CVE-2007-3387

Published: 30 July 2007

Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf before 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote attackers to execute arbitrary code via a crafted PDF file that triggers a stack-based buffer overflow in the StreamPredictor::getNextLine function.

Priority

Unknown

Status

Package Release Status
kdegraphics
Launchpad, Ubuntu, Debian
Upstream Needs triage

koffice
Launchpad, Ubuntu, Debian
Upstream Needs triage

poppler
Launchpad, Ubuntu, Debian
Upstream Needs triage

xpdf
Launchpad, Ubuntu, Debian
Upstream Needs triage