{"api_version":"1","generated_at":"2026-04-22T23:07:55+00:00","cve":"CVE-2007-4352","urls":{"html":"https://cve.report/CVE-2007-4352","api":"https://cve.report/api/cve/CVE-2007-4352.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2007-4352","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2007-4352"},"summary":{"title":"CVE-2007-4352","description":"Array index error in the DCTStream::readProgressiveDataUnit method in xpdf/Stream.cc in Xpdf 3.02pl1, as used in poppler, teTeX, KDE, KOffice, CUPS, and other products, allows remote attackers to trigger memory corruption and execute arbitrary code via a crafted PDF file.","state":"PUBLIC","assigner":"PSIRT-CNA@flexerasoftware.com","published_at":"2007-11-08 02:46:00","updated_at":"2017-09-29 01:29:00"},"problem_types":["NVD-CWE-Other"],"metrics":[],"references":[{"url":"http://www.debian.org/security/2008/dsa-1509","name":"DSA-1509","refsource":"DEBIAN","tags":[],"title":"Debian -- Security Information -- DSA-1509-1 koffice","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/27856","name":"27856","refsource":"SECUNIA","tags":[],"title":"rPath update for cups, poppler, and tetex - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/26367","name":"26367","refsource":"BID","tags":[],"title":"Xpdf Multiple Remote Stream.CC Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://secunia.com/advisories/27553","name":"27553","refsource":"SECUNIA","tags":[],"title":"Poppler \"Stream.cc\" Multiple Vulnerabilities - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2007/3776","name":"ADV-2007-3776","refsource":"VUPEN","tags":[],"title":"Webmail | OVH- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securitytracker.com/id?1018905","name":"1018905","refsource":"SECTRACK","tags":[],"title":"Xpdf Bugs in streams and t1lib Let Remote Users Execute Arbitrary Code - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/27578","name":"27578","refsource":"SECUNIA","tags":[],"title":"KDE and KOffice \"Stream.cc\" Multiple Vulnerabilities - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/27642","name":"27642","refsource":"SECUNIA","tags":[],"title":"SUSE update for xpdf - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.debian.org/security/2008/dsa-1480","name":"DSA-1480","refsource":"DEBIAN","tags":[],"title":"Debian -- Security Information -- DSA-1480-1 poppler","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.redhat.com/support/errata/RHSA-2007-1030.html","name":"RHSA-2007:1030","refsource":"REDHAT","tags":[],"title":"Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:223","name":"MDKSA-2007:223","refsource":"MANDRIVA","tags":[],"title":"Support / Security / Advisories /  / MDKSA-2007:223 | Mandriva","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/38306","name":"xpdf-dctstreamread-memory-corruption(38306)","refsource":"XF","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:222","name":"MDKSA-2007:222","refsource":"MANDRIVA","tags":[],"title":"Support / Security / Advisories /  / MDKSA-2007:222 | Mandriva","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:221","name":"MDKSA-2007:221","refsource":"MANDRIVA","tags":[],"title":"Support / Security / Advisories /  / MDKSA-2007:221 | Mandriva","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:220","name":"MDKSA-2007:220","refsource":"MANDRIVA","tags":[],"title":"Support / Security / Advisories /  / MDKSA-2007:220 | Mandriva","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/27636","name":"27636","refsource":"SECUNIA","tags":[],"title":"SUSE update for kdegraphics3-pdf - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/27618","name":"27618","refsource":"SECUNIA","tags":[],"title":"Fedora update for koffice - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/27577","name":"27577","refsource":"SECUNIA","tags":[],"title":"Red Hat update for cups - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.redhat.com/support/errata/RHSA-2007-1024.html","name":"RHSA-2007:1024","refsource":"REDHAT","tags":[],"title":"rhn.redhat.com | Red Hat Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:230","name":"MDKSA-2007:230","refsource":"MANDRIVA","tags":[],"title":"Support / Security / Advisories /  / MDKSA-2007:230 | Mandriva","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/27637","name":"27637","refsource":"SECUNIA","tags":[],"title":"Slackware update for koffice, kdegraphics, and xpdf - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/27619","name":"27619","refsource":"SECUNIA","tags":[],"title":"Fedora update for xpdf - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://security.gentoo.org/glsa/glsa-200805-13.xml","name":"GLSA-200805-13","refsource":"GENTOO","tags":[],"title":"PTeX: Multiple vulnerabilities — Gentoo Linux Documentation","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://security.gentoo.org/glsa/glsa-200711-34.xml","name":"GLSA-200711-34","refsource":"GENTOO","tags":[],"title":"Gentoo Linux Documentation\n--\n  CSTeX: Multiple vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html","name":"FEDORA-2007-4031","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 8 Update: poppler-0.6.2-1.fc8","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/30168","name":"30168","refsource":"SECUNIA","tags":[],"title":"Gentoo update for ptex - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://issues.rpath.com/browse/RPL-1926","name":"https://issues.rpath.com/browse/RPL-1926","refsource":"CONFIRM","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"404"},{"url":"http://secunia.com/advisories/27260","name":"27260","refsource":"SECUNIA","tags":["Patch","Vendor Advisory"],"title":"Xpdf \"Stream.cc\" Multiple Vulnerabilities - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/27573","name":"27573","refsource":"SECUNIA","tags":[],"title":"Red Hat update for poppler - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/27632","name":"27632","refsource":"SECUNIA","tags":[],"title":"Ubuntu update for poppler - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html","name":"FEDORA-2007-3390","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 7 Update: tetex-3.0-40.3.fc7","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/secunia_research/2007-88/advisory/","name":"http://secunia.com/secunia_research/2007-88/advisory/","refsource":"MISC","tags":["Vendor Advisory"],"title":"Xpdf \"Stream.cc\" Multiple Vulnerabilities - Secunia Research - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.kde.org/info/security/advisory-20071107-1.txt","name":"http://www.kde.org/info/security/advisory-20071107-1.txt","refsource":"CONFIRM","tags":[],"title":"","mime":"text/plain","httpstatus":"200","archivestatus":"200"},{"url":"http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html","name":"http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html","refsource":"CONFIRM","tags":[],"title":"Security update for koffice","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.redhat.com/support/errata/RHSA-2007-1021.html","name":"RHSA-2007:1021","refsource":"REDHAT","tags":[],"title":"Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:228","name":"MDKSA-2007:228","refsource":"MANDRIVA","tags":[],"title":"Support / Security / Advisories /  / MDKSA-2007:228 | Mandriva","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/archive/1/483372","name":"20071107 Secunia Research: Xpdf \"Stream.cc\" Multiple Vulnerabilities","refsource":"BUGTRAQ","tags":[],"title":"SecurityFocus","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.redhat.com/support/errata/RHSA-2007-1026.html","name":"RHSA-2007:1026","refsource":"REDHAT","tags":[],"title":"rhn.redhat.com | Red Hat Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html","name":"http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html","refsource":"CONFIRM","tags":[],"title":"Security update for poppler","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2007/3786","name":"ADV-2007-3786","refsource":"VUPEN","tags":[],"title":"Webmail | OVH- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:227","name":"MDKSA-2007:227","refsource":"MANDRIVA","tags":[],"title":"Support / Security / Advisories /  / MDKSA-2007:227 | Mandriva","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.redhat.com/support/errata/RHSA-2007-1025.html","name":"RHSA-2007:1025","refsource":"REDHAT","tags":[],"title":"rhn.redhat.com | Red Hat Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/27658","name":"27658","refsource":"SECUNIA","tags":[],"title":"Ubuntu update for koffice - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html","name":"FEDORA-2007-3100","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 7 Update: cups-1.2.12-7.fc7","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://security.gentoo.org/glsa/glsa-200711-22.xml","name":"GLSA-200711-22","refsource":"GENTOO","tags":[],"title":"Gentoo Linux Documentation\n--\n  Poppler, KDE: User-assisted execution of arbitrary code","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/27641","name":"27641","refsource":"SECUNIA","tags":[],"title":"SUSE update for poppler - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.redhat.com/support/errata/RHSA-2007-1022.html","name":"RHSA-2007:1022","refsource":"REDHAT","tags":[],"title":"rhn.redhat.com | Red Hat Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html","name":"http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html","refsource":"CONFIRM","tags":[],"title":"Security update for xpdf","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2007/3779","name":"ADV-2007-3779","refsource":"VUPEN","tags":[],"title":"Webmail | OVH- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html","name":"FEDORA-2007-750","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora Core 6 Update: tetex-3.0-36.fc6","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.ubuntu.com/usn/usn-542-1","name":"USN-542-1","refsource":"UBUNTU","tags":[],"title":"USN-542-1: poppler vulnerabilities | Ubuntu","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.ubuntu.com/usn/usn-542-2","name":"USN-542-2","refsource":"UBUNTU","tags":[],"title":"USN-542-2: KOffice vulnerabilities | Ubuntu","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/27574","name":"27574","refsource":"SECUNIA","tags":[],"title":"Red Hat update for xpdf - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.redhat.com/support/errata/RHSA-2007-1027.html","name":"RHSA-2007:1027","refsource":"REDHAT","tags":[],"title":"rhn.redhat.com | Red Hat Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.redhat.com/support/errata/RHSA-2007-1029.html","name":"RHSA-2007:1029","refsource":"REDHAT","tags":[],"title":"Support","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2007/3775","name":"ADV-2007-3775","refsource":"VUPEN","tags":[],"title":"Webmail | OVH- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9979","name":"oval:org.mitre.oval:def:9979","refsource":"OVAL","tags":[],"title":"Repository  /  Oval Repository","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.novell.com/linux/security/advisories/2007_60_pdf.html","name":"SUSE-SA:2007:060","refsource":"SUSE","tags":[],"title":"Security Announcement","mime":"text/html","httpstatus":"404","archivestatus":"200"},{"url":"http://www.debian.org/security/2008/dsa-1537","name":"DSA-1537","refsource":"DEBIAN","tags":[],"title":"Debian -- Security Information -- DSA-1537-1 xpdf","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/28812","name":"28812","refsource":"SECUNIA","tags":[],"title":"Debian update for poppler - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html","name":"FEDORA-2007-3031","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 7 Update: xpdf-3.02-4.fc7","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html","name":"http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html","refsource":"CONFIRM","tags":[],"title":"Security update for Cups","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/27724","name":"27724","refsource":"SECUNIA","tags":[],"title":"Mandriva update for cups - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2007/3774","name":"ADV-2007-3774","refsource":"VUPEN","tags":[],"title":"Webmail | OVH- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/27721","name":"27721","refsource":"SECUNIA","tags":[],"title":"Mandriva update for pdftohtml - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html","name":"http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html","refsource":"CONFIRM","tags":[],"title":"Security update for kdegraphics3-pdf","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.761882","name":"SSA:2007-316-01","refsource":"SLACKWARE","tags":[],"title":"The Slackware Linux Project: Slackware Security Advisories","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:219","name":"MDKSA-2007:219","refsource":"MANDRIVA","tags":[],"title":"Support / Security / Advisories /  / MDKSA-2007:219 | Mandriva","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/27656","name":"27656","refsource":"SECUNIA","tags":[],"title":"Red Hat update for kdegraphics - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/27575","name":"27575","refsource":"SECUNIA","tags":[],"title":"Red Hat update for gpdf - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/27743","name":"27743","refsource":"SECUNIA","tags":[],"title":"Mandriva update for tetex - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/29604","name":"29604","refsource":"SECUNIA","tags":[],"title":"Debian update for xpdf - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/27634","name":"27634","refsource":"SECUNIA","tags":[],"title":"SUSE Updates for Multiple Packages - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/27645","name":"27645","refsource":"SECUNIA","tags":[],"title":"SUSE update for cups - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/27705","name":"27705","refsource":"SECUNIA","tags":[],"title":"Gentoo update for poppler, koffice, kword, kdegraphics, and kpdf - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/29104","name":"29104","refsource":"SECUNIA","tags":[],"title":"Debian update for koffice - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/27599","name":"27599","refsource":"SECUNIA","tags":[],"title":"Red Hat update for tetex - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/26503","name":"26503","refsource":"SECUNIA","tags":[],"title":"GNOME gpdf \"Stream.cc\" Multiple Vulnerabilities - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/27615","name":"27615","refsource":"SECUNIA","tags":[],"title":"Fedora update for cups - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/28043","name":"28043","refsource":"SECUNIA","tags":[],"title":"Fedora update for poppler - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html","name":"FEDORA-2007-3059","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 7 Update: koffice-1.6.3-13.fc7","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/27640","name":"27640","refsource":"SECUNIA","tags":[],"title":"SUSE update for koffice - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2007-4352","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2007-4352","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2007","cve_id":"4352","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xpdf","cpe5":"xpdf","cpe6":"3.0.1_pl1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"4352","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"xpdf","cpe5":"xpdf","cpe6":"3.0.1_pl1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"PSIRT-CNA@flexerasoftware.com","ID":"CVE-2007-4352","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Array index error in the DCTStream::readProgressiveDataUnit method in xpdf/Stream.cc in Xpdf 3.02pl1, as used in poppler, teTeX, KDE, KOffice, CUPS, and other products, allows remote attackers to trigger memory corruption and execute arbitrary code via a crafted PDF file."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"SUSE-SA:2007:060","refsource":"SUSE","url":"http://www.novell.com/linux/security/advisories/2007_60_pdf.html"},{"name":"27632","refsource":"SECUNIA","url":"http://secunia.com/advisories/27632"},{"name":"27743","refsource":"SECUNIA","url":"http://secunia.com/advisories/27743"},{"name":"MDKSA-2007:222","refsource":"MANDRIVA","url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:222"},{"name":"ADV-2007-3774","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2007/3774"},{"name":"27260","refsource":"SECUNIA","url":"http://secunia.com/advisories/27260"},{"name":"27856","refsource":"SECUNIA","url":"http://secunia.com/advisories/27856"},{"name":"http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html","refsource":"CONFIRM","url":"http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html"},{"name":"27636","refsource":"SECUNIA","url":"http://secunia.com/advisories/27636"},{"name":"29604","refsource":"SECUNIA","url":"http://secunia.com/advisories/29604"},{"name":"MDKSA-2007:223","refsource":"MANDRIVA","url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:223"},{"name":"27721","refsource":"SECUNIA","url":"http://secunia.com/advisories/27721"},{"name":"27724","refsource":"SECUNIA","url":"http://secunia.com/advisories/27724"},{"name":"ADV-2007-3776","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2007/3776"},{"name":"FEDORA-2007-3059","refsource":"FEDORA","url":"https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html"},{"name":"27577","refsource":"SECUNIA","url":"http://secunia.com/advisories/27577"},{"name":"29104","refsource":"SECUNIA","url":"http://secunia.com/advisories/29104"},{"name":"FEDORA-2007-3031","refsource":"FEDORA","url":"https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html"},{"name":"xpdf-dctstreamread-memory-corruption(38306)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/38306"},{"name":"27618","refsource":"SECUNIA","url":"http://secunia.com/advisories/27618"},{"name":"27642","refsource":"SECUNIA","url":"http://secunia.com/advisories/27642"},{"name":"FEDORA-2007-4031","refsource":"FEDORA","url":"https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html"},{"name":"27656","refsource":"SECUNIA","url":"http://secunia.com/advisories/27656"},{"name":"http://secunia.com/secunia_research/2007-88/advisory/","refsource":"MISC","url":"http://secunia.com/secunia_research/2007-88/advisory/"},{"name":"FEDORA-2007-3100","refsource":"FEDORA","url":"https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html"},{"name":"http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html","refsource":"CONFIRM","url":"http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html"},{"name":"RHSA-2007:1026","refsource":"REDHAT","url":"http://www.redhat.com/support/errata/RHSA-2007-1026.html"},{"name":"DSA-1509","refsource":"DEBIAN","url":"http://www.debian.org/security/2008/dsa-1509"},{"name":"RHSA-2007:1022","refsource":"REDHAT","url":"http://www.redhat.com/support/errata/RHSA-2007-1022.html"},{"name":"27573","refsource":"SECUNIA","url":"http://secunia.com/advisories/27573"},{"name":"RHSA-2007:1029","refsource":"REDHAT","url":"http://www.redhat.com/support/errata/RHSA-2007-1029.html"},{"name":"27641","refsource":"SECUNIA","url":"http://secunia.com/advisories/27641"},{"name":"GLSA-200805-13","refsource":"GENTOO","url":"http://security.gentoo.org/glsa/glsa-200805-13.xml"},{"name":"28812","refsource":"SECUNIA","url":"http://secunia.com/advisories/28812"},{"name":"DSA-1537","refsource":"DEBIAN","url":"http://www.debian.org/security/2008/dsa-1537"},{"name":"FEDORA-2007-750","refsource":"FEDORA","url":"https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html"},{"name":"SSA:2007-316-01","refsource":"SLACKWARE","url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.761882"},{"name":"26367","refsource":"BID","url":"http://www.securityfocus.com/bid/26367"},{"name":"27615","refsource":"SECUNIA","url":"http://secunia.com/advisories/27615"},{"name":"RHSA-2007:1021","refsource":"REDHAT","url":"http://www.redhat.com/support/errata/RHSA-2007-1021.html"},{"name":"ADV-2007-3786","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2007/3786"},{"name":"27645","refsource":"SECUNIA","url":"http://secunia.com/advisories/27645"},{"name":"20071107 Secunia Research: Xpdf \"Stream.cc\" Multiple Vulnerabilities","refsource":"BUGTRAQ","url":"http://www.securityfocus.com/archive/1/483372"},{"name":"30168","refsource":"SECUNIA","url":"http://secunia.com/advisories/30168"},{"name":"27574","refsource":"SECUNIA","url":"http://secunia.com/advisories/27574"},{"name":"https://issues.rpath.com/browse/RPL-1926","refsource":"CONFIRM","url":"https://issues.rpath.com/browse/RPL-1926"},{"name":"26503","refsource":"SECUNIA","url":"http://secunia.com/advisories/26503"},{"name":"MDKSA-2007:219","refsource":"MANDRIVA","url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:219"},{"name":"DSA-1480","refsource":"DEBIAN","url":"http://www.debian.org/security/2008/dsa-1480"},{"name":"GLSA-200711-22","refsource":"GENTOO","url":"http://security.gentoo.org/glsa/glsa-200711-22.xml"},{"name":"27634","refsource":"SECUNIA","url":"http://secunia.com/advisories/27634"},{"name":"MDKSA-2007:227","refsource":"MANDRIVA","url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:227"},{"name":"http://www.kde.org/info/security/advisory-20071107-1.txt","refsource":"CONFIRM","url":"http://www.kde.org/info/security/advisory-20071107-1.txt"},{"name":"28043","refsource":"SECUNIA","url":"http://secunia.com/advisories/28043"},{"name":"27619","refsource":"SECUNIA","url":"http://secunia.com/advisories/27619"},{"name":"MDKSA-2007:220","refsource":"MANDRIVA","url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:220"},{"name":"27705","refsource":"SECUNIA","url":"http://secunia.com/advisories/27705"},{"name":"27578","refsource":"SECUNIA","url":"http://secunia.com/advisories/27578"},{"name":"27640","refsource":"SECUNIA","url":"http://secunia.com/advisories/27640"},{"name":"http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html","refsource":"CONFIRM","url":"http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html"},{"name":"http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html","refsource":"CONFIRM","url":"http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html"},{"name":"GLSA-200711-34","refsource":"GENTOO","url":"http://security.gentoo.org/glsa/glsa-200711-34.xml"},{"name":"27599","refsource":"SECUNIA","url":"http://secunia.com/advisories/27599"},{"name":"27575","refsource":"SECUNIA","url":"http://secunia.com/advisories/27575"},{"name":"1018905","refsource":"SECTRACK","url":"http://www.securitytracker.com/id?1018905"},{"name":"http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html","refsource":"CONFIRM","url":"http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html"},{"name":"oval:org.mitre.oval:def:9979","refsource":"OVAL","url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9979"},{"name":"FEDORA-2007-3390","refsource":"FEDORA","url":"https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html"},{"name":"MDKSA-2007:228","refsource":"MANDRIVA","url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:228"},{"name":"ADV-2007-3775","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2007/3775"},{"name":"RHSA-2007:1027","refsource":"REDHAT","url":"http://www.redhat.com/support/errata/RHSA-2007-1027.html"},{"name":"RHSA-2007:1030","refsource":"REDHAT","url":"http://www.redhat.com/support/errata/RHSA-2007-1030.html"},{"name":"USN-542-1","refsource":"UBUNTU","url":"http://www.ubuntu.com/usn/usn-542-1"},{"name":"27658","refsource":"SECUNIA","url":"http://secunia.com/advisories/27658"},{"name":"RHSA-2007:1024","refsource":"REDHAT","url":"http://www.redhat.com/support/errata/RHSA-2007-1024.html"},{"name":"MDKSA-2007:230","refsource":"MANDRIVA","url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:230"},{"name":"USN-542-2","refsource":"UBUNTU","url":"http://www.ubuntu.com/usn/usn-542-2"},{"name":"RHSA-2007:1025","refsource":"REDHAT","url":"http://www.redhat.com/support/errata/RHSA-2007-1025.html"},{"name":"ADV-2007-3779","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2007/3779"},{"name":"MDKSA-2007:221","refsource":"MANDRIVA","url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:221"},{"name":"27553","refsource":"SECUNIA","url":"http://secunia.com/advisories/27553"},{"name":"27637","refsource":"SECUNIA","url":"http://secunia.com/advisories/27637"}]}},"nvd":{"publishedDate":"2007-11-08 02:46:00","lastModifiedDate":"2017-09-29 01:29:00","problem_types":["NVD-CWE-Other"],"metrics":{"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:H/Au:N/C:C/I:C/A:C","accessVector":"NETWORK","accessComplexity":"HIGH","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE","baseScore":7.6},"severity":"HIGH","exploitabilityScore":4.9,"impactScore":10,"obtainAllPrivilege":true,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:xpdf:xpdf:3.0.1_pl1:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2007","CveId":"4352","Ordinal":"27019","Title":"CVE-2007-4352","CVE":"CVE-2007-4352","Year":"2007"},"notes":[{"CveYear":"2007","CveId":"4352","Ordinal":"1","NoteData":"Array index error in the DCTStream::readProgressiveDataUnit method in xpdf/Stream.cc in Xpdf 3.02pl1, as used in poppler, teTeX, KDE, KOffice, CUPS, and other products, allows remote attackers to trigger memory corruption and execute arbitrary code via a crafted PDF file.","Type":"Description","Title":null},{"CveYear":"2007","CveId":"4352","Ordinal":"2","NoteData":"2007-11-07","Type":"Other","Title":"Published"},{"CveYear":"2007","CveId":"4352","Ordinal":"3","NoteData":"2017-09-28","Type":"Other","Title":"Modified"}]}}}