Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2007-3387

Опубликовано: 30 июл. 2007
Источник: nvd
CVSS2: 6.8
EPSS Средний

Описание

Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf before 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote attackers to execute arbitrary code via a crafted PDF file that triggers a stack-based buffer overflow in the StreamPredictor::getNextLine function.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*
Версия до 1.3.11 (включая)
cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*
Версия до 0.5.91 (исключая)
cpe:2.3:a:gpdf_project:gpdf:*:*:*:*:*:*:*:*
Версия до 2.8.2 (исключая)
cpe:2.3:a:xpdfreader:xpdf:3.02:*:*:*:*:*:*:*
Конфигурация 2

Одно из

cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
Конфигурация 3

Одно из

cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*

EPSS

Процентиль: 93%
0.11401
Средний

6.8 Medium

CVSS2

Дефекты

CWE-190

Связанные уязвимости

ubuntu логотип

CVE-2007-3387

ubuntu
почти 18 лет назад

Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf before 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote attackers to execute arbitrary code via a crafted PDF file that triggers a stack-based buffer overflow in the StreamPredictor::getNextLine function.

redhat логотип

CVE-2007-3387

redhat
почти 18 лет назад

Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf before 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote attackers to execute arbitrary code via a crafted PDF file that triggers a stack-based buffer overflow in the StreamPredictor::getNextLine function.

debian логотип

CVE-2007-3387

debian
почти 18 лет назад

Integer overflow in the StreamPredictor::StreamPredictor function in x ...

github логотип

GHSA-v25x-frpw-qg4x

github
около 3 лет назад

Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf before 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote attackers to execute arbitrary code via a crafted PDF file that triggers a stack-based buffer overflow in the StreamPredictor::getNextLine function.

oracle-oval логотип

ELSA-2007-0732

oracle-oval
почти 18 лет назад

ELSA-2007-0732: Important: poppler security update (IMPORTANT)

EPSS

Процентиль: 93%
0.11401
Средний

6.8 Medium

CVSS2

Дефекты

CWE-190