Upstream information
CVE-2007-4352 at MITRE
Description
Array index error in the DCTStream::readProgressiveDataUnit method in xpdf/Stream.cc in Xpdf 3.02pl1, as used in poppler, teTeX, KDE, KOffice, CUPS, and other products, allows remote attackers to trigger memory corruption and execute arbitrary code via a crafted PDF file.
SUSE information
Overall state of this security issue: Does not affect SUSE products
This issue is currently rated as having important severity.
CVSS v2 Scores
| National Vulnerability Database |
Base Score | 7.6 |
Vector | AV:N/AC:H/Au:N/C:C/I:C/A:C |
Access Vector | Network |
Access Complexity | High |
Authentication | None |
Confidentiality Impact | Complete |
Integrity Impact | Complete |
Availability Impact | Complete |
SUSE Bugzilla entry:
335637 [RESOLVED / FIXED]
SUSE Security Advisories:
List of released packages
Product(s) | Fixed package version(s) | References |
SUSE Linux Enterprise Server 11 SP1 |
cups >= 1.3.9-8.30.1
cups-client >= 1.3.9-8.30.1
cups-libs >= 1.3.9-8.30.1
cups-libs-32bit >= 1.3.9-8.30.1
cups-libs-x86 >= 1.3.9-8.30.1
libpoppler-glib4 >= 0.12.3-1.2.44
libpoppler-qt4-3 >= 0.12.3-1.2.44
libpoppler5 >= 0.12.3-1.2.44
poppler-tools >= 0.12.3-1.2.44
xpdf-tools >= 3.02-138.26.1
| |
SUSE Linux Enterprise Server 11 SP2 |
cups >= 1.3.9-8.44.1
cups-client >= 1.3.9-8.44.1
cups-libs >= 1.3.9-8.44.1
cups-libs-32bit >= 1.3.9-8.44.1
cups-libs-x86 >= 1.3.9-8.44.1
libpoppler-glib4 >= 0.12.3-1.3.1
libpoppler-qt4-3 >= 0.12.3-1.3.1
libpoppler5 >= 0.12.3-1.3.1
poppler-tools >= 0.12.3-1.3.1
| |
SUSE Linux Enterprise Server 11 SP3 |
cups >= 1.3.9-8.46.46.1
cups-client >= 1.3.9-8.46.46.1
cups-libs >= 1.3.9-8.46.46.1
cups-libs-32bit >= 1.3.9-8.46.46.1
cups-libs-x86 >= 1.3.9-8.46.46.1
libpoppler-glib4 >= 0.12.3-1.8.1
libpoppler-qt4-3 >= 0.12.3-1.8.1
libpoppler5 >= 0.12.3-1.8.1
poppler-tools >= 0.12.3-1.8.1
| |
SUSE Linux Enterprise Server 11 SP4 |
cups >= 1.3.9-8.46.56.1
cups-client >= 1.3.9-8.46.56.1
cups-libs >= 1.3.9-8.46.56.1
cups-libs-32bit >= 1.3.9-8.46.56.1
cups-libs-x86 >= 1.3.9-8.46.56.1
libpoppler-glib4 >= 0.12.3-1.10.1
libpoppler-qt4-3 >= 0.12.3-1.10.1
libpoppler5 >= 0.12.3-1.10.1
poppler-tools >= 0.12.3-1.10.1
| |
SUSE Linux Enterprise Software Development Kit 11 SP4 |
cups-devel >= 1.3.9-8.46.56.1
libpoppler-devel >= 0.12.3-1.10.1
libpoppler-glib-devel >= 0.12.3-1.10.1
libpoppler-qt2 >= 0.12.3-1.10.1
libpoppler-qt3-devel >= 0.12.3-1.10.1
libpoppler-qt4-devel >= 0.12.3-1.10.1
poppler-tools >= 0.12.3-1.10.1
| |