CVE-2007-3387: Buffer Overflow
First published: Mon Jul 30 2007(Updated: )
Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf before 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote attackers to execute arbitrary code via a crafted PDF file that triggers a stack-based buffer overflow in the StreamPredictor::getNextLine function.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Xpdf | =3.02 | |
| CUPS | <=1.3.11 | |
| Poppler Data | <0.5.91 | |
| gpdf project gpdf | <2.8.2 | |
| Debian | =3.1 | |
| Debian | =4.0 | |
| Ubuntu | =7.04 | |
| Ubuntu | =6.10 | |
| Ubuntu | =6.06 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.redhat.com/support/errata/RHSA-2007-0730.html
- http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=248194
- http://bugs.gentoo.org/show_bug.cgi?id=187139
- http://www.kde.org/info/security/advisory-20070730-1.txt
- https://issues.rpath.com/browse/RPL-1596
- https://issues.foresightlinux.org/browse/FL-471
- https://issues.rpath.com/browse/RPL-1604
- http://support.avaya.com/elmodocs2/security/ASA-2007-401.htm
- http://sourceforge.net/project/shownotes.php?release_id=535497
- http://www.debian.org/security/2007/dsa-1347
- http://www.debian.org/security/2007/dsa-1348
- http://www.debian.org/security/2007/dsa-1349
- http://www.debian.org/security/2007/dsa-1350
- http://www.debian.org/security/2007/dsa-1352
- http://www.debian.org/security/2007/dsa-1355
- http://www.debian.org/security/2007/dsa-1354
- http://www.debian.org/security/2007/dsa-1357
- http://security.gentoo.org/glsa/glsa-200709-12.xml
- http://www.gentoo.org/security/en/glsa/glsa-200710-08.xml
- http://security.gentoo.org/glsa/glsa-200710-20.xml
- http://security.gentoo.org/glsa/glsa-200709-17.xml
- http://security.gentoo.org/glsa/glsa-200711-34.xml
- http://www.mandriva.com/security/advisories?name=MDKSA-2007:162
- http://www.mandriva.com/security/advisories?name=MDKSA-2007:158
- http://www.mandriva.com/security/advisories?name=MDKSA-2007:159
- http://www.mandriva.com/security/advisories?name=MDKSA-2007:160
- http://www.mandriva.com/security/advisories?name=MDKSA-2007:161
- http://www.mandriva.com/security/advisories?name=MDKSA-2007:163
- http://www.mandriva.com/security/advisories?name=MDKSA-2007:164
- http://www.mandriva.com/security/advisories?name=MDKSA-2007:165
- http://www.redhat.com/support/errata/RHSA-2007-0720.html
- http://www.redhat.com/support/errata/RHSA-2007-0729.html
- http://www.redhat.com/support/errata/RHSA-2007-0732.html
- http://www.redhat.com/support/errata/RHSA-2007-0735.html
- http://www.redhat.com/support/errata/RHSA-2007-0731.html
- http://www.slackware.org/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.423670
- http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.761882
- http://www.novell.com/linux/security/advisories/2007_15_sr.html
- http://www.novell.com/linux/security/advisories/2007_16_sr.html
- http://www.ubuntu.com/usn/usn-496-1
- http://www.ubuntu.com/usn/usn-496-2
- http://www.securityfocus.com/bid/25124
- http://www.securitytracker.com/id?1018473
- http://secunia.com/advisories/26188
- http://secunia.com/advisories/26254
- http://secunia.com/advisories/26255
- http://secunia.com/advisories/26257
- http://secunia.com/advisories/26278
- http://secunia.com/advisories/26281
- http://secunia.com/advisories/26283
- http://secunia.com/advisories/26251
- http://secunia.com/advisories/26293
- http://secunia.com/advisories/26292
- http://secunia.com/advisories/26307
- http://secunia.com/advisories/26318
- http://secunia.com/advisories/26342
- http://secunia.com/advisories/26297
- http://secunia.com/advisories/26343
- http://secunia.com/advisories/26358
- http://secunia.com/advisories/26325
- http://secunia.com/advisories/26365
- http://secunia.com/advisories/26370
- http://secunia.com/advisories/26413
- http://secunia.com/advisories/26410
- http://secunia.com/advisories/26403
- http://secunia.com/advisories/26405
- http://secunia.com/advisories/26407
- http://secunia.com/advisories/26432
- http://secunia.com/advisories/26436
- http://secunia.com/advisories/26467
- http://secunia.com/advisories/26468
- http://secunia.com/advisories/26470
- http://secunia.com/advisories/26425
- http://secunia.com/advisories/26395
- http://secunia.com/advisories/26514
- http://secunia.com/advisories/26607
- http://secunia.com/advisories/26862
- http://secunia.com/advisories/27156
- http://secunia.com/advisories/27281
- http://secunia.com/advisories/27308
- http://secunia.com/advisories/27637
- http://secunia.com/advisories/26627
- http://secunia.com/advisories/26982
- http://security.gentoo.org/glsa/glsa-200805-13.xml
- http://secunia.com/advisories/30168
- http://osvdb.org/40127
- http://www.vupen.com/english/advisories/2007/2704
- http://www.vupen.com/english/advisories/2007/2705
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11149
- http://www.securityfocus.com/archive/1/476765/30/5340/threaded
- http://www.securityfocus.com/archive/1/476519/30/5400/threaded
- http://www.securityfocus.com/archive/1/476508/100/0/threaded
Frequently Asked Questions
What is the severity of CVE-2007-3387?
The severity of CVE-2007-3387 is classified as critical, as it allows remote code execution through crafted PDF files.
How do I fix CVE-2007-3387?
To fix CVE-2007-3387, upgrade affected software to versions that have resolved this vulnerability, such as updated versions of Xpdf, Poppler, gpdf, and CUPS.
Which software is affected by CVE-2007-3387?
CVE-2007-3387 affects several software products, including Xpdf 3.02, Poppler versions before 0.5.91, gpdf versions before 2.8.2, and various others.
Can CVE-2007-3387 be exploited remotely?
Yes, CVE-2007-3387 can be exploited remotely by attackers using maliciously crafted PDF files.
What platforms are affected by CVE-2007-3387?
CVE-2007-3387 affects multiple platforms, including Debian and Ubuntu distributions, specifically versions 3.1, 4.0, and various 6.x to 7.x releases.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/author
- agent/severity
- agent/event
- agent/first-publish-date
- agent/description
- agent/source
- agent/weakness
- collector/nvd-historical
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- vendor/xpdfreader
- canonical/xpdf
- version/xpdf/3.02
- vendor/apple
- canonical/cups
- version/cups/1.3.11
- vendor/freedesktop
- canonical/poppler data
- vendor/gpdf project
- canonical/gpdf project gpdf
- vendor/debian
- canonical/debian
- version/debian/3.1
- version/debian/4.0
- vendor/canonical
- canonical/ubuntu
- version/ubuntu/7.04
- version/ubuntu/6.10
- version/ubuntu/6.06