MidnightBSD

Advisories for gpdf_project

CVE-2007-3387 MEDIUM

Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf before 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote attackers to execute arbitrary code via a crafted PDF file that triggers a stack-based buffer overflow in the StreamPredictor::getNextLine function.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-190,

Products Affected

Vendor Product Version
apple cups *
debian debian_linux 3.1
canonical ubuntu_linux 6.10
freedesktop poppler *
xpdfreader xpdf 3.02
canonical ubuntu_linux 6.06
gpdf_project gpdf *
canonical ubuntu_linux 7.04
debian debian_linux 4.0