Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2007-5392

Опубликовано: 08 нояб. 2007
Источник: debian
EPSS Низкий

Описание

Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a crafted PDF file, resulting in a heap-based buffer overflow.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
popplerfixed0.6.2-1package
kdegraphicsfixed4:3.5.8-2package
kdegraphicsnot-affectedetchpackage
xpdffixed3.02-1.3package
kofficefixed1:1.6.3-4package
cupsfixed1.1.22-7package
gpdfremovedpackage
pdftohtmlremovedpackage
pdftohtmlfixed0.36-13etch1etchpackage
tetex-binfixed3.0-12package
cupsysnot-affectedpackage
libextractorfixed0.5.12-1package
swftoolsfixed0.9.2+ds1-2package

Примечания

  • pdftex links to poppler since 3.0-12, thus marking as fixed

  • cups uses xpdf-utils and poppler-utils

  • libextractor uses internal pdf decoder since 0.5.12-1, thus marking as fixed

EPSS

Процентиль: 88%
0.03924
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2007-5392

ubuntu
почти 18 лет назад

Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a crafted PDF file, resulting in a heap-based buffer overflow.

redhat логотип

CVE-2007-5392

redhat
почти 18 лет назад

Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a crafted PDF file, resulting in a heap-based buffer overflow.

nvd логотип

CVE-2007-5392

nvd
почти 18 лет назад

Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a crafted PDF file, resulting in a heap-based buffer overflow.

github логотип

GHSA-5wjr-7h39-qr5r

github
больше 3 лет назад

Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a crafted PDF file, resulting in a heap-based buffer overflow.

oracle-oval логотип

ELSA-2007-1026

oracle-oval
почти 18 лет назад

ELSA-2007-1026: Important: poppler security update (IMPORTANT)

EPSS

Процентиль: 88%
0.03924
Низкий