Red Hat Customer Portal

Skip to main content

CVE-2007-4352

Impact:
Important
Public Date:
2007-11-07
Bugzilla:
345101: CVE-2007-4352 xpdf memory corruption in DCTStream::readProgressiveDataUnit()

The MITRE CVE dictionary describes this issue as:

Array index error in the DCTStream::readProgressiveDataUnit method in xpdf/Stream.cc in Xpdf 3.02pl1, as used in poppler, teTeX, KDE, KOffice, CUPS, and other products, allows remote attackers to trigger memory corruption and execute arbitrary code via a crafted PDF file.

Find out more about CVE-2007-4352 from the MITRE CVE dictionary dictionary and NIST NVD.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 3 (xpdf) RHSA-2007:1030 2007-11-07
Red Hat Enterprise Linux 4 (xpdf) RHSA-2007:1029 2007-11-07
Red Hat Enterprise Linux 4 (cups) RHSA-2007:1022 2007-11-07
Red Hat Enterprise Linux 4 (tetex) RHSA-2007:1027 2007-11-08
Red Hat Enterprise Linux 4 (kdegraphics) RHSA-2007:1024 2007-11-12
Red Hat Enterprise Linux 4 (gpdf) RHSA-2007:1025 2007-11-07
Red Hat Enterprise Linux 5 (tetex) RHSA-2007:1027 2007-11-08
Red Hat Enterprise Linux 5 (poppler) RHSA-2007:1026 2007-11-07
Red Hat Enterprise Linux 5 (cups) RHSA-2007:1021 2007-11-07