FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2007-4352

This CVE name corresponds to:

Entered Topic
2007-11-12 xpdf -- multiple remote Stream.CC vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2007-4352 at cve.mitre.org

Details

Type Candidate
Name CVE-2007-4352
Phase Assigned(20070814)

Description

Array index error in the DCTStream::readProgressiveDataUnit method in xpdf/Stream.cc in Xpdf 3.02pl1, as used in poppler, teTeX, KDE, KOffice, CUPS, and other products, allows remote attackers to trigger memory corruption and execute arbitrary code via a crafted PDF file.

References

Source Reference
BUGTRAQ 20071107 Secunia Research: Xpdf "Stream.cc" Multiple Vulnerabilities
MISC http://secunia.com/secunia_research/2007-88/advisory/
CONFIRM http://www.kde.org/info/security/advisory-20071107-1.txt
CONFIRM http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html
CONFIRM http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html
CONFIRM http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html
CONFIRM http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html
CONFIRM http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html
CONFIRM https://issues.rpath.com/browse/RPL-1926
DEBIAN DSA-1480
DEBIAN DSA-1509
DEBIAN DSA-1537
FEDORA FEDORA-2007-3100
FEDORA FEDORA-2007-3031
FEDORA FEDORA-2007-3059
FEDORA FEDORA-2007-4031
FEDORA FEDORA-2007-3390
FEDORA FEDORA-2007-750
GENTOO GLSA-200711-22
GENTOO GLSA-200711-34
GENTOO GLSA-200805-13
MANDRIVA MDKSA-2007:219
MANDRIVA MDKSA-2007:220
MANDRIVA MDKSA-2007:221
MANDRIVA MDKSA-2007:222
MANDRIVA MDKSA-2007:223
MANDRIVA MDKSA-2007:227
MANDRIVA MDKSA-2007:228
MANDRIVA MDKSA-2007:230
REDHAT RHSA-2007:1021
REDHAT RHSA-2007:1022
REDHAT RHSA-2007:1025
REDHAT RHSA-2007:1026
REDHAT RHSA-2007:1027
REDHAT RHSA-2007:1029
REDHAT RHSA-2007:1030
REDHAT RHSA-2007:1024
SLACKWARE SSA:2007-316-01
SUSE SUSE-SA:2007:060
UBUNTU USN-542-1
UBUNTU USN-542-2
BID 26367
OVAL oval:org.mitre.oval:def:9979
VUPEN ADV-2007-3774
VUPEN ADV-2007-3775
VUPEN ADV-2007-3776
VUPEN ADV-2007-3779
VUPEN ADV-2007-3786
SECTRACK 1018905
SECUNIA 27260
SECUNIA 27553
SECUNIA 27573
SECUNIA 27574
SECUNIA 27575
SECUNIA 27577
SECUNIA 27578
SECUNIA 27615
SECUNIA 27637
SECUNIA 27599
SECUNIA 26503
SECUNIA 27618
SECUNIA 27619
SECUNIA 27640
SECUNIA 27641
SECUNIA 27642
SECUNIA 27656
SECUNIA 27632
SECUNIA 27645
SECUNIA 27636
SECUNIA 27634
SECUNIA 27658
SECUNIA 27705
SECUNIA 27721
SECUNIA 27724
SECUNIA 27743
SECUNIA 27856
SECUNIA 28043
SECUNIA 28812
SECUNIA 29104
SECUNIA 29604
SECUNIA 30168
XF xpdf-dctstreamread-memory-corruption(38306)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.