Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2007-5392 | First vendor Publication | 2007-11-07 |
Vendor | Cve | Last vendor Modification | 2017-09-29 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a crafted PDF file, resulting in a heap-based buffer overflow. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 |
OpenVAS Exploits
Date | Description |
---|---|
2009-10-13 | Name : SLES10: Security update for xpdf File : nvt/sles10_xpdf1.nasl |
2009-10-13 | Name : SLES10: Security update for kdegraphics3-pdf File : nvt/sles10_kdegraphics3-pd.nasl |
2009-10-10 | Name : SLES9: Security update for Cups File : nvt/sles9p5016608.nasl |
2009-04-09 | Name : Mandriva Update for xpdf MDKSA-2007:219 (xpdf) File : nvt/gb_mandriva_MDKSA_2007_219.nasl |
2009-04-09 | Name : Mandriva Update for kdegraphics MDKSA-2007:221 (kdegraphics) File : nvt/gb_mandriva_MDKSA_2007_221.nasl |
2009-04-09 | Name : Mandriva Update for koffice MDKSA-2007:222 (koffice) File : nvt/gb_mandriva_MDKSA_2007_222.nasl |
2009-04-09 | Name : Mandriva Update for pdftohtml MDKSA-2007:223 (pdftohtml) File : nvt/gb_mandriva_MDKSA_2007_223.nasl |
2009-04-09 | Name : Mandriva Update for poppler MDKSA-2007:227 (poppler) File : nvt/gb_mandriva_MDKSA_2007_227.nasl |
2009-04-09 | Name : Mandriva Update for cups MDKSA-2007:228 (cups) File : nvt/gb_mandriva_MDKSA_2007_228.nasl |
2009-04-09 | Name : Mandriva Update for tetex MDKSA-2007:230 (tetex) File : nvt/gb_mandriva_MDKSA_2007_230.nasl |
2009-03-23 | Name : Ubuntu Update for poppler vulnerabilities USN-542-1 File : nvt/gb_ubuntu_USN_542_1.nasl |
2009-03-23 | Name : Ubuntu Update for koffice vulnerabilities USN-542-2 File : nvt/gb_ubuntu_USN_542_2.nasl |
2009-02-27 | Name : Fedora Update for cups FEDORA-2007-3100 File : nvt/gb_fedora_2007_3100_cups_fc7.nasl |
2009-02-27 | Name : Fedora Update for tetex FEDORA-2007-750 File : nvt/gb_fedora_2007_750_tetex_fc6.nasl |
2009-02-27 | Name : Fedora Update for cups FEDORA-2007-746 File : nvt/gb_fedora_2007_746_cups_fc6.nasl |
2009-02-27 | Name : Fedora Update for poppler FEDORA-2007-4031 File : nvt/gb_fedora_2007_4031_poppler_fc8.nasl |
2009-02-27 | Name : Fedora Update for tetex FEDORA-2007-3390 File : nvt/gb_fedora_2007_3390_tetex_fc7.nasl |
2009-02-27 | Name : Fedora Update for tetex FEDORA-2007-3308 File : nvt/gb_fedora_2007_3308_tetex_fc8.nasl |
2009-02-27 | Name : Fedora Update for koffice FEDORA-2007-3093 File : nvt/gb_fedora_2007_3093_koffice_fc8.nasl |
2009-02-27 | Name : Fedora Update for koffice FEDORA-2007-3059 File : nvt/gb_fedora_2007_3059_koffice_fc7.nasl |
2009-02-27 | Name : Fedora Update for xpdf FEDORA-2007-3031 File : nvt/gb_fedora_2007_3031_xpdf_fc7.nasl |
2009-02-27 | Name : Fedora Update for xpdf FEDORA-2007-3014 File : nvt/gb_fedora_2007_3014_xpdf_fc8.nasl |
2009-02-27 | Name : Fedora Update for kdegraphics FEDORA-2007-3001 File : nvt/gb_fedora_2007_3001_kdegraphics_fc8.nasl |
2009-02-27 | Name : Fedora Update for kdewebdev FEDORA-2007-2985 File : nvt/gb_fedora_2007_2985_kdewebdev_fc7.nasl |
2009-02-27 | Name : Fedora Update for kdegames FEDORA-2007-2985 File : nvt/gb_fedora_2007_2985_kdegames_fc7.nasl |
2009-02-27 | Name : Fedora Update for kdebase FEDORA-2007-2985 File : nvt/gb_fedora_2007_2985_kdebase_fc7.nasl |
2009-02-27 | Name : Fedora Update for kdevelop FEDORA-2007-2985 File : nvt/gb_fedora_2007_2985_kdevelop_fc7.nasl |
2009-02-27 | Name : Fedora Update for kdeartwork FEDORA-2007-2985 File : nvt/gb_fedora_2007_2985_kdeartwork_fc7.nasl |
2009-02-27 | Name : Fedora Update for kdeadmin FEDORA-2007-2985 File : nvt/gb_fedora_2007_2985_kdeadmin_fc7.nasl |
2009-02-27 | Name : Fedora Update for kdeaddons FEDORA-2007-2985 File : nvt/gb_fedora_2007_2985_kdeaddons_fc7.nasl |
2009-02-27 | Name : Fedora Update for kdeaccessibility FEDORA-2007-2985 File : nvt/gb_fedora_2007_2985_kdeaccessibility_fc7.nasl |
2009-02-27 | Name : Fedora Update for kde-i18n FEDORA-2007-2985 File : nvt/gb_fedora_2007_2985_kde-i18n_fc7.nasl |
2009-02-27 | Name : Fedora Update for arts FEDORA-2007-2985 File : nvt/gb_fedora_2007_2985_arts_fc7.nasl |
2009-02-27 | Name : Fedora Update for kdebindings FEDORA-2007-2985 File : nvt/gb_fedora_2007_2985_kdebindings_fc7.nasl |
2009-02-27 | Name : Fedora Update for kdeedu FEDORA-2007-2985 File : nvt/gb_fedora_2007_2985_kdeedu_fc7.nasl |
2009-02-27 | Name : Fedora Update for kdegraphics FEDORA-2007-2985 File : nvt/gb_fedora_2007_2985_kdegraphics_fc7.nasl |
2009-02-27 | Name : Fedora Update for kdelibs FEDORA-2007-2985 File : nvt/gb_fedora_2007_2985_kdelibs_fc7.nasl |
2009-02-27 | Name : Fedora Update for cups FEDORA-2007-2982 File : nvt/gb_fedora_2007_2982_cups_fc8.nasl |
2009-02-27 | Name : Fedora Update for kdemultimedia FEDORA-2007-2985 File : nvt/gb_fedora_2007_2985_kdemultimedia_fc7.nasl |
2009-02-27 | Name : Fedora Update for kdenetwork FEDORA-2007-2985 File : nvt/gb_fedora_2007_2985_kdenetwork_fc7.nasl |
2009-02-27 | Name : Fedora Update for kdepim FEDORA-2007-2985 File : nvt/gb_fedora_2007_2985_kdepim_fc7.nasl |
2009-02-27 | Name : Fedora Update for kdesdk FEDORA-2007-2985 File : nvt/gb_fedora_2007_2985_kdesdk_fc7.nasl |
2009-02-27 | Name : Fedora Update for kdetoys FEDORA-2007-2985 File : nvt/gb_fedora_2007_2985_kdetoys_fc7.nasl |
2009-02-27 | Name : Fedora Update for kdeutils FEDORA-2007-2985 File : nvt/gb_fedora_2007_2985_kdeutils_fc7.nasl |
2009-02-17 | Name : Fedora Update for cups FEDORA-2008-3449 File : nvt/gb_fedora_2008_3449_cups_fc7.nasl |
2009-02-17 | Name : Fedora Update for cups FEDORA-2008-3586 File : nvt/gb_fedora_2008_3586_cups_fc8.nasl |
2009-02-17 | Name : Fedora Update for poppler FEDORA-2008-3312 File : nvt/gb_fedora_2008_3312_poppler_fc7.nasl |
2009-02-17 | Name : Fedora Update for cups FEDORA-2008-8801 File : nvt/gb_fedora_2008_8801_cups_fc8.nasl |
2009-02-16 | Name : Fedora Update for cups FEDORA-2008-2897 File : nvt/gb_fedora_2008_2897_cups_fc7.nasl |
2009-02-16 | Name : Fedora Update for cups FEDORA-2008-2131 File : nvt/gb_fedora_2008_2131_cups_fc8.nasl |
2009-02-16 | Name : Fedora Update for cups FEDORA-2008-1976 File : nvt/gb_fedora_2008_1976_cups_fc7.nasl |
2009-02-16 | Name : Fedora Update for cups FEDORA-2008-1901 File : nvt/gb_fedora_2008_1901_cups_fc8.nasl |
2009-02-16 | Name : Fedora Update for cups FEDORA-2008-10911 File : nvt/gb_fedora_2008_10911_cups_fc8.nasl |
2009-01-28 | Name : SuSE Update for xpdf, kdegraphics3-pdf, koffice, libextractor, SUSE-SA:2007:060 File : nvt/gb_suse_2007_060.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200711-22 (poppler koffice kword kdegraphics kpdf) File : nvt/glsa_200711_22.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200711-26 (tetex) File : nvt/glsa_200711_26.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200711-34 (cstetex) File : nvt/glsa_200711_34.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200805-13 (ptex) File : nvt/glsa_200805_13.nasl |
2008-09-04 | Name : FreeBSD Ports: cups-base File : nvt/freebsd_cups-base3.nasl |
2008-04-07 | Name : Debian Security Advisory DSA 1537-1 (xpdf) File : nvt/deb_1537_1.nasl |
2008-02-28 | Name : Debian Security Advisory DSA 1509-1 (koffice) File : nvt/deb_1509_1.nasl |
2008-02-05 | Name : Debian Security Advisory DSA 1480-1 (poppler) File : nvt/deb_1480_1.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2007-316-01 xpdf/poppler/koffice/kdegraphics File : nvt/esoft_slk_ssa_2007_316_01.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
39542 | Xpdf xpdf/Stream.cc DCTStream::reset Method PDF Handling Memory Corruption |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2007-1022.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2007-1024.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2007-1025.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2007-1026.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2007-1030.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2007-1029.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2007-1027.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20071112_kdegraphics_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20071108_tetex_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20071107_xpdf_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20071107_poppler_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20071107_gpdf_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20071107_cups_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20071107_cups_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_11965.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2007-222.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2007-221.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-1022.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2007-219.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2007-227.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-1022.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2007-1025.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2007-1029.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2007-1030.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2007-1029.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-1027.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2007-1025.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-1024.nasl - Type : ACT_GATHER_INFO |
2008-05-13 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200805-13.nasl - Type : ACT_GATHER_INFO |
2008-05-11 | Name : The remote Fedora host is missing a security update. File : fedora_2008-3449.nasl - Type : ACT_GATHER_INFO |
2008-04-11 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1537.nasl - Type : ACT_GATHER_INFO |
2008-02-26 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1509.nasl - Type : ACT_GATHER_INFO |
2008-02-06 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1480.nasl - Type : ACT_GATHER_INFO |
2007-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_xpdf-4644.nasl - Type : ACT_GATHER_INFO |
2007-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_cups-4667.nasl - Type : ACT_GATHER_INFO |
2007-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_poppler-4630.nasl - Type : ACT_GATHER_INFO |
2007-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kdegraphics3-pdf-4682.nasl - Type : ACT_GATHER_INFO |
2007-12-11 | Name : The remote Fedora host is missing a security update. File : fedora_2007-4031.nasl - Type : ACT_GATHER_INFO |
2007-11-26 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2007-230.nasl - Type : ACT_GATHER_INFO |
2007-11-26 | Name : The remote Fedora host is missing a security update. File : fedora_2007-3308.nasl - Type : ACT_GATHER_INFO |
2007-11-26 | Name : The remote Fedora host is missing a security update. File : fedora_2007-3390.nasl - Type : ACT_GATHER_INFO |
2007-11-26 | Name : The remote Fedora Core host is missing a security update. File : fedora_2007-750.nasl - Type : ACT_GATHER_INFO |
2007-11-26 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200711-34.nasl - Type : ACT_GATHER_INFO |
2007-11-20 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2007-228.nasl - Type : ACT_GATHER_INFO |
2007-11-20 | Name : The remote Mandrake Linux host is missing a security update. File : mandrake_MDKSA-2007-223.nasl - Type : ACT_GATHER_INFO |
2007-11-20 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200711-26.nasl - Type : ACT_GATHER_INFO |
2007-11-20 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200711-22.nasl - Type : ACT_GATHER_INFO |
2007-11-16 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-542-2.nasl - Type : ACT_GATHER_INFO |
2007-11-14 | Name : The remote openSUSE host is missing a security update. File : suse_cups-4668.nasl - Type : ACT_GATHER_INFO |
2007-11-14 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_2747fc39915b11dc9239001c2514716c.nasl - Type : ACT_GATHER_INFO |
2007-11-14 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-542-1.nasl - Type : ACT_GATHER_INFO |
2007-11-14 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2007-2985.nasl - Type : ACT_GATHER_INFO |
2007-11-12 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-1024.nasl - Type : ACT_GATHER_INFO |
2007-11-12 | Name : The remote openSUSE host is missing a security update. File : suse_xpdf-4643.nasl - Type : ACT_GATHER_INFO |
2007-11-12 | Name : The remote openSUSE host is missing a security update. File : suse_poppler-4638.nasl - Type : ACT_GATHER_INFO |
2007-11-12 | Name : The remote Fedora host is missing a security update. File : fedora_2007-3100.nasl - Type : ACT_GATHER_INFO |
2007-11-12 | Name : The remote openSUSE host is missing a security update. File : suse_pdftohtml-4642.nasl - Type : ACT_GATHER_INFO |
2007-11-12 | Name : The remote openSUSE host is missing a security update. File : suse_libextractor-4646.nasl - Type : ACT_GATHER_INFO |
2007-11-12 | Name : The remote openSUSE host is missing a security update. File : suse_koffice-4649.nasl - Type : ACT_GATHER_INFO |
2007-11-12 | Name : The remote Fedora host is missing a security update. File : fedora_2007-3093.nasl - Type : ACT_GATHER_INFO |
2007-11-12 | Name : The remote openSUSE host is missing a security update. File : suse_gpdf-4651.nasl - Type : ACT_GATHER_INFO |
2007-11-12 | Name : The remote Fedora host is missing a security update. File : fedora_2007-3059.nasl - Type : ACT_GATHER_INFO |
2007-11-12 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2007-316-01.nasl - Type : ACT_GATHER_INFO |
2007-11-12 | Name : The remote Fedora host is missing a security update. File : fedora_2007-3031.nasl - Type : ACT_GATHER_INFO |
2007-11-12 | Name : The remote Fedora host is missing a security update. File : fedora_2007-3014.nasl - Type : ACT_GATHER_INFO |
2007-11-12 | Name : The remote Fedora host is missing a security update. File : fedora_2007-3001.nasl - Type : ACT_GATHER_INFO |
2007-11-09 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-1027.nasl - Type : ACT_GATHER_INFO |
2007-11-08 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2007-1030.nasl - Type : ACT_GATHER_INFO |
2007-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-1026.nasl - Type : ACT_GATHER_INFO |
2007-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-1021.nasl - Type : ACT_GATHER_INFO |
2007-11-08 | Name : The remote Fedora host is missing a security update. File : fedora_2007-2982.nasl - Type : ACT_GATHER_INFO |
2007-08-15 | Name : The remote Mandrake Linux host is missing a security update. File : mandrake_MDKSA-2007-160.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2021-05-04 12:06:31 |
|
2021-04-22 01:07:03 |
|
2020-05-23 00:20:36 |
|
2017-09-29 09:23:15 |
|
2017-07-29 12:02:36 |
|
2016-04-26 16:41:43 |
|
2014-02-17 10:42:06 |
|
2013-05-11 10:39:00 |
|