Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf before 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote attackers to execute arbitrary code via a crafted PDF file that triggers a stack-based buffer overflow in the StreamPredictor::getNextLine function.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
No history.
Information
Published : 2007-07-30 23:17
Updated : 2024-02-28 11:01
NVD link : CVE-2007-3387
Mitre link : CVE-2007-3387
CVE.ORG link : CVE-2007-3387
JSON object : View
Products Affected
gpdf_project
- gpdf
freedesktop
- poppler
apple
- cups
debian
- debian_linux
xpdfreader
- xpdf
canonical
- ubuntu_linux
CWE
CWE-190
Integer Overflow or Wraparound