Vulnerability CVE-2007-5392: Information

Description

Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a crafted PDF file, resulting in a heap-based buffer overflow.

Severity: CRITICAL (9.3)

URL: https://nvd.nist.gov/vuln/detail/CVE-2007-5392
Published: Nov. 8, 2007
Modified: Sept. 29, 2017
Error type identifier: CWE-119

References to Advisories, Solutions, and Tools

Hyperlink
Resource
http://secunia.com/secunia_research/2007-88/advisory/
  • Vendor Advisory
27260
  • Patch
  • Vendor Advisory
20071107 Secunia Research: Xpdf "Stream.cc" Multiple Vulnerabilities
    http://www.kde.org/info/security/advisory-20071107-1.txt
      http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html
        http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html
          http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html
            http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html
              http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html
                https://issues.rpath.com/browse/RPL-1926
                  FEDORA-2007-3100
                    FEDORA-2007-3031
                      FEDORA-2007-3059
                        GLSA-200711-22
                          GLSA-200711-34
                            MDKSA-2007:219
                              MDKSA-2007:220
                                MDKSA-2007:221
                                  MDKSA-2007:222
                                    MDKSA-2007:223
                                      MDKSA-2007:227
                                        MDKSA-2007:228
                                          MDKSA-2007:230
                                            RHSA-2007:1021
                                            • Vendor Advisory
                                            RHSA-2007:1022
                                            • Vendor Advisory
                                            RHSA-2007:1025
                                              RHSA-2007:1026
                                              • Vendor Advisory
                                              RHSA-2007:1027
                                              • Vendor Advisory
                                              RHSA-2007:1029
                                              • Vendor Advisory
                                              RHSA-2007:1030
                                              • Vendor Advisory
                                              RHSA-2007:1024
                                              • Vendor Advisory
                                              SSA:2007-316-01
                                                SUSE-SA:2007:060
                                                  USN-542-1
                                                    USN-542-2
                                                      26367
                                                        1018905
                                                          27553
                                                          • Vendor Advisory
                                                          27573
                                                          • Vendor Advisory
                                                          27574
                                                          • Vendor Advisory
                                                          27575
                                                          • Vendor Advisory
                                                          27577
                                                          • Vendor Advisory
                                                          27578
                                                          • Vendor Advisory
                                                          27615
                                                          • Vendor Advisory
                                                          27637
                                                          • Vendor Advisory
                                                          27599
                                                          • Vendor Advisory
                                                          26503
                                                          • Vendor Advisory
                                                          27618
                                                          • Vendor Advisory
                                                          27619
                                                          • Vendor Advisory
                                                          27640
                                                          • Vendor Advisory
                                                          27641
                                                            27642
                                                              27656
                                                                27632
                                                                  27645
                                                                    27636
                                                                      27634
                                                                        27658
                                                                          27705
                                                                            27721
                                                                              27724
                                                                                27743
                                                                                  27856
                                                                                    FEDORA-2007-4031
                                                                                      28043
                                                                                        FEDORA-2007-3390
                                                                                          FEDORA-2007-750
                                                                                            DSA-1480
                                                                                              28812
                                                                                                DSA-1509
                                                                                                  29104
                                                                                                    DSA-1537
                                                                                                      29604
                                                                                                        GLSA-200805-13
                                                                                                          30168
                                                                                                            ADV-2007-3776
                                                                                                              ADV-2007-3774
                                                                                                                ADV-2007-3786
                                                                                                                  ADV-2007-3775
                                                                                                                    ADV-2007-3779
                                                                                                                      xpdf-dctstreamreset-bo(38303)
                                                                                                                        oval:org.mitre.oval:def:10036

                                                                                                                            1. Configuration 1

                                                                                                                              cpe:2.3:a:xpdf:xpdf:3.0.1_pl1:*:*:*:*:*:*:*
                                                                                                                          VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
                                                                                                                          Version: v24.5.3
                                                                                                                          Back to top