CVE-2007-3387: Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf before 2.8.2, (3) kpdf, (4)…

medium6.8CVSS 3.1

AVNACMAuNCPIPAP

Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf before 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote attackers to execute arbitrary code via a crafted PDF file that triggers a stack-based buffer overflow in the StreamPredictor::getNextLine function.

Affected

26 ranges· showing 25

Vendor	Product	Version range	Fixed in
apple	cups	<= 1.3.11	—
canonical	ubuntu_linux	—	—
canonical	ubuntu_linux	—	—
canonical	ubuntu_linux	—	—
debian	cups	< libextractor 0.5.12-1 (bookworm)	libextractor 0.5.12-1 (bookworm)
debian	debian_linux	—	—
debian	debian_linux	—	—
debian	ipe	< libextractor 0.5.12-1 (bookworm)	libextractor 0.5.12-1 (bookworm)
debian	libextractor	< libextractor 0.5.12-1 (bookworm)	libextractor 0.5.12-1 (bookworm)
debian	poppler	< libextractor 0.5.12-1 (bookworm)	libextractor 0.5.12-1 (bookworm)
debian	xpdf	< libextractor 0.5.12-1 (bookworm)	libextractor 0.5.12-1 (bookworm)
freedesktop	poppler	< 0.5.91	0.5.91
freedesktop	poppler	>= 0 < 0.5.4-6.1	0.5.4-6.1
freedesktop	poppler	>= 0 < 0.5.4-6.1	0.5.4-6.1
freedesktop	poppler	>= 0 < 0.5.4-6.1	0.5.4-6.1
freedesktop	poppler	>= 0 < 0.5.4-6.1	0.5.4-6.1
gnu	libextractor	>= 0 < 0.5.12-1	0.5.12-1
gnu	libextractor	>= 0 < 0.5.12-1	0.5.12-1
gnu	libextractor	>= 0 < 0.5.12-1	0.5.12-1
gnu	libextractor	>= 0 < 0.5.12-1	0.5.12-1
gpdf_project	gpdf	< 2.8.2	2.8.2
xpdf	xpdf	>= 0 < 3.02-1.1	3.02-1.1
xpdf	xpdf	>= 0 < 3.02-1.1	3.02-1.1
xpdf	xpdf	>= 0 < 3.02-1.1	3.02-1.1
xpdf	xpdf	>= 0 < 3.02-1.1	3.02-1.1

CVSS provenance

nvd6.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P

osv6.8MEDIUM