Heap-based buffer overflow in the CCITTFaxStream::lookChar method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a PDF file that contains a crafted CCITTFaxDecode filter.
References
Configurations
History
21 Nov 2024, 00:37
Type | Values Removed | Values Added |
---|---|---|
References | () http://secunia.com/advisories/26503 - | |
References | () http://secunia.com/advisories/27260 - Patch, Vendor Advisory | |
References | () http://secunia.com/advisories/27553 - Vendor Advisory | |
References | () http://secunia.com/advisories/27573 - Vendor Advisory | |
References | () http://secunia.com/advisories/27574 - | |
References | () http://secunia.com/advisories/27575 - Vendor Advisory | |
References | () http://secunia.com/advisories/27577 - Vendor Advisory | |
References | () http://secunia.com/advisories/27578 - Vendor Advisory | |
References | () http://secunia.com/advisories/27579 - Vendor Advisory | |
References | () http://secunia.com/advisories/27599 - | |
References | () http://secunia.com/advisories/27615 - | |
References | () http://secunia.com/advisories/27618 - | |
References | () http://secunia.com/advisories/27619 - | |
References | () http://secunia.com/advisories/27632 - | |
References | () http://secunia.com/advisories/27634 - | |
References | () http://secunia.com/advisories/27636 - | |
References | () http://secunia.com/advisories/27637 - | |
References | () http://secunia.com/advisories/27640 - | |
References | () http://secunia.com/advisories/27641 - | |
References | () http://secunia.com/advisories/27642 - | |
References | () http://secunia.com/advisories/27645 - | |
References | () http://secunia.com/advisories/27656 - | |
References | () http://secunia.com/advisories/27658 - | |
References | () http://secunia.com/advisories/27705 - | |
References | () http://secunia.com/advisories/27718 - | |
References | () http://secunia.com/advisories/27721 - | |
References | () http://secunia.com/advisories/27724 - | |
References | () http://secunia.com/advisories/27743 - | |
References | () http://secunia.com/advisories/27772 - | |
References | () http://secunia.com/advisories/27856 - | |
References | () http://secunia.com/advisories/28043 - | |
References | () http://secunia.com/advisories/28812 - | |
References | () http://secunia.com/advisories/29104 - | |
References | () http://secunia.com/advisories/29604 - | |
References | () http://secunia.com/advisories/30168 - | |
References | () http://secunia.com/secunia_research/2007-88/advisory/ - Vendor Advisory | |
References | () http://security.gentoo.org/glsa/glsa-200711-22.xml - | |
References | () http://security.gentoo.org/glsa/glsa-200711-34.xml - | |
References | () http://security.gentoo.org/glsa/glsa-200805-13.xml - | |
References | () http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.761882 - | |
References | () http://support.avaya.com/elmodocs2/security/ASA-2007-476.htm - | |
References | () http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html - | |
References | () http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html - | |
References | () http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html - | |
References | () http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html - | |
References | () http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html - | |
References | () http://www.debian.org/security/2007/dsa-1408 - | |
References | () http://www.debian.org/security/2008/dsa-1480 - | |
References | () http://www.debian.org/security/2008/dsa-1509 - | |
References | () http://www.debian.org/security/2008/dsa-1537 - | |
References | () http://www.kde.org/info/security/advisory-20071107-1.txt - | |
References | () http://www.mandriva.com/security/advisories?name=MDKSA-2007:219 - | |
References | () http://www.mandriva.com/security/advisories?name=MDKSA-2007:220 - | |
References | () http://www.mandriva.com/security/advisories?name=MDKSA-2007:221 - | |
References | () http://www.mandriva.com/security/advisories?name=MDKSA-2007:222 - | |
References | () http://www.mandriva.com/security/advisories?name=MDKSA-2007:223 - | |
References | () http://www.mandriva.com/security/advisories?name=MDKSA-2007:227 - | |
References | () http://www.mandriva.com/security/advisories?name=MDKSA-2007:228 - | |
References | () http://www.mandriva.com/security/advisories?name=MDKSA-2007:230 - | |
References | () http://www.novell.com/linux/security/advisories/2007_60_pdf.html - | |
References | () http://www.redhat.com/support/errata/RHSA-2007-1021.html - Vendor Advisory | |
References | () http://www.redhat.com/support/errata/RHSA-2007-1022.html - Vendor Advisory | |
References | () http://www.redhat.com/support/errata/RHSA-2007-1023.html - Vendor Advisory | |
References | () http://www.redhat.com/support/errata/RHSA-2007-1024.html - Vendor Advisory | |
References | () http://www.redhat.com/support/errata/RHSA-2007-1025.html - | |
References | () http://www.redhat.com/support/errata/RHSA-2007-1026.html - Vendor Advisory | |
References | () http://www.redhat.com/support/errata/RHSA-2007-1027.html - | |
References | () http://www.redhat.com/support/errata/RHSA-2007-1028.html - Vendor Advisory | |
References | () http://www.redhat.com/support/errata/RHSA-2007-1029.html - Vendor Advisory | |
References | () http://www.redhat.com/support/errata/RHSA-2007-1030.html - Vendor Advisory | |
References | () http://www.redhat.com/support/errata/RHSA-2007-1031.html - Vendor Advisory | |
References | () http://www.redhat.com/support/errata/RHSA-2007-1051.html - Vendor Advisory | |
References | () http://www.securityfocus.com/archive/1/483372 - | |
References | () http://www.securityfocus.com/bid/26367 - | |
References | () http://www.securitytracker.com/id?1018905 - | |
References | () http://www.ubuntu.com/usn/usn-542-1 - | |
References | () http://www.ubuntu.com/usn/usn-542-2 - | |
References | () http://www.vupen.com/english/advisories/2007/3774 - | |
References | () http://www.vupen.com/english/advisories/2007/3775 - | |
References | () http://www.vupen.com/english/advisories/2007/3776 - | |
References | () http://www.vupen.com/english/advisories/2007/3779 - | |
References | () http://www.vupen.com/english/advisories/2007/3786 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/38304 - | |
References | () https://issues.rpath.com/browse/RPL-1926 - | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9839 - | |
References | () https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html - | |
References | () https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html - | |
References | () https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html - | |
References | () https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html - | |
References | () https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html - | |
References | () https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html - |
Information
Published : 2007-11-08 02:46
Updated : 2024-11-21 00:37
NVD link : CVE-2007-5393
Mitre link : CVE-2007-5393
CVE.ORG link : CVE-2007-5393
JSON object : View
Products Affected
xpdf
- xpdf
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer