Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf before 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote attackers to execute arbitrary code via a crafted PDF file that triggers a stack-based buffer overflow in the StreamPredictor::getNextLine function.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
No history.
Information
Published : 2007-07-30 23:17
Updated : 2024-02-04 17:13
NVD link : CVE-2007-3387
Mitre link : CVE-2007-3387
CVE.ORG link : CVE-2007-3387
JSON object : View
Products Affected
debian
- debian_linux
canonical
- ubuntu_linux
freedesktop
- poppler
xpdfreader
- xpdf
apple
- cups
gpdf_project
- gpdf
CWE
CWE-190
Integer Overflow or Wraparound