Secunia SmallBusiness
Products
Solutions
Customers
Partner
Resources
Company
Careers
Community

CVE Reference: CVE-2007-3387
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2007-3387

Description:
Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf before 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote attackers to execute arbitrary code via a crafted PDF file that triggers a stack-based buffer overflow in the StreamPredictor::getNextLine function.

CVE Status:
Candidate

References:

UBUNTU
  http://www.ubuntu.com/usn/usn-496-2
  http://www.ubuntu.com/usn/usn-496-1

SUSE
  http://www.novell.com/linux/security/advisories/2007_16_sr.html
  http://www.novell.com/linux/security/advisories/2007_15_sr.html

ST
  1018473

SLACKWARE
  http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.761882
  http://www.slackware.org/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.423670

SGI

SAID
  Secunia Advisory: SA26514
  Secunia Advisory: SA26395
  Secunia Advisory: SA26425
  Secunia Advisory: SA26470
  Secunia Advisory: SA26468
  Secunia Advisory: SA26467
  Secunia Advisory: SA26436
  Secunia Advisory: SA26432
  Secunia Advisory: SA26407
  Secunia Advisory: SA26405
  Secunia Advisory: SA26403
  Secunia Advisory: SA26410
  Secunia Advisory: SA26413
  Secunia Advisory: SA26370
  Secunia Advisory: SA26365
  Secunia Advisory: SA26325
  Secunia Advisory: SA26358
  Secunia Advisory: SA26343
  Secunia Advisory: SA26297
  Secunia Advisory: SA26342
  Secunia Advisory: SA26318
  Secunia Advisory: SA26307
  Secunia Advisory: SA26292
  Secunia Advisory: SA26293
  Secunia Advisory: SA26251
  Secunia Advisory: SA26283
  Secunia Advisory: SA26281
  Secunia Advisory: SA26278
  Secunia Advisory: SA26257
  Secunia Advisory: SA26255
  Secunia Advisory: SA26188
  Secunia Advisory: SA26254
  Secunia Advisory: SA26607
  Secunia Advisory: SA26862
  Secunia Advisory: SA27156
  Secunia Advisory: SA27281
  Secunia Advisory: SA27308
  Secunia Advisory: SA27637
  Secunia Advisory: SA26627
  Secunia Advisory: SA26982
  Secunia Advisory: SA30168

REDHAT
  http://www.redhat.com/support/errata/RHSA-2007-0731.html
  http://www.redhat.com/support/errata/RHSA-2007-0735.html
  http://www.redhat.com/support/errata/RHSA-2007-0732.html
  http://www.redhat.com/support/errata/RHSA-2007-0729.html
  http://www.redhat.com/support/errata/RHSA-2007-0720.html
  http://www.redhat.com/support/errata/RHSA-2007-0730.html

OVAL
  http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11149

OSVDB
  40127

MISC
  http://bugs.gentoo.org/show_bug.cgi?id=187139
  http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=248194

MANDRIVA
  http://www.mandriva.com/security/advisories?name=MDKSA-2007:165
  http://www.mandriva.com/security/advisories?name=MDKSA-2007:160
  http://www.mandriva.com/security/advisories?name=MDKSA-2007:161
  http://www.mandriva.com/security/advisories?name=MDKSA-2007:163
  http://www.mandriva.com/security/advisories?name=MDKSA-2007:164
  http://www.mandriva.com/security/advisories?name=MDKSA-2007:159
  http://www.mandriva.com/security/advisories?name=MDKSA-2007:158
  http://www.mandriva.com/security/advisories?name=MDKSA-2007:162

GENTOO
  http://security.gentoo.org/glsa/glsa-200709-17.xml
  http://security.gentoo.org/glsa/glsa-200805-13.xml
  http://security.gentoo.org/glsa/glsa-200711-34.xml
  http://security.gentoo.org/glsa/glsa-200710-20.xml
  http://www.gentoo.org/security/en/glsa/glsa-200710-08.xml
  http://security.gentoo.org/glsa/glsa-200709-12.xml

DEBIAN
  http://www.debian.org/security/2007/dsa-1357
  http://www.debian.org/security/2007/dsa-1354
  http://www.debian.org/security/2007/dsa-1355
  http://www.debian.org/security/2007/dsa-1352
  http://www.debian.org/security/2007/dsa-1347
  http://www.debian.org/security/2007/dsa-1348
  http://www.debian.org/security/2007/dsa-1350
  http://www.debian.org/security/2007/dsa-1349

CONFIRM
  http://support.avaya.com/elmodocs2/security/ASA-2007-401.htm
  http://sourceforge.net/project/shownotes.php?release_id=535497
  http://www.kde.org/info/security/advisory-20070730-1.txt

BUGTRAQ
  http://www.securityfocus.com/archive/1/archive/1/476765/30/5340/threaded
  http://www.securityfocus.com/archive/1/archive/1/476519/30/5400/threaded
  http://www.securityfocus.com/archive/1/archive/1/476508/100/0/threaded

BID
  25124


Return to the previous page.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Factsheets
Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom
 
© 2002-2013 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability