The Adobe PDF specification 1.3, as implemented by (a) xpdf 3.0.1 patch 2, (b) kpdf in KDE before 3.5.5, (c) poppler before 0.5.4, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
21 Nov 2024, 00:24
Type | Values Removed | Values Added |
---|---|---|
References | () http://docs.info.apple.com/article.html?artnum=305214 - | |
References | () http://projects.info-pull.com/moab/MOAB-06-01-2007.html - | |
References | () http://secunia.com/advisories/23791 - | |
References | () http://secunia.com/advisories/23799 - Vendor Advisory | |
References | () http://secunia.com/advisories/23808 - Vendor Advisory | |
References | () http://secunia.com/advisories/23813 - Vendor Advisory | |
References | () http://secunia.com/advisories/23815 - Vendor Advisory | |
References | () http://secunia.com/advisories/23839 - Vendor Advisory | |
References | () http://secunia.com/advisories/23844 - Vendor Advisory | |
References | () http://secunia.com/advisories/23876 - Vendor Advisory | |
References | () http://secunia.com/advisories/24204 - Vendor Advisory | |
References | () http://secunia.com/advisories/24479 - Vendor Advisory | |
References | () http://securitytracker.com/id?1017514 - | |
References | () http://support.novell.com/techcenter/psdb/44d7cb9b669d58e0ce5aa5d7ab2c7c53.html - | |
References | () http://www.kde.org/info/security/advisory-20070115-1.txt - | |
References | () http://www.mandriva.com/security/advisories?name=MDKSA-2007:018 - | |
References | () http://www.mandriva.com/security/advisories?name=MDKSA-2007:019 - | |
References | () http://www.mandriva.com/security/advisories?name=MDKSA-2007:020 - | |
References | () http://www.mandriva.com/security/advisories?name=MDKSA-2007:021 - | |
References | () http://www.mandriva.com/security/advisories?name=MDKSA-2007:022 - | |
References | () http://www.mandriva.com/security/advisories?name=MDKSA-2007:024 - | |
References | () http://www.novell.com/linux/security/advisories/2007_3_sr.html - | |
References | () http://www.securityfocus.com/archive/1/457055/100/0/threaded - | |
References | () http://www.securityfocus.com/bid/21910 - Exploit | |
References | () http://www.securitytracker.com/id?1017749 - | |
References | () http://www.ubuntu.com/usn/usn-410-1 - | |
References | () http://www.ubuntu.com/usn/usn-410-2 - | |
References | () http://www.us-cert.gov/cas/techalerts/TA07-072A.html - US Government Resource | |
References | () http://www.vupen.com/english/advisories/2007/0203 - Vendor Advisory | |
References | () http://www.vupen.com/english/advisories/2007/0212 - Vendor Advisory | |
References | () http://www.vupen.com/english/advisories/2007/0244 - Vendor Advisory | |
References | () http://www.vupen.com/english/advisories/2007/0930 - Vendor Advisory | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/31364 - | |
References | () https://issues.rpath.com/browse/RPL-964 - |
Information
Published : 2007-01-09 00:28
Updated : 2024-11-21 00:24
NVD link : CVE-2007-0104
Mitre link : CVE-2007-0104
CVE.ORG link : CVE-2007-0104
JSON object : View
Products Affected
kde
- kde
xpdf
- xpdf
CWE
CWE-20
Improper Input Validation