el5_1.2
  • tetex-afm-0:2.0.2-22.0.1.EL4.10
  • tetex-afm-0:3.0-33.2.el5_1.2
  • tetex-debuginfo-0:2.0.2-22.0.1.EL4.10
  • tetex-debuginfo-0:3.0-33.2.el5_1.2
  • tetex-doc-0:2.0.2-22.0.1.EL4.10
  • tetex-doc-0:3.0-33.2.el5_1.2
  • tetex-dvips-0:2.0.2-22.0.1.EL4.10
  • tetex-dvips-0:3.0-33.2.el5_1.2
  • tetex-fonts-0:2.0.2-22.0.1.EL4.10
  • tetex-fonts-0:3.0-33.2.el5_1.2
  • tetex-latex-0:2.0.2-22.0.1.EL4.10
  • tetex-latex-0:3.0-33.2.el5_1.2
  • tetex-xdvi-0:2.0.2-22.0.1.EL4.10
  • tetex-xdvi-0:3.0-33.2.el5_1.2
  • xpdf-1:3.00-14.el4
  • xpdf-debuginfo-1:3.00-14.el4
  • xpdf-1:2.02-11.el3
  • xpdf-debuginfo-1:2.02-11.el3
refmap via4
bid 26367
bugtraq 20071107 Secunia Research: Xpdf "Stream.cc" Multiple Vulnerabilities
confirm
debian
  • DSA-1480
  • DSA-1509
  • DSA-1537
fedora
  • FEDORA-2007-3031
  • FEDORA-2007-3059
  • FEDORA-2007-3100
  • FEDORA-2007-3390
  • FEDORA-2007-4031
  • FEDORA-2007-750
gentoo
  • GLSA-200711-22
  • GLSA-200711-34
  • GLSA-200805-13
mandriva
  • MDKSA-2007:219
  • MDKSA-2007:220
  • MDKSA-2007:221
  • MDKSA-2007:222
  • MDKSA-2007:223
  • MDKSA-2007:227
  • MDKSA-2007:228
  • MDKSA-2007:230
misc http://secunia.com/secunia_research/2007-88/advisory/
sectrack 1018905
secunia
  • 26503
  • 27260
  • 27553
  • 27573
  • 27574
  • 27575
  • 27577
  • 27578
  • 27599
  • 27615
  • 27618
  • 27619
  • 27632
  • 27634
  • 27636
  • 27637
  • 27640
  • 27641
  • 27642
  • 27645
  • 27656
  • 27658
  • 27705
  • 27721
  • 27724
  • 27743
  • 27856
  • 28043
  • 28812
  • 29104
  • 29604
  • 30168
slackware SSA:2007-316-01
suse SUSE-SA:2007:060
ubuntu
  • USN-542-1
  • USN-542-2
vupen
  • ADV-2007-3774
  • ADV-2007-3775
  • ADV-2007-3776
  • ADV-2007-3779
  • ADV-2007-3786
xf xpdf-dctstreamread-memory-corruption(38306)
Last major update 29-09-2017 - 01:29
Published 08-11-2007 - 02:46
Last modified 29-09-2017 - 01:29
Back to Top