CVE-2007-4352

Published: Nov 8, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

Array index error in the DCTStream::readProgressiveDataUnit method in xpdf/Stream.cc in Xpdf 3.02pl1, as used in poppler, teTeX, KDE, KOffice, CUPS, and other products, allows remote attackers to trigger memory corruption and execute arbitrary code via a crafted PDF file.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

SUSE-SA:2007:060

vendor-advisory

x_refsource_SUSE

27632

third-party-advisory

x_refsource_SECUNIA

27743

third-party-advisory

x_refsource_SECUNIA

MDKSA-2007:222

vendor-advisory

x_refsource_MANDRIVA

ADV-2007-3774

vdb-entry

x_refsource_VUPEN

27260

third-party-advisory

x_refsource_SECUNIA

27856

third-party-advisory

x_refsource_SECUNIA

http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html

x_refsource_CONFIRM

27636

third-party-advisory

x_refsource_SECUNIA

29604

third-party-advisory

x_refsource_SECUNIA

MDKSA-2007:223

vendor-advisory

x_refsource_MANDRIVA

27721

third-party-advisory

x_refsource_SECUNIA

27724

third-party-advisory

x_refsource_SECUNIA

ADV-2007-3776

vdb-entry

x_refsource_VUPEN

FEDORA-2007-3059

vendor-advisory

x_refsource_FEDORA

27577

third-party-advisory

x_refsource_SECUNIA

29104

third-party-advisory

x_refsource_SECUNIA

FEDORA-2007-3031

vendor-advisory

x_refsource_FEDORA

xpdf-dctstreamread-memory-corruption(38306)

vdb-entry

x_refsource_XF

27618

third-party-advisory

x_refsource_SECUNIA

27642

third-party-advisory

x_refsource_SECUNIA

FEDORA-2007-4031

vendor-advisory

x_refsource_FEDORA

27656

third-party-advisory

x_refsource_SECUNIA

http://secunia.com/secunia_research/2007-88/advisory/

x_refsource_MISC

FEDORA-2007-3100

vendor-advisory

x_refsource_FEDORA

http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html

x_refsource_CONFIRM

RHSA-2007:1026

vendor-advisory

x_refsource_REDHAT

DSA-1509

vendor-advisory

x_refsource_DEBIAN

RHSA-2007:1022

vendor-advisory

x_refsource_REDHAT

27573

third-party-advisory

x_refsource_SECUNIA

RHSA-2007:1029

vendor-advisory

x_refsource_REDHAT

27641

third-party-advisory

x_refsource_SECUNIA

GLSA-200805-13

vendor-advisory

x_refsource_GENTOO

28812

third-party-advisory

x_refsource_SECUNIA

DSA-1537

vendor-advisory

x_refsource_DEBIAN

FEDORA-2007-750

vendor-advisory

x_refsource_FEDORA

SSA:2007-316-01

vendor-advisory

x_refsource_SLACKWARE

26367

vdb-entry

x_refsource_BID

27615

third-party-advisory

x_refsource_SECUNIA

RHSA-2007:1021

vendor-advisory

x_refsource_REDHAT

ADV-2007-3786

vdb-entry

x_refsource_VUPEN

27645

third-party-advisory

x_refsource_SECUNIA

20071107 Secunia Research: Xpdf "Stream.cc" Multiple Vulnerabilities

mailing-list

x_refsource_BUGTRAQ

30168

third-party-advisory

x_refsource_SECUNIA

27574

third-party-advisory

x_refsource_SECUNIA

https://issues.rpath.com/browse/RPL-1926

x_refsource_CONFIRM

26503

third-party-advisory

x_refsource_SECUNIA

MDKSA-2007:219

vendor-advisory

x_refsource_MANDRIVA

DSA-1480

vendor-advisory

x_refsource_DEBIAN

GLSA-200711-22

vendor-advisory

x_refsource_GENTOO

27634

third-party-advisory

x_refsource_SECUNIA

MDKSA-2007:227

vendor-advisory

x_refsource_MANDRIVA

http://www.kde.org/info/security/advisory-20071107-1.txt

x_refsource_CONFIRM

28043

third-party-advisory

x_refsource_SECUNIA

27619

third-party-advisory

x_refsource_SECUNIA

MDKSA-2007:220

vendor-advisory

x_refsource_MANDRIVA

27705

third-party-advisory

x_refsource_SECUNIA

27578

third-party-advisory

x_refsource_SECUNIA

27640

third-party-advisory

x_refsource_SECUNIA

http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html

x_refsource_CONFIRM

http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html

x_refsource_CONFIRM

GLSA-200711-34

vendor-advisory

x_refsource_GENTOO

27599

third-party-advisory

x_refsource_SECUNIA

27575

third-party-advisory

x_refsource_SECUNIA

1018905

vdb-entry

x_refsource_SECTRACK

http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html

x_refsource_CONFIRM

oval:org.mitre.oval:def:9979

vdb-entry

signature

x_refsource_OVAL

FEDORA-2007-3390

vendor-advisory

x_refsource_FEDORA

MDKSA-2007:228

vendor-advisory

x_refsource_MANDRIVA

ADV-2007-3775

vdb-entry

x_refsource_VUPEN

RHSA-2007:1027

vendor-advisory

x_refsource_REDHAT

RHSA-2007:1030

vendor-advisory

x_refsource_REDHAT

USN-542-1

vendor-advisory

x_refsource_UBUNTU

27658

third-party-advisory

x_refsource_SECUNIA

RHSA-2007:1024

vendor-advisory

x_refsource_REDHAT

MDKSA-2007:230

vendor-advisory

x_refsource_MANDRIVA

USN-542-2

vendor-advisory

x_refsource_UBUNTU

RHSA-2007:1025

vendor-advisory

x_refsource_REDHAT

ADV-2007-3779

vdb-entry

x_refsource_VUPEN

MDKSA-2007:221

vendor-advisory

x_refsource_MANDRIVA

27553

third-party-advisory

x_refsource_SECUNIA

27637

third-party-advisory

x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2007-4352

Description

Affected Products

References