CVE-2007-3387

Description

Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf before 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote attackers to execute arbitrary code via a crafted PDF file that triggers a stack-based buffer overflow in the StreamPredictor::getNextLine function.

Affected products

References

MISChttp://www.redhat.com/support/errata/RHSA-2007-0730.html
VENDOR_ADVISORYhttp://www.ubuntu.com/usn/usn-496-1
VENDOR_ADVISORYhttp://www.debian.org/security/2007/dsa-1355
VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2007/2705
VENDOR_ADVISORYhttp://www.novell.com/linux/security/advisories/2007_16_sr.html
VENDOR_ADVISORYhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:164
MISChttps://issues.rpath.com/browse/RPL-1596
VENDOR_ADVISORYhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:165
VENDOR_ADVISORYhttp://secunia.com/advisories/26307
VENDOR_ADVISORYhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:158
VENDOR_ADVISORYhttp://www.debian.org/security/2007/dsa-1350
MISChttp://www.securityfocus.com/archive/1/476519/30/5400/threaded
VENDOR_ADVISORYhttp://secunia.com/advisories/26468
MISChttp://www.securityfocus.com/archive/1/476508/100/0/threaded
VENDOR_ADVISORYhttp://secunia.com/advisories/26982
VENDOR_ADVISORYhttp://secunia.com/advisories/26254
VENDOR_ADVISORYhttp://secunia.com/advisories/26370
VENDOR_ADVISORYhttp://www.debian.org/security/2007/dsa-1348
VENDOR_ADVISORYhttp://secunia.com/advisories/26325
VENDOR_ADVISORYhttp://secunia.com/advisories/26413
VENDOR_ADVISORYhttp://www.debian.org/security/2007/dsa-1352
MISChttp://www.gentoo.org/security/en/glsa/glsa-200710-08.xml
VENDOR_ADVISORYhttp://www.debian.org/security/2007/dsa-1354
MISChttps://issues.rpath.com/browse/RPL-1604
MISChttp://sourceforge.net/project/shownotes.php?release_id=535497
VENDOR_ADVISORYhttp://www.ubuntu.com/usn/usn-496-2
VENDOR_ADVISORYhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:163
MISChttp://www.kde.org/info/security/advisory-20070730-1.txt
MISChttp://www.redhat.com/support/errata/RHSA-2007-0731.html
MISChttp://osvdb.org/40127
VENDOR_ADVISORYhttp://secunia.com/advisories/26862
MISChttp://security.gentoo.org/glsa/glsa-200805-13.xml
VENDOR_ADVISORYhttp://secunia.com/advisories/26281
MISChttp://www.redhat.com/support/errata/RHSA-2007-0720.html
MISChttp://security.gentoo.org/glsa/glsa-200709-12.xml
MISChttp://www.securityfocus.com/bid/25124
VENDOR_ADVISORYhttp://secunia.com/advisories/26514
VENDOR_ADVISORYhttp://secunia.com/advisories/26467
MISChttp://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.761882
VENDOR_ADVISORYhttp://secunia.com/advisories/26432
VENDOR_ADVISORYhttp://secunia.com/advisories/26410
MISChttp://bugs.gentoo.org/show_bug.cgi?id=187139
VENDOR_ADVISORYhttp://secunia.com/advisories/26607
MISChttp://support.avaya.com/elmodocs2/security/ASA-2007-401.htm
VENDOR_ADVISORYhttp://secunia.com/advisories/30168
VENDOR_ADVISORYhttp://secunia.com/advisories/26358
VENDOR_ADVISORYhttp://secunia.com/advisories/26365
VENDOR_ADVISORYhttp://secunia.com/advisories/26627
VENDOR_ADVISORYhttp://secunia.com/advisories/26293
VENDOR_ADVISORYhttp://secunia.com/advisories/26283
VENDOR_ADVISORYhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:159
VENDOR_ADVISORYhttp://secunia.com/advisories/27308
VENDOR_ADVISORYhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:160
VENDOR_ADVISORYhttp://www.debian.org/security/2007/dsa-1357
MISChttp://security.gentoo.org/glsa/glsa-200709-17.xml
VENDOR_ADVISORYhttp://secunia.com/advisories/26403
MISChttp://www.redhat.com/support/errata/RHSA-2007-0732.html
VENDOR_ADVISORYhttp://www.debian.org/security/2007/dsa-1349
VENDOR_ADVISORYhttp://secunia.com/advisories/26251
MISChttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11149
VENDOR_ADVISORYhttp://secunia.com/advisories/26292
VENDOR_ADVISORYhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:161
VENDOR_ADVISORYhttp://secunia.com/advisories/26342
VENDOR_ADVISORYhttp://secunia.com/advisories/26257
MISChttp://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=248194
VENDOR_ADVISORYhttp://secunia.com/advisories/26395
MISChttp://www.slackware.org/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.423670
VENDOR_ADVISORYhttp://www.mandriva.com/security/advisories?name=MDKSA-2007:162
MISChttp://security.gentoo.org/glsa/glsa-200711-34.xml
MISChttp://www.securitytracker.com/id?1018473
MISChttp://www.redhat.com/support/errata/RHSA-2007-0729.html
VENDOR_ADVISORYhttp://secunia.com/advisories/26188
VENDOR_ADVISORYhttp://secunia.com/advisories/26278
VENDOR_ADVISORYhttp://secunia.com/advisories/26425
MISChttp://security.gentoo.org/glsa/glsa-200710-20.xml
VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2007/2704
MISCftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl1.patch
VENDOR_ADVISORYhttp://www.debian.org/security/2007/dsa-1347
MISChttp://www.redhat.com/support/errata/RHSA-2007-0735.html
MISChttp://www.securityfocus.com/archive/1/476765/30/5340/threaded
VENDOR_ADVISORYhttp://secunia.com/advisories/27281
VENDOR_ADVISORYftp://patches.sgi.com/support/free/security/advisories/20070801-01-P.asc
MISChttps://issues.foresightlinux.org/browse/FL-471
VENDOR_ADVISORYhttp://secunia.com/advisories/26436
VENDOR_ADVISORYhttp://secunia.com/advisories/26343
VENDOR_ADVISORYhttp://secunia.com/advisories/26407
VENDOR_ADVISORYhttp://secunia.com/advisories/26255
VENDOR_ADVISORYhttp://secunia.com/advisories/27156
VENDOR_ADVISORYhttp://secunia.com/advisories/26318
VENDOR_ADVISORYhttp://secunia.com/advisories/26470
VENDOR_ADVISORYhttp://www.novell.com/linux/security/advisories/2007_15_sr.html
VENDOR_ADVISORYhttp://secunia.com/advisories/26297
VENDOR_ADVISORYhttp://secunia.com/advisories/26405
VENDOR_ADVISORYhttp://secunia.com/advisories/27637