CVE-2007-4352Out-of-bounds Write in Xpdf

10 documents9 sources
Severity
7.6HIGHNVD
EPSS
25.5%
top 3.77%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Apple CupsFreedesktop PopplerGNU Libextractor+1 more
Timeline
PublishedNov 8
Latest updateMay 1

Description

Array index error in the DCTStream::readProgressiveDataUnit method in xpdf/Stream.cc in Xpdf 3.02pl1, as used in poppler, teTeX, KDE, KOffice, CUPS, and other products, allows remote attackers to trigger memory corruption and execute arbitrary code via a crafted PDF file.

CVSS vector

AV:N/AC:H/C:C/I:C/A:CExploitability: 4.9 | Impact: 10.0

Affected Packages5 packages

Debianxpdf/xpdf< 3.02-1.3+3
NVDxpdf/xpdf3.0.1_pl1
Debianapple/cups< 1.1.22-7+3
Debianfreedesktop/poppler< 0.6.2-1+3
Debiangnu/libextractor< 0.5.12-1+3

Patches

Patch: secunia.comPatch: secunia.com

🔴Vulnerability Details

3
GHSA
GHSA-7x5f-fvjf-pxrp: Array index error in the DCTStream::readProgressiveDataUnit method in xpdf/Stream2022-05-01
CVEList
CVE-2007-4352: Array index error in the DCTStream::readProgressiveDataUnit method in xpdf/Stream2007-11-08
OSV
CVE-2007-4352: Array index error in the DCTStream::readProgressiveDataUnit method in xpdf/Stream2007-11-08

💥Exploits & PoCs

1
Exploit-DB
HP Mercury Quality Center 9.0 build 9.1.0.4352 - SQL Execution2007-04-03

📋Vendor Advisories

4
Ubuntu
KOffice vulnerabilities2007-11-15
Ubuntu
poppler vulnerabilities2007-11-14
Red Hat
DCTStream:: readProgressiveDataUnit()2007-11-07
Debian
CVE-2007-4352: cups - Array index error in the DCTStream::readProgressiveDataUnit method in xpdf/Strea...2007

💬Community

1
Bugzilla
CVE-2007-4352 xpdf memory corruption in DCTStream::readProgressiveDataUnit()2007-10-22
CVE-2007-4352 — Out-of-bounds Write in Xpdf | cvebase