Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2007-4352

Array index error in the DCTStream::readProgressiveDataUnit method in xpdf/Stream.cc in Xpdf 3.02pl1, as used in poppler, teTeX, KDE, KOffice, CUPS, and other products, allows remote attackers to trigger memory corruption and execute arbitrary code via a crafted PDF file.

  • Published: Nov 8, 2007
  • Updated: Apr 13, 2023
  • CVE: CVE-2007-4352
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 7.6
  • AV:N/AC:H/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Software From Fixed in
xpdf / xpdf 3.0.1_pl1 3.0.1_pl1.x