|Xpdf多个远程Stream.CC漏洞 - VULHUB开源网络安全威胁库

Xpdf多个远程Stream.CC漏洞

- AV AC AU C I A

发布： 2025-04-13

修订： 2025-04-13

Xpdf是一款处理PDF的应用程序 Xpdf存在多个缓冲区溢出问题，远程攻击者可以利用漏洞以应用程序权限执行任意指令。 1）xpdf/Stream.cc文件中的"DCTStream::readProgressiveDataUnit()"方法存在数组索引错误，通过特殊构建的PDF文件可造成内存破坏。 2）xpdf/Stream.cc文件中的"DCTStream::reset()"方法存在整数溢出错误，可导致基于堆的缓冲区溢出。 3）xpdf/Stream.cc中的"CCITTFaxStream::lookChar()"方法存在边界错误，通过特殊构建的"CCITTFaxDecode"过滤器可导致触发基于堆的缓冲区溢出。 Xpdf Xpdf 3.02pl1 teTeX teTeX 1.0.7 + Conectiva Linux 8.0 + Conectiva Linux 8.0 + Conectiva Linux 7.0 + Conectiva Linux 7.0 + Conectiva Linux 6.0 + Conectiva Linux 6.0 + Debian Linux 3.0 sparc + Debian Linux 3.0 sparc + Debian Linux 3.0 s/390 + Debian Linux 3.0 s/390 + Debian Linux 3.0 ppc + Debian Linux 3.0 ppc + Debian Linux 3.0 mipsel + Debian Linux 3.0 mipsel + Debian Linux 3.0 mips + Debian Linux 3.0 mips + Debian Linux 3.0 m68k + Debian Linux 3.0 m68k + Debian Linux 3.0 ia-64 + Debian Linux 3.0 ia-64 + Debian Linux 3.0 ia-32 + Debian Linux 3.0 ia-32 + Debian Linux 3.0 hppa + Debian Linux 3.0 hppa + Debian Linux 3.0 arm + Debian Linux 3.0 arm + Debian Linux 3.0 alpha + Debian Linux 3.0 alpha + Debian Linux 3.0 + Debian Linux 3.0 + HP Secure OS software for Linux 1.0 + HP Secure OS software for Linux 1.0 + Immunix Immunix OS 7.0 beta + Immunix Immunix OS 7.0 beta + Immunix Immunix OS 7.0 + Immunix Immunix OS 7.0 + Immunix Immunix OS 6.2 + Immunix Immunix OS 6.2 + MandrakeSoft Corporate Server 1.0.1 + MandrakeSoft Corporate Server 1.0.1 + MandrakeSoft Linux Mandrake 9.0 + MandrakeSoft Linux Mandrake 9.0 + MandrakeSoft Linux Mandrake 8.2 ppc + MandrakeSoft Linux Mandrake 8.2 ppc + MandrakeSoft Linux Mandrake 8.2 + MandrakeSoft Linux Mandrake 8.2 + MandrakeSoft Linux Mandrake 8.1 ia64 + MandrakeSoft Linux Mandrake 8.1 ia64 + MandrakeSoft Linux Mandrake 8.1 + MandrakeSoft Linux Mandrake 8.1 + MandrakeSoft Linux Mandrake 8.0 ppc + MandrakeSoft Linux Mandrake 8.0 ppc + MandrakeSoft Linux Mandrake 8.0 + MandrakeSoft Linux Mandrake 8.0 + MandrakeSoft Linux Mandrake 7.2 + MandrakeSoft Linux Mandrake 7.2 + MandrakeSoft Linux Mandrake 7.1 + MandrakeSoft Linux Mandrake 7.1 + RedHat Desktop 3.0 + RedHat Desktop 3.0 + RedHat Enterprise Linux WS 3 + RedHat Enterprise Linux WS 3 + RedHat Enterprise Linux WS 2.1 IA64 + RedHat Enterprise Linux WS 2.1 IA64 + RedHat Enterprise Linux WS 2.1 + RedHat Enterprise Linux WS 2.1 + RedHat Enterprise Linux ES 3 + RedHat Enterprise Linux ES 3 + RedHat Enterprise Linux ES 2.1 IA64 + RedHat Enterprise Linux ES 2.1 IA64 + RedHat Enterprise Linux ES 2.1 + RedHat Enterprise Linux ES 2.1 + RedHat Enterprise Linux AS 3 + RedHat Enterprise Linux AS 3 + RedHat Enterprise Linux AS 2.1 IA64 + RedHat Enterprise Linux AS 2.1 IA64 + RedHat Enterprise Linux AS 2.1 + RedHat Enterprise Linux AS 2.1 + RedHat Linux 8.0 i386 + RedHat Linux 8.0 i386 + RedHat Linux 8.0 + RedHat Linux 8.0 + RedHat Linux 7.3 i386 + RedHat Linux 7.3 i386 + RedHat Linux 7.3 + RedHat Linux 7.3 + RedHat Linux 7.2 ia64 + RedHat Linux 7.2 ia64 + RedHat Linux 7.2 i386 + RedHat Linux 7.2 i386 + RedHat Linux 7.2 + RedHat Linux 7.2 + RedHat Linux 7.1 ia64 + RedHat Linux 7.1 ia64 + RedHat Linux 7.1 i386 + RedHat Linux 7.1 i386 + RedHat Linux 7.1 alpha + RedHat Linux 7.1 alpha + RedHat Linux 7.1 + RedHat Linux 7.1 + RedHat Linux 7.0 i386 + RedHat Linux 7.0 i386 + RedHat Linux 7.0 alpha + RedHat Linux 7.0 alpha + RedHat Linux 7.0 + RedHat Linux 7.0 + RedHat Linux Advanced Work Station 2.1 + RedHat Linux Advanced Work Station 2.1 RedHat Enterprise Linux Desktop Workstation v. 5 client RedHat Enterprise Linux Desktop v.5 client RedHat Enterprise Linux WS 5 RedHat Enterprise Linux WS 4 RedHat Enterprise Linux WS 3 RedHat Enterprise Linux WS 2.1 IA64 RedHat Enterprise Linux WS 2.1 RedHat Enterprise Linux v. 5 server RedHat Enterprise Linux ES 4 RedHat Enterprise Linux ES 3 RedHat Enterprise Linux ES 2.1 IA64 RedHat Enterprise Linux ES 2.1 RedHat Enterprise Linux AS 4 RedHat Enterprise Linux AS 3 RedHat Enterprise Linux AS 2.1 IA64 RedHat Enterprise Linux AS 2.1 RedHat Desktop 4.0 RedHat Desktop 3.0 RedHat Advanced Workstation for the Itanium Processor 2.1 IA64 RedHat Advanced Workstation for the Itanium Processor 2.1 Poppler poppler 0.5.4 KDE KOffice 1.6.3 KDE KOffice 1.6.1 KDE KOffice 1.6 KDE KOffice 1.5.91 KDE KOffice 1.5.2 KDE KOffice 1.5 KDE KOffice 1.4.2 KDE KOffice 1.4.1 KDE KOffice 1.4 KDE KOffice 1.3.5 KDE KOffice 1.3.4 KDE KOffice 1.3.3 + MandrakeSoft Linux Mandrake 10.1 x86_64 + MandrakeSoft Linux Mandrake 10.1 KDE KOffice 1.3.2 KDE KOffice 1.3.1 KDE KOffice 1.3 beta3 KDE KOffice 1.3 beta2 KDE KOffice 1.3 beta1 KDE KOffice 1.3 + MandrakeSoft Linux Mandrake 10.0 AMD64 + MandrakeSoft Linux Mandrake 10.0 KDE KOffice 1.2.92 KDE KOffice 1.2.1 KDE KOffice 1.2 KDE KDE 3.5.8 KDE KDE 3.5.7 KDE KDE 3.5.6 KDE KDE 3.5.5 KDE KDE 3.5.4 KDE KDE 3.5.3 KDE KDE 3.5.2 KDE KDE 3.5.1 KDE KDE 3.5 KDE KDE 3.4.3 - Gentoo Linux KDE KDE 3.4.2 KDE KDE 3.4.1 + RedHat Fedora Core4 + RedHat Fedora Core4 KDE KDE 3.4 KDE KDE 3.4 KDE KDE 3.3.2 + Debian Linux 3.1 sparc + Debian Linux 3.1 sparc + Debian Linux 3.1 sparc + Debian Linux 3.1 s/390 + Debian Linux 3.1 s/390 + Debian Linux 3.1 s/390 + Debian Linux 3.1 ppc + Debian Linux 3.1 ppc + Debian Linux 3.1 ppc + Debian Linux 3.1 mipsel + Debian Linux 3.1 mipsel + Debian Linux 3.1 mipsel + Debian Linux 3.1 mips + Debian Linux 3.1 mips + Debian Linux 3.1 mips + Debian Linux 3.1 m68k + Debian Linux 3.1 m68k + Debian Linux 3.1 m68k + Debian Linux 3.1 ia-64 + Debian Linux 3.1 ia-64 + Debian Linux 3.1 ia-64 + Debian Linux 3.1 ia-32 + Debian Linux 3.1 ia-32 + Debian Linux 3.1 ia-32 + Debian Linux 3.1 hppa + Debian Linux 3.1 hppa + Debian Linux 3.1 hppa + Debian Linux 3.1 arm + Debian Linux 3.1 arm + Debian Linux 3.1 arm + Debian Linux 3.1 amd64 + Debian Linux 3.1 amd64 + Debian Linux 3.1 amd64 + Debian Linux 3.1 alpha + Debian Linux 3.1 alpha + Debian Linux 3.1 alpha + Debian Linux 3.1 + Debian Linux 3.1 + Debian Linux 3.1 KDE KDE 3.3.2 KDE KDE 3.3.1 + RedHat Fedora Core3 + RedHat Fedora Core3 KDE KDE 3.3 KDE KDE 3.2.3 KDE KDE 3.2.2 + KDE KDE 3.2.2 + RedHat Fedora Core2 KDE KDE 3.2.1 KDE KDE 3.2 GNOME GPdf 2.8.3 GNOME GPdf 2.8.2 + RedHat Fedora Core3 + RedHat Fedora Core2 GNOME GPdf 2.8 Easy Software Products CUPS 1.1.17 + RedHat Desktop 3.0 + RedHat Enterprise Linux WS 3 + RedHat Enterprise Linux ES 3 + RedHat Enterprise Linux AS 3 厂商解决方案补丁下载： Xpdf Xpdf 3.02pl1 Xpdf xpdf-3.02pl2.patch <a href="ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl2.patch" target="_blank">ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl2.patch</a> KDE KOffice 1.6.3 KDE koffice-1.6.3-xpdf2-CVE-2007-4352-5392-5393.diff <a href="ftp://ftp.kde.org/pub/kde/security_patches/koffice-1.6.3-xpdf2-CVE-200" target="_blank">ftp://ftp.kde.org/pub/kde/security_patches/koffice-1.6.3-xpdf2-CVE-200</a> 7-4352-5392-5393.diff KDE KDE 3.5.5 KDE post-3.5.5-kdegraphics-CVE-2007-5393.diff <a href="ftp://ftp.kde.org/pub/kde/security_patches/post-3.5.5-kdegraphics-CVE-" target="_blank">ftp://ftp.kde.org/pub/kde/security_patches/post-3.5.5-kdegraphics-CVE-</a> 2007-5393.diff KDE KDE 3.5.6 KDE post-3.5.5-kdegraphics-CVE-2007-5393.diff <a href="ftp://ftp.kde.org/pub/kde/security_patches/post-3.5.5-kdegraphics-CVE-" target="_blank">ftp://ftp.kde.org/pub/kde/security_patches/post-3.5.5-kdegraphics-CVE-</a> 2007-5393.diff KDE KDE 3.5.7 KDE post-3.5.5-kdegraphics-CVE-2007-5393.diff <a href="ftp://ftp.kde.org/pub/kde/security_patches/post-3.5.5-kdegraphics-CVE-" target="_blank">ftp://ftp.kde.org/pub/kde/security_patches/post-3.5.5-kdegraphics-CVE-</a> 2007-5393.diff KDE KDE 3.5.8 KDE post-3.5.8-kdegraphics-kpdf.diff <a href="ftp://ftp.kde.org/pub/kde/security_patches/post-3.5.8-kdegraphics-kpdf.diff" target="_blank">ftp://ftp.kde.org/pub/kde/security_patches/post-3.5.8-kdegraphics-kpdf.diff</a>

漏洞利用/PoC

暂无可用Exp或PoC

受影响的平台与产品

当前有0条受影响产品信息

您还没有登录，登录后可查看更多

添加资源
收藏资源
问题反馈

贡献用户

暂无贡献用户

VULHUB ™