Skip to navigation

CVE Database

CVE-2007-4352

Impact: Important
Public: 2007-11-07
Bugzilla: 345101: CVE-2007-4352 xpdf memory corruption in DCTStream::readProgressiveDataUnit()

Details

The MITRE CVE dictionary describes this issue as:

Array index error in the DCTStream::readProgressiveDataUnit method in xpdf/Stream.cc in Xpdf 3.02pl1, as used in poppler, teTeX, KDE, KOffice, CUPS, and other products, allows remote attackers to trigger memory corruption and execute arbitrary code via a crafted PDF file.

Find out more about CVE-2007-4352 from the MITRE CVE dictionary and NIST NVD.

Red Hat security errata

Platform Errata Release Date
Red Hat Enterprise Linux version 3 (xpdf) RHSA-2007:1030 November 07, 2007
Red Hat Enterprise Linux version 4 (cups) RHSA-2007:1022 November 07, 2007
Red Hat Enterprise Linux version 4 (gpdf) RHSA-2007:1025 November 07, 2007
Red Hat Enterprise Linux version 4 (kdegraphics) RHSA-2007:1024 November 12, 2007
Red Hat Enterprise Linux version 4 (tetex) RHSA-2007:1027 November 08, 2007
Red Hat Enterprise Linux version 4 (xpdf) RHSA-2007:1029 November 07, 2007
Red Hat Enterprise Linux version 5 (cups) RHSA-2007:1021 November 07, 2007
Red Hat Enterprise Linux version 5 (poppler) RHSA-2007:1026 November 07, 2007
Red Hat Enterprise Linux version 5 (tetex) RHSA-2007:1027 November 08, 2007

External References

This page is generated automatically and has not been checked for errors or omissions.

For clarification or corrections please contact the Red Hat Security Response Team.