CVE-2007-3387

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.redhat.com/support/errata/RHSA-2007-0730.html", "name": "RHSA-2007:0730", "tags": ["Third Party Advisory"], "refsource": "REDHAT"}, {"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=248194", "name": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=248194", "tags": ["Issue Tracking", "Third Party Advisory"], "refsource": "MISC"}, {"url": "http://bugs.gentoo.org/show_bug.cgi?id=187139", "name": "http://bugs.gentoo.org/show_bug.cgi?id=187139", "tags": ["Issue Tracking", "Third Party Advisory"], "refsource": "MISC"}, {"url": "http://www.kde.org/info/security/advisory-20070730-1.txt", "name": "http://www.kde.org/info/security/advisory-20070730-1.txt", "tags": ["Third Party Advisory"], "refsource": "CONFIRM"}, {"url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl1.patch", "name": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl1.patch", "tags": ["Broken Link"], "refsource": "CONFIRM"}, {"url": "https://issues.rpath.com/browse/RPL-1596", "name": "https://issues.rpath.com/browse/RPL-1596", "tags": ["Broken Link"], "refsource": "CONFIRM"}, {"url": "https://issues.foresightlinux.org/browse/FL-471", "name": "https://issues.foresightlinux.org/browse/FL-471", "tags": ["Broken Link"], "refsource": "CONFIRM"}, {"url": "https://issues.rpath.com/browse/RPL-1604", "name": "https://issues.rpath.com/browse/RPL-1604", "tags": ["Broken Link"], "refsource": "CONFIRM"}, {"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-401.htm", "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-401.htm", "tags": ["Third Party Advisory"], "refsource": "CONFIRM"}, {"url": "http://sourceforge.net/project/shownotes.php?release_id=535497", "name": "http://sourceforge.net/project/shownotes.php?release_id=535497", "tags": ["Broken Link"], "refsource": "CONFIRM"}, {"url": "http://www.debian.org/security/2007/dsa-1347", "name": "DSA-1347", "tags": ["Third Party Advisory"], "refsource": "DEBIAN"}, {"url": "http://www.debian.org/security/2007/dsa-1348", "name": "DSA-1348", "tags": ["Third Party Advisory"], "refsource": "DEBIAN"}, {"url": "http://www.debian.org/security/2007/dsa-1349", "name": "DSA-1349", "tags": ["Third Party Advisory"], "refsource": "DEBIAN"}, {"url": "http://www.debian.org/security/2007/dsa-1350", "name": "DSA-1350", "tags": ["Third Party Advisory"], "refsource": "DEBIAN"}, {"url": "http://www.debian.org/security/2007/dsa-1352", "name": "DSA-1352", "tags": ["Third Party Advisory"], "refsource": "DEBIAN"}, {"url": "http://www.debian.org/security/2007/dsa-1355", "name": "DSA-1355", "tags": ["Third Party Advisory"], "refsource": "DEBIAN"}, {"url": "http://www.debian.org/security/2007/dsa-1354", "name": "DSA-1354", "tags": ["Third Party Advisory"], "refsource": "DEBIAN"}, {"url": "http://www.debian.org/security/2007/dsa-1357", "name": "DSA-1357", "tags": ["Third Party Advisory"], "refsource": "DEBIAN"}, {"url": "http://security.gentoo.org/glsa/glsa-200709-12.xml", "name": "GLSA-200709-12", "tags": ["Third Party Advisory"], "refsource": "GENTOO"}, {"url": "http://www.gentoo.org/security/en/glsa/glsa-200710-08.xml", "name": "GLSA-200710-08", "tags": ["Third Party Advisory"], "refsource": "GENTOO"}, {"url": "http://security.gentoo.org/glsa/glsa-200710-20.xml", "name": "GLSA-200710-20", "tags": ["Third Party Advisory"], "refsource": "GENTOO"}, {"url": "http://security.gentoo.org/glsa/glsa-200709-17.xml", "name": "GLSA-200709-17", "tags": ["Third Party Advisory"], "refsource": "GENTOO"}, {"url": "http://security.gentoo.org/glsa/glsa-200711-34.xml", "name": "GLSA-200711-34", "tags": ["Third Party Advisory"], "refsource": "GENTOO"}, {"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:162", "name": "MDKSA-2007:162", "tags": ["Third Party Advisory"], "refsource": "MANDRIVA"}, {"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:158", "name": "MDKSA-2007:158", "tags": ["Third Party Advisory"], "refsource": "MANDRIVA"}, {"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:159", "name": "MDKSA-2007:159", "tags": ["Third Party Advisory"], "refsource": "MANDRIVA"}, {"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:160", "name": "MDKSA-2007:160", "tags": ["Third Party Advisory"], "refsource": "MANDRIVA"}, {"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:161", "name": "MDKSA-2007:161", "tags": ["Third Party Advisory"], "refsource": "MANDRIVA"}, {"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:163", "name": "MDKSA-2007:163", "tags": ["Third Party Advisory"], "refsource": "MANDRIVA"}, {"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:164", "name": "MDKSA-2007:164", "tags": ["Third Party Advisory"], "refsource": "MANDRIVA"}, {"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:165", "name": "MDKSA-2007:165", "tags": ["Third Party Advisory"], "refsource": "MANDRIVA"}, {"url": "http://www.redhat.com/support/errata/RHSA-2007-0720.html", "name": "RHSA-2007:0720", "tags": ["Third Party Advisory"], "refsource": "REDHAT"}, {"url": "http://www.redhat.com/support/errata/RHSA-2007-0729.html", "name": "RHSA-2007:0729", "tags": ["Third Party Advisory"], "refsource": "REDHAT"}, {"url": "http://www.redhat.com/support/errata/RHSA-2007-0732.html", "name": "RHSA-2007:0732", "tags": ["Third Party Advisory"], "refsource": "REDHAT"}, {"url": "http://www.redhat.com/support/errata/RHSA-2007-0735.html", "name": "RHSA-2007:0735", "tags": ["Third Party Advisory"], "refsource": "REDHAT"}, {"url": "http://www.redhat.com/support/errata/RHSA-2007-0731.html", "name": "RHSA-2007:0731", "tags": ["Third Party Advisory"], "refsource": "REDHAT"}, {"url": "ftp://patches.sgi.com/support/free/security/advisories/20070801-01-P.asc", "name": "20070801-01-P", "tags": ["Broken Link"], "refsource": "SGI"}, {"url": "http://www.slackware.org/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.423670", "name": "SSA:2007-222-05", "tags": ["Third Party Advisory"], "refsource": "SLACKWARE"}, {"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.761882", "name": "SSA:2007-316-01", "tags": ["Third Party Advisory"], "refsource": "SLACKWARE"}, {"url": "http://www.novell.com/linux/security/advisories/2007_15_sr.html", "name": "SUSE-SR:2007:015", "tags": ["Broken Link"], "refsource": "SUSE"}, {"url": "http://www.novell.com/linux/security/advisories/2007_16_sr.html", "name": "SUSE-SR:2007:016", "tags": ["Broken Link"], "refsource": "SUSE"}, {"url": "http://www.ubuntu.com/usn/usn-496-1", "name": "USN-496-1", "tags": ["Third Party Advisory"], "refsource": "UBUNTU"}, {"url": "http://www.ubuntu.com/usn/usn-496-2", "name": "USN-496-2", "tags": ["Third Party Advisory"], "refsource": "UBUNTU"}, {"url": "http://www.securityfocus.com/bid/25124", "name": "25124", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": "BID"}, {"url": "http://www.securitytracker.com/id?1018473", "name": "1018473", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": "SECTRACK"}, {"url": "http://secunia.com/advisories/26188", "name": "26188", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/26254", "name": "26254", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/26255", "name": "26255", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/26257", "name": "26257", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/26278", "name": "26278", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/26281", "name": "26281", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/26283", "name": "26283", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/26251", "name": "26251", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/26293", "name": "26293", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/26292", "name": "26292", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/26307", "name": "26307", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/26318", "name": "26318", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/26342", "name": "26342", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/26297", "name": "26297", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/26343", "name": "26343", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/26358", "name": "26358", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/26325", "name": "26325", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/26365", "name": "26365", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/26370", "name": "26370", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/26413", "name": "26413", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/26410", "name": "26410", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/26403", "name": "26403", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/26405", "name": "26405", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/26407", "name": "26407", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/26432", "name": "26432", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/26436", "name": "26436", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/26467", "name": "26467", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/26468", "name": "26468", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/26470", "name": "26470", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/26425", "name": "26425", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/26395", "name": "26395", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/26514", "name": "26514", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/26607", "name": "26607", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/26862", "name": "26862", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/27156", "name": "27156", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/27281", "name": "27281", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/27308", "name": "27308", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/27637", "name": "27637", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/26627", "name": "26627", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/26982", "name": "26982", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://security.gentoo.org/glsa/glsa-200805-13.xml", "name": "GLSA-200805-13", "tags": ["Third Party Advisory"], "refsource": "GENTOO"}, {"url": "http://secunia.com/advisories/30168", "name": "30168", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://osvdb.org/40127", "name": "40127", "tags": ["Broken Link"], "refsource": "OSVDB"}, {"url": "http://www.vupen.com/english/advisories/2007/2704", "name": "ADV-2007-2704", "tags": ["Permissions Required", "Third Party Advisory"], "refsource": "VUPEN"}, {"url": "http://www.vupen.com/english/advisories/2007/2705", "name": "ADV-2007-2705", "tags": ["Permissions Required", "Third Party Advisory"], "refsource": "VUPEN"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11149", "name": "oval:org.mitre.oval:def:11149", "tags": ["Third Party Advisory"], "refsource": "OVAL"}, {"url": "http://www.securityfocus.com/archive/1/476765/30/5340/threaded", "name": "20070816 FLEA-2007-0046-1 cups", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": "BUGTRAQ"}, {"url": "http://www.securityfocus.com/archive/1/476519/30/5400/threaded", "name": "20070814 FLEA-2007-0045-1 poppler", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": "BUGTRAQ"}, {"url": "http://www.securityfocus.com/archive/1/476508/100/0/threaded", "name": "20070814 FLEA-2007-0044-1 tetex tetex-dvips tetex-fonts", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": "BUGTRAQ"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf before 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote attackers to execute arbitrary code via a crafted PDF file that triggers a stack-based buffer overflow in the StreamPredictor::getNextLine function."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-190"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2007-3387", "ASSIGNER": "secalert@redhat.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}}, "publishedDate": "2007-07-30T23:17Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:xpdfreader:xpdf:3.02:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "1.3.11"}, {"cpe23Uri": "cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "0.5.91"}, {"cpe23Uri": "cpe:2.3:a:gpdf_project:gpdf:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "2.8.2"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2023-02-13T02:17Z"}