what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 9 of 9 RSS Feed

CVE-2007-0104

Status Candidate

Overview

The Adobe PDF specification 1.3, as implemented by (a) xpdf 3.0.1 patch 2, (b) kpdf in KDE before 3.5.5, (c) poppler before 0.5.4, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node.

Related Files

Ubuntu Security Notice 410-2
Posted Jan 27, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 410-2 - USN-410-1 fixed vulnerabilities in the poppler PDF loader library. This update provides the corresponding updates for a copy of this code in tetex-bin in Ubuntu 5.10. Versions of tetex-bin after Ubuntu 5.10 use poppler directly and do not need a separate update. The poppler PDF loader library did not limit the recursion depth of the page model tree. By tricking a user into opening a specially crafter PDF file, this could be exploited to trigger an infinite loop and eventually crash an application that uses this library.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2007-0104
SHA-256 | 08ee482c20f46c68cd6cf2d08234745c81378dc1bc923d29ae15446df5fa4630
Mandriva Linux Security Advisory 2007.024
Posted Jan 24, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - The Adobe PDF specification 1.3, as implemented by xpdf 3.0.1 patch 2, kpdf in KDE before 3.5.5, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a crafted catalog dictionary or a crafted Pages attribute that references an invalid page tree node.

tags | advisory, remote, denial of service, arbitrary, code execution
systems | linux, mandriva
advisories | CVE-2007-0104
SHA-256 | ad52671748d44b66eb8be6798b1b0881f0e6bf8f92e2ecb7487b826152d5b76b
Mandriva Linux Security Advisory 2007.022
Posted Jan 20, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - The Adobe PDF specification 1.3, as implemented by xpdf 3.0.1 patch 2, kpdf in KDE before 3.5.5, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a crafted catalog dictionary or a crafted Pages attribute that references an invalid page tree node.

tags | advisory, remote, denial of service, arbitrary, code execution
systems | linux, mandriva
advisories | CVE-2007-0104
SHA-256 | 1d36e137255405a514e213711150020100625057e4b420b100f90813a71b870f
Mandriva Linux Security Advisory 2007.021
Posted Jan 20, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - The Adobe PDF specification 1.3, as implemented by xpdf 3.0.1 patch 2, kpdf in KDE before 3.5.5, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a crafted catalog dictionary or a crafted Pages attribute that references an invalid page tree node.

tags | advisory, remote, denial of service, arbitrary, code execution
systems | linux, mandriva
advisories | CVE-2007-0104
SHA-256 | 34d05c5be24e5f1c853052ea6306243c70d3f02d27b791676245ba27956f51cb
Mandriva Linux Security Advisory 2007.020
Posted Jan 20, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - The Adobe PDF specification 1.3, as implemented by xpdf 3.0.1 patch 2, kpdf in KDE before 3.5.5, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a crafted catalog dictionary or a crafted Pages attribute that references an invalid page tree node.

tags | advisory, remote, denial of service, arbitrary, code execution
systems | linux, mandriva
advisories | CVE-2007-0104
SHA-256 | e49ea25be84b581053eb71e5937834c79d5c8c84b6ec8a0a86df12b2236aee29
Mandriva Linux Security Advisory 2007.019
Posted Jan 20, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - The Adobe PDF specification 1.3, as implemented by xpdf 3.0.1 patch 2, kpdf in KDE before 3.5.5, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a crafted catalog dictionary or a crafted Pages attribute that references an invalid page tree node.

tags | advisory, remote, denial of service, arbitrary, code execution
systems | linux, mandriva
advisories | CVE-2007-0104
SHA-256 | 9f0f98829c5fe8e465885833c5117cf5df4ca0d12fe42d47dbbbb274dcd98347
Mandriva Linux Security Advisory 2007.018
Posted Jan 20, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - The Adobe PDF specification 1.3, as implemented by xpdf 3.0.1 patch 2, kpdf in KDE before 3.5.5, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a crafted catalog dictionary or a crafted Pages attribute that references an invalid page tree node.

tags | advisory, remote, denial of service, arbitrary, code execution
systems | linux, mandriva
advisories | CVE-2007-0104
SHA-256 | 61df2f5bb48bd6279593857a29aa7e1043e72843d419b309c20a1eda52d25fb4
Ubuntu Security Notice 410-1
Posted Jan 20, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 410-1 - The poppler PDF loader library did not limit the recursion depth of the page model tree. By tricking a user into opening a specially crafter PDF file, this could be exploited to trigger an infinite loop and eventually crash an application that uses this library.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2007-0104
SHA-256 | 6ee4af7133bc4242aa929a344913756d206262e5a7e5f3dca27971e32d353312
KDE Security Advisory 2007-01-15.1
Posted Jan 20, 2007
Authored by KDE Desktop | Site kde.org

KDE Security Advisory - kpdf, the KDE pdf viewer, shares code with xpdf. xpdf contains a vulnerability that can cause denial of service (infinite loop) via a PDF file that contains a crafted catalog dictionary or a crafted Pages attribute that references an invalid page tree node.

tags | advisory, denial of service
advisories | CVE-2007-0104
SHA-256 | 42812a15864105269027b14064b13deb20beeca385431654ec9eb079ccaf20c4
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close