CVE-2007-3387

Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf before 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote attackers to execute arbitrary code via a crafted PDF file that triggers a stack-based buffer overflow in the StreamPredictor::getNextLine function.

Published: Jul 31, 2007
Updated: Apr 13, 2023
CVE: CVE-2007-3387
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs:

CWE-190

Affected Software
References

Software	From	Fixed in
xpdfreader / xpdf	3.02	3.02.x
apple / cups	-	1.3.11.x
freedesktop / poppler	-	0.5.91
gpdf_project / gpdf	-	2.8.2
debian / debian_linux	3.1	3.1.x
debian / debian_linux	4.0	4.0.x
canonical / ubuntu_linux	7.04	7.04.x
canonical / ubuntu_linux	6.10	6.10.x
canonical / ubuntu_linux	6.06	6.06.x

ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl1.patch
ftp://patches.sgi.com/support/free/security/advisories/20070801-01-P.asc
http://bugs.gentoo.org/show_bug.cgi?id=187139
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=248194
http://osvdb.org/40127
http://secunia.com/advisories/26188
http://secunia.com/advisories/26251
http://secunia.com/advisories/26254
http://secunia.com/advisories/26255
http://secunia.com/advisories/26257
http://secunia.com/advisories/26278
http://secunia.com/advisories/26281
http://secunia.com/advisories/26283
http://secunia.com/advisories/26292
http://secunia.com/advisories/26293
http://secunia.com/advisories/26297
http://secunia.com/advisories/26307
http://secunia.com/advisories/26318
http://secunia.com/advisories/26325
http://secunia.com/advisories/26342
http://secunia.com/advisories/26343
http://secunia.com/advisories/26358
http://secunia.com/advisories/26365
http://secunia.com/advisories/26370
http://secunia.com/advisories/26395
http://secunia.com/advisories/26403
http://secunia.com/advisories/26405
http://secunia.com/advisories/26407
http://secunia.com/advisories/26410
http://secunia.com/advisories/26413
http://secunia.com/advisories/26425
http://secunia.com/advisories/26432
http://secunia.com/advisories/26436
http://secunia.com/advisories/26467
http://secunia.com/advisories/26468
http://secunia.com/advisories/26470
http://secunia.com/advisories/26514
http://secunia.com/advisories/26607
http://secunia.com/advisories/26627
http://secunia.com/advisories/26862
http://secunia.com/advisories/26982
http://secunia.com/advisories/27156
http://secunia.com/advisories/27281
http://secunia.com/advisories/27308
http://secunia.com/advisories/27637
http://secunia.com/advisories/30168
http://security.gentoo.org/glsa/glsa-200709-12.xml
http://security.gentoo.org/glsa/glsa-200709-17.xml
http://security.gentoo.org/glsa/glsa-200710-20.xml
http://security.gentoo.org/glsa/glsa-200711-34.xml
http://security.gentoo.org/glsa/glsa-200805-13.xml
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.761882
http://sourceforge.net/project/shownotes.php?release_id=535497
http://support.avaya.com/elmodocs2/security/ASA-2007-401.htm
http://www.debian.org/security/2007/dsa-1347
http://www.debian.org/security/2007/dsa-1348
http://www.debian.org/security/2007/dsa-1349
http://www.debian.org/security/2007/dsa-1350
http://www.debian.org/security/2007/dsa-1352
http://www.debian.org/security/2007/dsa-1354
http://www.debian.org/security/2007/dsa-1355
http://www.debian.org/security/2007/dsa-1357
http://www.gentoo.org/security/en/glsa/glsa-200710-08.xml
http://www.kde.org/info/security/advisory-20070730-1.txt
http://www.mandriva.com/security/advisories?name=MDKSA-2007:158
http://www.mandriva.com/security/advisories?name=MDKSA-2007:159
http://www.mandriva.com/security/advisories?name=MDKSA-2007:160
http://www.mandriva.com/security/advisories?name=MDKSA-2007:161
http://www.mandriva.com/security/advisories?name=MDKSA-2007:162
http://www.mandriva.com/security/advisories?name=MDKSA-2007:163
http://www.mandriva.com/security/advisories?name=MDKSA-2007:164
http://www.mandriva.com/security/advisories?name=MDKSA-2007:165
http://www.novell.com/linux/security/advisories/2007_15_sr.html
http://www.novell.com/linux/security/advisories/2007_16_sr.html
http://www.redhat.com/support/errata/RHSA-2007-0720.html
http://www.redhat.com/support/errata/RHSA-2007-0729.html
http://www.redhat.com/support/errata/RHSA-2007-0730.html
http://www.redhat.com/support/errata/RHSA-2007-0731.html
http://www.redhat.com/support/errata/RHSA-2007-0732.html
http://www.redhat.com/support/errata/RHSA-2007-0735.html
http://www.securityfocus.com/archive/1/476508/100/0/threaded
http://www.securityfocus.com/archive/1/476519/30/5400/threaded
http://www.securityfocus.com/archive/1/476765/30/5340/threaded
http://www.securityfocus.com/bid/25124
http://www.securitytracker.com/id?1018473
http://www.slackware.org/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.423670
http://www.ubuntu.com/usn/usn-496-1
http://www.ubuntu.com/usn/usn-496-2
http://www.vupen.com/english/advisories/2007/2704
http://www.vupen.com/english/advisories/2007/2705
https://issues.foresightlinux.org/browse/FL-471
https://issues.rpath.com/browse/RPL-1596
https://issues.rpath.com/browse/RPL-1604
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11149

Vulnerability Database

289,599

CVE-2007-3387