CVE-2007-0104
NONE EPSS 92.5%
Published Jan 9, 200719y ago · Modified Jun 16, 20262w ago
Published Jan 9, 2007 19y ago
Last Modified Jun 16, 2026 2w ago
Description
The Adobe PDF specification 1.3, as implemented by (a) xpdf 3.0.1 patch 2, (b) kpdf in KDE before 3.5.5, (c) poppler before 0.5.4, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node.
Threat Intelligence
EPSS Exploit Probability
92.5% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available
Weaknesses 1
CWE-20 Improper Input Validation Validation
Affected Products 17
References 34
- docs.info.apple.com http://docs.info.apple.com/article.html?artnum=305214
- projects.info-pull.com http://projects.info-pull.com/moab/MOAB-06-01-2007.html
- secunia.com http://secunia.com/advisories/23791
- secunia.com http://secunia.com/advisories/23799
- secunia.com http://secunia.com/advisories/23808
- secunia.com http://secunia.com/advisories/23813
- secunia.com http://secunia.com/advisories/23815
- secunia.com http://secunia.com/advisories/23839
- secunia.com http://secunia.com/advisories/23844
- secunia.com http://secunia.com/advisories/23876
- secunia.com http://secunia.com/advisories/24204
- secunia.com http://secunia.com/advisories/24479
- securitytracker.com http://securitytracker.com/id?1017514
- support.novell.com http://support.novell.com/techcenter/psdb/44d7cb9b669d58e0ce5aa5d7ab2c7c53.html
- kde.org http://www.kde.org/info/security/advisory-20070115-1.txt
- mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2007:018
- mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2007:019
- mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2007:020
- mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2007:021
- mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2007:022
- mandriva.com http://www.mandriva.com/security/advisories?name=MDKSA-2007:024
- novell.com http://www.novell.com/linux/security/advisories/2007_3_sr.html
- securityfocus.com http://www.securityfocus.com/archive/1/457055/100/0/threaded
- securityfocus.com http://www.securityfocus.com/bid/21910
- securitytracker.com http://www.securitytracker.com/id?1017749
- ubuntu.com http://www.ubuntu.com/usn/usn-410-1
- ubuntu.com http://www.ubuntu.com/usn/usn-410-2
- us-cert.gov http://www.us-cert.gov/cas/techalerts/TA07-072A.html
- vupen.com http://www.vupen.com/english/advisories/2007/0203
- vupen.com http://www.vupen.com/english/advisories/2007/0212
- vupen.com http://www.vupen.com/english/advisories/2007/0244
- vupen.com http://www.vupen.com/english/advisories/2007/0930
- exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/31364
- issues.rpath.com https://issues.rpath.com/browse/RPL-964
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.