CVE-2007-3387

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2007-3387

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2007-3387.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2007-3387

Downstream

DEBIAN-CVE-2007-3387

DSA-1347-1

DSA-1348-1

DSA-1349-1

DSA-1350-1

DSA-1352-1

DSA-1354-1

DSA-1355-1

DSA-1357-1

DTSA-49-1

DTSA-50-1

DTSA-54-1

DTSA-62-1

RHSA-2007:0720

RHSA-2007:0729

RHSA-2007:0730

RHSA-2007:0731

RHSA-2007:0732

RHSA-2007:0735

openSUSE-SU-2024:10707-1

Related

openSUSE-SU-2024:10707-1

Published

2007-07-30T23:17:00Z

Modified

2025-08-09T19:01:28Z

Summary

[none]

Details

Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf before 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote attackers to execute arbitrary code via a crafted PDF file that triggers a stack-based buffer overflow in the StreamPredictor::getNextLine function.

References

Affected packages