CVE-2007-3387

xpdf integer overflow

Severity Score

6.8

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf before 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote attackers to execute arbitrary code via a crafted PDF file that triggers a stack-based buffer overflow in the StreamPredictor::getNextLine function.

Un desbordamiento de enteros en la función StreamPredictor::StreamPredictor en xpdf versión 3.02, tal como es usado en (1) poppler anterior a versión 0.5.91, (2) gpdf anterior a versión 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, ( 6) PDFedit, y otros productos, podrían permitir que los atacantes remotos ejecuten código arbitrario por medio de un archivo PDF creado que causa un desbordamiento del búfer en la región stack de la memoria, en la función StreamPredictor::getNextLine.

*Credits: N/A

CVSS Scores

NISTv2 6.8

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2007-06-25 CVE Reserved
2007-07-30 CVE Published
2024-07-10 EPSS Updated
2024-08-07 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-190: Integer Overflow or Wraparound

CAPEC

References (94)

URL	Tag	Source
ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl1.patch	Broken Link
http://bugs.gentoo.org/show_bug.cgi?id=187139	Issue Tracking
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=248194	Issue Tracking
http://osvdb.org/40127	Broken Link
http://secunia.com/advisories/26188	Third Party Advisory
http://secunia.com/advisories/26251	Third Party Advisory
http://secunia.com/advisories/26254	Third Party Advisory
http://secunia.com/advisories/26255	Third Party Advisory
http://secunia.com/advisories/26257	Third Party Advisory
http://secunia.com/advisories/26278	Third Party Advisory
http://secunia.com/advisories/26281	Third Party Advisory
http://secunia.com/advisories/26283	Third Party Advisory
http://secunia.com/advisories/26292	Third Party Advisory
http://secunia.com/advisories/26293	Third Party Advisory
http://secunia.com/advisories/26297	Third Party Advisory
http://secunia.com/advisories/26307	Third Party Advisory
http://secunia.com/advisories/26318	Third Party Advisory
http://secunia.com/advisories/26325	Third Party Advisory
http://secunia.com/advisories/26342	Third Party Advisory
http://secunia.com/advisories/26343	Third Party Advisory
http://secunia.com/advisories/26358	Third Party Advisory
http://secunia.com/advisories/26365	Third Party Advisory
http://secunia.com/advisories/26370	Third Party Advisory
http://secunia.com/advisories/26395	Third Party Advisory
http://secunia.com/advisories/26403	Third Party Advisory
http://secunia.com/advisories/26405	Third Party Advisory
http://secunia.com/advisories/26407	Third Party Advisory
http://secunia.com/advisories/26410	Third Party Advisory
http://secunia.com/advisories/26413	Third Party Advisory
http://secunia.com/advisories/26425	Third Party Advisory
http://secunia.com/advisories/26432	Third Party Advisory
http://secunia.com/advisories/26436	Third Party Advisory
http://secunia.com/advisories/26467	Third Party Advisory
http://secunia.com/advisories/26468	Third Party Advisory
http://secunia.com/advisories/26470	Third Party Advisory
http://secunia.com/advisories/26514	Third Party Advisory
http://secunia.com/advisories/26607	Third Party Advisory
http://secunia.com/advisories/26627	Third Party Advisory
http://secunia.com/advisories/26862	Third Party Advisory
http://secunia.com/advisories/26982	Third Party Advisory
http://secunia.com/advisories/27156	Third Party Advisory
http://secunia.com/advisories/27281	Third Party Advisory
http://secunia.com/advisories/27308	Third Party Advisory
http://secunia.com/advisories/27637	Third Party Advisory
http://secunia.com/advisories/30168	Third Party Advisory
http://sourceforge.net/project/shownotes.php?release_id=535497	Broken Link
http://support.avaya.com/elmodocs2/security/ASA-2007-401.htm	Third Party Advisory
http://www.kde.org/info/security/advisory-20070730-1.txt	Third Party Advisory
http://www.securityfocus.com/archive/1/476508/100/0/threaded	Mailing List
http://www.securityfocus.com/archive/1/476519/30/5400/threaded	Mailing List
http://www.securityfocus.com/archive/1/476765/30/5340/threaded	Mailing List
http://www.securityfocus.com/bid/25124	Third Party Advisory
http://www.securitytracker.com/id?1018473	Third Party Advisory
https://issues.foresightlinux.org/browse/FL-471	Broken Link
https://issues.rpath.com/browse/RPL-1596	Broken Link
https://issues.rpath.com/browse/RPL-1604	Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11149	Signature

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
ftp://patches.sgi.com/support/free/security/advisories/20070801-01-P.asc	2023-02-13
http://security.gentoo.org/glsa/glsa-200709-12.xml	2023-02-13
http://security.gentoo.org/glsa/glsa-200709-17.xml	2023-02-13
http://security.gentoo.org/glsa/glsa-200710-20.xml	2023-02-13
http://security.gentoo.org/glsa/glsa-200711-34.xml	2023-02-13
http://security.gentoo.org/glsa/glsa-200805-13.xml	2023-02-13
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.761882	2023-02-13
http://www.debian.org/security/2007/dsa-1347	2023-02-13
http://www.debian.org/security/2007/dsa-1348	2023-02-13
http://www.debian.org/security/2007/dsa-1349	2023-02-13
http://www.debian.org/security/2007/dsa-1350	2023-02-13
http://www.debian.org/security/2007/dsa-1352	2023-02-13
http://www.debian.org/security/2007/dsa-1354	2023-02-13
http://www.debian.org/security/2007/dsa-1355	2023-02-13
http://www.debian.org/security/2007/dsa-1357	2023-02-13
http://www.gentoo.org/security/en/glsa/glsa-200710-08.xml	2023-02-13
http://www.mandriva.com/security/advisories?name=MDKSA-2007:158	2023-02-13
http://www.mandriva.com/security/advisories?name=MDKSA-2007:159	2023-02-13
http://www.mandriva.com/security/advisories?name=MDKSA-2007:160	2023-02-13
http://www.mandriva.com/security/advisories?name=MDKSA-2007:161	2023-02-13
http://www.mandriva.com/security/advisories?name=MDKSA-2007:162	2023-02-13
http://www.mandriva.com/security/advisories?name=MDKSA-2007:163	2023-02-13
http://www.mandriva.com/security/advisories?name=MDKSA-2007:164	2023-02-13
http://www.mandriva.com/security/advisories?name=MDKSA-2007:165	2023-02-13
http://www.novell.com/linux/security/advisories/2007_15_sr.html	2023-02-13
http://www.novell.com/linux/security/advisories/2007_16_sr.html	2023-02-13
http://www.redhat.com/support/errata/RHSA-2007-0720.html	2023-02-13
http://www.redhat.com/support/errata/RHSA-2007-0729.html	2023-02-13
http://www.redhat.com/support/errata/RHSA-2007-0730.html	2023-02-13
http://www.redhat.com/support/errata/RHSA-2007-0731.html	2023-02-13
http://www.redhat.com/support/errata/RHSA-2007-0732.html	2023-02-13
http://www.redhat.com/support/errata/RHSA-2007-0735.html	2023-02-13
http://www.slackware.org/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.423670	2023-02-13
http://www.ubuntu.com/usn/usn-496-1	2023-02-13
http://www.ubuntu.com/usn/usn-496-2	2023-02-13
https://access.redhat.com/security/cve/CVE-2007-3387	2007-07-30
https://bugzilla.redhat.com/show_bug.cgi?id=248194	2007-07-30

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Apple Search vendor "Apple"		Cups Search vendor "Apple" for product "Cups"				<= 1.3.11 Search vendor "Apple" for product "Cups" and version " <= 1.3.11"		-		Affected
Freedesktop Search vendor "Freedesktop"		Poppler Search vendor "Freedesktop" for product "Poppler"				< 0.5.91 Search vendor "Freedesktop" for product "Poppler" and version " < 0.5.91"		-		Affected
Gpdf Project Search vendor "Gpdf Project"		Gpdf Search vendor "Gpdf Project" for product "Gpdf"				< 2.8.2 Search vendor "Gpdf Project" for product "Gpdf" and version " < 2.8.2"		-		Affected
Xpdfreader Search vendor "Xpdfreader"		Xpdf Search vendor "Xpdfreader" for product "Xpdf"				3.02 Search vendor "Xpdfreader" for product "Xpdf" and version "3.02"		-		Affected
Debian Search vendor "Debian"		Debian Linux Search vendor "Debian" for product "Debian Linux"				3.1 Search vendor "Debian" for product "Debian Linux" and version "3.1"		-		Affected
Debian Search vendor "Debian"		Debian Linux Search vendor "Debian" for product "Debian Linux"				4.0 Search vendor "Debian" for product "Debian Linux" and version "4.0"		-		Affected
Canonical Search vendor "Canonical"		Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux"				6.06 Search vendor "Canonical" for product "Ubuntu Linux" and version "6.06"		-		Affected
Canonical Search vendor "Canonical"		Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux"				6.10 Search vendor "Canonical" for product "Ubuntu Linux" and version "6.10"		-		Affected
Canonical Search vendor "Canonical"		Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux"				7.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "7.04"		-		Affected