Vulnerability CVE-2007-5393: Information

Description

Heap-based buffer overflow in the CCITTFaxStream::lookChar method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a PDF file that contains a crafted CCITTFaxDecode filter.

Severity: CRITICAL (9.3)

URL: https://nvd.nist.gov/vuln/detail/CVE-2007-5393
Published: Nov. 8, 2007
Modified: Sept. 29, 2017
Error type identifier: CWE-119

References to Advisories, Solutions, and Tools

Hyperlink
Resource
http://secunia.com/secunia_research/2007-88/advisory/
  • Vendor Advisory
27260
  • Patch
  • Vendor Advisory
20071107 Secunia Research: Xpdf "Stream.cc" Multiple Vulnerabilities
    http://www.kde.org/info/security/advisory-20071107-1.txt
      http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html
        http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html
          http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html
            http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html
              http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html
                http://support.avaya.com/elmodocs2/security/ASA-2007-476.htm
                  https://issues.rpath.com/browse/RPL-1926
                    DSA-1408
                      FEDORA-2007-3100
                        FEDORA-2007-3031
                          FEDORA-2007-3059
                            GLSA-200711-22
                              GLSA-200711-34
                                MDKSA-2007:219
                                  MDKSA-2007:220
                                    MDKSA-2007:221
                                      MDKSA-2007:222
                                        MDKSA-2007:223
                                          MDKSA-2007:227
                                            MDKSA-2007:228
                                              MDKSA-2007:230
                                                RHSA-2007:1021
                                                • Vendor Advisory
                                                RHSA-2007:1022
                                                • Vendor Advisory
                                                RHSA-2007:1023
                                                • Vendor Advisory
                                                RHSA-2007:1025
                                                  RHSA-2007:1026
                                                  • Vendor Advisory
                                                  RHSA-2007:1027
                                                    RHSA-2007:1028
                                                    • Vendor Advisory
                                                    RHSA-2007:1029
                                                    • Vendor Advisory
                                                    RHSA-2007:1030
                                                    • Vendor Advisory
                                                    RHSA-2007:1031
                                                    • Vendor Advisory
                                                    RHSA-2007:1024
                                                    • Vendor Advisory
                                                    RHSA-2007:1051
                                                    • Vendor Advisory
                                                    SSA:2007-316-01
                                                      SUSE-SA:2007:060
                                                        USN-542-1
                                                          USN-542-2
                                                            26367
                                                              1018905
                                                                27553
                                                                • Vendor Advisory
                                                                27573
                                                                • Vendor Advisory
                                                                27574
                                                                  27575
                                                                  • Vendor Advisory
                                                                  27577
                                                                  • Vendor Advisory
                                                                  27578
                                                                  • Vendor Advisory
                                                                  27579
                                                                  • Vendor Advisory
                                                                  27615
                                                                    27637
                                                                      27599
                                                                        26503
                                                                          27618
                                                                            27619
                                                                              27640
                                                                                27641
                                                                                  27642
                                                                                    27656
                                                                                      27632
                                                                                        27645
                                                                                          27636
                                                                                            27634
                                                                                              27658
                                                                                                27705
                                                                                                  27721
                                                                                                    27724
                                                                                                      27743
                                                                                                        27772
                                                                                                          27856
                                                                                                            FEDORA-2007-4031
                                                                                                              28043
                                                                                                                FEDORA-2007-3390
                                                                                                                  FEDORA-2007-750
                                                                                                                    27718
                                                                                                                      DSA-1480
                                                                                                                        28812
                                                                                                                          DSA-1509
                                                                                                                            29104
                                                                                                                              DSA-1537
                                                                                                                                29604
                                                                                                                                  GLSA-200805-13
                                                                                                                                    30168
                                                                                                                                      ADV-2007-3776
                                                                                                                                        ADV-2007-3774
                                                                                                                                          ADV-2007-3786
                                                                                                                                            ADV-2007-3775
                                                                                                                                              ADV-2007-3779
                                                                                                                                                xpdf-ccittfaxstreamlookchar-bo(38304)
                                                                                                                                                  oval:org.mitre.oval:def:9839

                                                                                                                                                      1. Configuration 1

                                                                                                                                                        cpe:2.3:a:xpdf:xpdf:3.02p11:*:*:*:*:*:*:*
                                                                                                                                                    VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
                                                                                                                                                    Version: v24.5.3
                                                                                                                                                    Back to top