{"id":"CVE-2007-3387","details":"Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf before 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote attackers to execute arbitrary code via a crafted PDF file that triggers a stack-based buffer overflow in the StreamPredictor::getNextLine function.","modified":"2026-01-27T04:07:56.471656Z","published":"2007-07-30T23:17:00Z","withdrawn":"2026-01-27T04:07:56.471656Z","related":["openSUSE-SU-2024:10707-1"],"references":[{"type":"ADVISORY","url":"ftp://patches.sgi.com/support/free/security/advisories/20070801-01-P.asc"},{"type":"REPORT","url":"http://bugs.gentoo.org/show_bug.cgi?id=187139"},{"type":"REPORT","url":"http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=248194"},{"type":"ADVISORY","url":"http://secunia.com/advisories/26188"},{"type":"ADVISORY","url":"http://secunia.com/advisories/26251"},{"type":"ADVISORY","url":"http://secunia.com/advisories/26254"},{"type":"ADVISORY","url":"http://secunia.com/advisories/26255"},{"type":"ADVISORY","url":"http://secunia.com/advisories/26257"},{"type":"ADVISORY","url":"http://secunia.com/advisories/26278"},{"type":"ADVISORY","url":"http://secunia.com/advisories/26281"},{"type":"ADVISORY","url":"http://secunia.com/advisories/26283"},{"type":"ADVISORY","url":"http://secunia.com/advisories/26292"},{"type":"ADVISORY","url":"http://secunia.com/advisories/26293"},{"type":"ADVISORY","url":"http://secunia.com/advisories/26297"},{"type":"ADVISORY","url":"http://secunia.com/advisories/26307"},{"type":"ADVISORY","url":"http://secunia.com/advisories/26318"},{"type":"ADVISORY","url":"http://secunia.com/advisories/26325"},{"type":"ADVISORY","url":"http://secunia.com/advisories/26342"},{"type":"ADVISORY","url":"http://secunia.com/advisories/26343"},{"type":"ADVISORY","url":"http://secunia.com/advisories/26358"},{"type":"ADVISORY","url":"http://secunia.com/advisories/26365"},{"type":"ADVISORY","url":"http://secunia.com/advisories/26370"},{"type":"ADVISORY","url":"http://secunia.com/advisories/26395"},{"type":"ADVISORY","url":"http://secunia.com/advisories/26403"},{"type":"ADVISORY","url":"http://secunia.com/advisories/26405"},{"type":"ADVISORY","url":"http://secunia.com/advisories/26407"},{"type":"ADVISORY","url":"http://secunia.com/advisories/26410"},{"type":"ADVISORY","url":"http://secunia.com/advisories/26413"},{"type":"ADVISORY","url":"http://secunia.com/advisories/26425"},{"type":"ADVISORY","url":"http://secunia.com/advisories/26432"},{"type":"ADVISORY","url":"http://secunia.com/advisories/26436"},{"type":"ADVISORY","url":"http://secunia.com/advisories/26467"},{"type":"ADVISORY","url":"http://secunia.com/advisories/26468"},{"type":"ADVISORY","url":"http://secunia.com/advisories/26470"},{"type":"ADVISORY","url":"http://secunia.com/advisories/26514"},{"type":"ADVISORY","url":"http://secunia.com/advisories/26607"},{"type":"ADVISORY","url":"http://secunia.com/advisories/26627"},{"type":"ADVISORY","url":"http://secunia.com/advisories/26862"},{"type":"ADVISORY","url":"http://secunia.com/advisories/26982"},{"type":"ADVISORY","url":"http://secunia.com/advisories/27156"},{"type":"ADVISORY","url":"http://secunia.com/advisories/27281"},{"type":"ADVISORY","url":"http://secunia.com/advisories/27308"},{"type":"ADVISORY","url":"http://secunia.com/advisories/27637"},{"type":"ADVISORY","url":"http://secunia.com/advisories/30168"},{"type":"ADVISORY","url":"http://security.gentoo.org/glsa/glsa-200709-12.xml"},{"type":"ADVISORY","url":"http://security.gentoo.org/glsa/glsa-200709-17.xml"},{"type":"ADVISORY","url":"http://security.gentoo.org/glsa/glsa-200710-20.xml"},{"type":"ADVISORY","url":"http://security.gentoo.org/glsa/glsa-200711-34.xml"},{"type":"ADVISORY","url":"http://security.gentoo.org/glsa/glsa-200805-13.xml"},{"type":"ADVISORY","url":"http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.761882"},{"type":"ADVISORY","url":"http://support.avaya.com/elmodocs2/security/ASA-2007-401.htm"},{"type":"ADVISORY","url":"http://www.debian.org/security/2007/dsa-1347"},{"type":"ADVISORY","url":"http://www.debian.org/security/2007/dsa-1348"},{"type":"ADVISORY","url":"http://www.debian.org/security/2007/dsa-1349"},{"type":"ADVISORY","url":"http://www.debian.org/security/2007/dsa-1350"},{"type":"ADVISORY","url":"http://www.debian.org/security/2007/dsa-1352"},{"type":"ADVISORY","url":"http://www.debian.org/security/2007/dsa-1354"},{"type":"ADVISORY","url":"http://www.debian.org/security/2007/dsa-1355"},{"type":"ADVISORY","url":"http://www.debian.org/security/2007/dsa-1357"},{"type":"ADVISORY","url":"http://www.gentoo.org/security/en/glsa/glsa-200710-08.xml"},{"type":"ADVISORY","url":"http://www.kde.org/info/security/advisory-20070730-1.txt"},{"type":"ADVISORY","url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:158"},{"type":"ADVISORY","url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:159"},{"type":"ADVISORY","url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:160"},{"type":"ADVISORY","url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:161"},{"type":"ADVISORY","url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:162"},{"type":"ADVISORY","url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:163"},{"type":"ADVISORY","url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:164"},{"type":"ADVISORY","url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:165"},{"type":"ADVISORY","url":"http://www.novell.com/linux/security/advisories/2007_15_sr.html"},{"type":"ADVISORY","url":"http://www.novell.com/linux/security/advisories/2007_16_sr.html"},{"type":"ADVISORY","url":"http://www.redhat.com/support/errata/RHSA-2007-0720.html"},{"type":"ADVISORY","url":"http://www.redhat.com/support/errata/RHSA-2007-0729.html"},{"type":"ADVISORY","url":"http://www.redhat.com/support/errata/RHSA-2007-0730.html"},{"type":"ADVISORY","url":"http://www.redhat.com/support/errata/RHSA-2007-0731.html"},{"type":"ADVISORY","url":"http://www.redhat.com/support/errata/RHSA-2007-0732.html"},{"type":"ADVISORY","url":"http://www.redhat.com/support/errata/RHSA-2007-0735.html"},{"type":"ADVISORY","url":"http://www.securityfocus.com/archive/1/476508/100/0/threaded"},{"type":"ADVISORY","url":"http://www.securityfocus.com/archive/1/476519/30/5400/threaded"},{"type":"ADVISORY","url":"http://www.securityfocus.com/archive/1/476765/30/5340/threaded"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/25124"},{"type":"ADVISORY","url":"http://www.securitytracker.com/id?1018473"},{"type":"ADVISORY","url":"http://www.slackware.org/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.423670"},{"type":"ADVISORY","url":"http://www.ubuntu.com/usn/usn-496-1"},{"type":"ADVISORY","url":"http://www.ubuntu.com/usn/usn-496-2"},{"type":"REPORT","url":"http://www.vupen.com/english/advisories/2007/2704"},{"type":"REPORT","url":"http://www.vupen.com/english/advisories/2007/2705"},{"type":"ADVISORY","url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11149"},{"type":"WEB","url":"ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl1.patch"},{"type":"WEB","url":"http://osvdb.org/40127"},{"type":"WEB","url":"http://sourceforge.net/project/shownotes.php?release_id=535497"},{"type":"WEB","url":"https://issues.foresightlinux.org/browse/FL-471"},{"type":"WEB","url":"https://issues.rpath.com/browse/RPL-1596"},{"type":"WEB","url":"https://issues.rpath.com/browse/RPL-1604"}],"schema_version":"1.7.3"}