CVE-2007-5392
Published: 07 November 2007
Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a crafted PDF file, resulting in a heap-based buffer overflow.
Priority
Medium
Status
| Package | Release | Status |
|---|---|---|
|
cups Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
|
cupsys Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
|
gpdf Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
|
ipe Launchpad, Ubuntu, Debian |
Upstream |
Not vulnerable
|
|
kdegraphics Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
|
koffice Launchpad, Ubuntu, Debian |
Upstream |
Needed
|
|
libextractor Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
|
pdfkit.framework Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
|
pdftohtml Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
|
poppler Launchpad, Ubuntu, Debian |
Upstream |
Released
(0.6.2)
|
|
tetex-bin Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
|
texlive-bin Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
|
xpdf Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.02pl2)
|
|
Patches: Other: https://bugs.launchpad.net/ubuntu/+source/xpdf/+bug/129940 Debdiff: https://bugs.launchpad.net/ubuntu/+source/xpdf/+bug/160944 |
||
Notes
| Author | Note |
|---|---|
| jdstrand | cupsys on Ubuntu is not directly affected as it depends on poppler-utils or xpdf-utils. poppler-utils is in main and gets pulled in on installation of cupsys. koffice fixed in debian 1:1.6.3-4 |
| fujitsu | ipe doesn't contain the vulnerable code. |
References
- https://access.redhat.com/errata/RHSA-2007:1026 (poppler)
- https://access.redhat.com/errata/RHSA-2007:1027 (tetex-base)
- https://access.redhat.com/errata/RHSA-2007:1029 (xpdf)
- https://access.redhat.com/errata/RHSA-2007:1025 (gpdf)
- https://ubuntu.com/security/notices/USN-542-1
- https://ubuntu.com/security/notices/USN-542-2
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392
- NVD
- Launchpad
- Debian