Lucene search

K
cve[email protected]CVE-2007-5393
HistoryNov 08, 2007 - 2:46 a.m.

CVE-2007-5393

2007-11-0802:46:00
CWE-119
web.nvd.nist.gov
52
cve-2007-5393
heap-based buffer overflow
ccittfaxstream
xpdf
pdf
remote code execution
nvd

7.8 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.205 Low

EPSS

Percentile

96.3%

Heap-based buffer overflow in the CCITTFaxStream::lookChar method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a PDF file that contains a crafted CCITTFaxDecode filter.

CPENameOperatorVersion
xpdf:xpdfxpdfeq3.02p11

References

7.8 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.205 Low

EPSS

Percentile

96.3%

Related for CVE-2007-5393