xpdf -- multiple remote Stream.CC vulnerabilities

2007-11-0700:00:00

vuxml.freebsd.org

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.332 Low

EPSS

Percentile

97.0%

JSON

Secunia Research reports:

Secunia Research has discovered some vulnerabilities in Xpdf,
which can be exploited by malicious people to compromise a user’s
system.

An array indexing error within the
“DCTStream::readProgressiveDataUnit()” method in xpdf/Stream.cc
can be exploited to corrupt memory via a specially crafted PDF
file.
An integer overflow error within the “DCTStream::reset()”
method in xpdf/Stream.cc can be exploited to cause a heap-based
buffer overflow via a specially crafted PDF file.
A boundary error within the “CCITTFaxStream::lookChar()” method
in xpdf/Stream.cc can be exploited to cause a heap-based buffer
overflow by tricking a user into opening a PDF file containing a
specially crafted “CCITTFaxDecode” filter.

Successful exploitation may allow execution of arbitrary code.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchcups-base< 1.3.3_2UNKNOWN
FreeBSDanynoarchkdegraphics< 3.5.8_1UNKNOWN
FreeBSDanynoarchkoffice< 1.6.3_3,2UNKNOWN
FreeBSDanynoarchpoppler< 0.6UNKNOWN
FreeBSDanynoarchxpdf< 3.02_5UNKNOWN

OS	Version	Architecture	Package	Version	Filename
FreeBSD	any	noarch	cups-base	< 1.3.3_2	UNKNOWN
FreeBSD	any	noarch	kdegraphics	< 3.5.8_1	UNKNOWN
FreeBSD	any	noarch	koffice	< 1.6.3_3,2	UNKNOWN
FreeBSD	any	noarch	poppler	< 0.6	UNKNOWN
FreeBSD	any	noarch	xpdf	< 3.02_5	UNKNOWN