CVE-2007-0104

NONE EPSS 92.5%
Published Jan 9, 200719y ago · Modified Jun 16, 20262w ago
Find Similar
Published Jan 9, 2007 19y ago
Last Modified Jun 16, 2026 2w ago

Description

The Adobe PDF specification 1.3, as implemented by (a) xpdf 3.0.1 patch 2, (b) kpdf in KDE before 3.5.5, (c) poppler before 0.5.4, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node.

Threat Intelligence

EPSS Exploit Probability
92.5% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available

Weaknesses 1

CWE-20 Improper Input Validation Validation

Affected Products 17

VendorProductVersionRange
xpdfxpdf3.0any
xpdfxpdf3.0.1any
xpdfxpdf3.0.1_pl1any
xpdfxpdf3.0.1_pl2any
xpdfxpdf3.0_pl2any
kdekde3.2any
kdekde3.2.1any
kdekde3.2.2any
kdekde3.2.3any
kdekde3.3any
kdekde3.3.1any
kdekde3.3.2any
kdekde3.4any
kdekde3.4.1any
kdekde3.4.2any
kdekde3.4.3any
kdekde3.5any

References 34

  • docs.info.apple.com http://docs.info.apple.com/article.html?artnum=305214
  • projects.info-pull.com http://projects.info-pull.com/moab/MOAB-06-01-2007.html
  • secunia.com http://secunia.com/advisories/23791
  • secunia.com http://secunia.com/advisories/23799
    Vendor Advisory
  • secunia.com http://secunia.com/advisories/23808
    Vendor Advisory
  • secunia.com http://secunia.com/advisories/23813
    Vendor Advisory
  • secunia.com http://secunia.com/advisories/23815
    Vendor Advisory
  • secunia.com http://secunia.com/advisories/23839
    Vendor Advisory
  • secunia.com http://secunia.com/advisories/23844
    Vendor Advisory
  • secunia.com http://secunia.com/advisories/23876
    Vendor Advisory
  • secunia.com http://secunia.com/advisories/24204
    Vendor Advisory
  • secunia.com http://secunia.com/advisories/24479
    Vendor Advisory
  • securitytracker.com http://securitytracker.com/id?1017514
  • support.novell.com http://support.novell.com/techcenter/psdb/44d7cb9b669d58e0ce5aa5d7ab2c7c53.html
  • kde.org http://www.kde.org/info/security/advisory-20070115-1.txt
  • mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2007:018
  • mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2007:019
  • mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2007:020
  • mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2007:021
  • mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2007:022
  • mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2007:024
  • novell.com http://www.novell.com/linux/security/advisories/2007_3_sr.html
  • securityfocus.com http://www.securityfocus.com/archive/1/457055/100/0/threaded
  • securityfocus.com http://www.securityfocus.com/bid/21910
    Exploit
  • securitytracker.com http://www.securitytracker.com/id?1017749
  • ubuntu.com http://www.ubuntu.com/usn/usn-410-1
  • ubuntu.com http://www.ubuntu.com/usn/usn-410-2
  • us-cert.gov http://www.us-cert.gov/cas/techalerts/TA07-072A.html
    US Government Resource
  • vupen.com http://www.vupen.com/english/advisories/2007/0203
    Vendor Advisory
  • vupen.com http://www.vupen.com/english/advisories/2007/0212
    Vendor Advisory
  • vupen.com http://www.vupen.com/english/advisories/2007/0244
    Vendor Advisory
  • vupen.com http://www.vupen.com/english/advisories/2007/0930
    Vendor Advisory
  • exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/31364
  • issues.rpath.com https://issues.rpath.com/browse/RPL-964

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.