Bug 248194 (CVE-2007-3387)

Summary: CVE-2007-3387 xpdf integer overflow
Product: [Other] Security Response Reporter: Josh Bressers <bressers>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: high Docs Contact:
Priority: high    
Version: unspecifiedCC: ebenes, jhrozek, jlieskov, jnovy, kem, krh, than, twaugh
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2008-02-15 14:52:56 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 248197, 248198, 248199, 248200, 248202, 248203, 248204, 248205, 248206, 248207, 248208, 248209, 248210, 248211, 248212, 248213, 248214, 248215, 248216, 248217, 248218, 248219, 248220, 248221, 248222, 248223, 251509, 251511, 251512, 251513, 251514, 251515, 251518, 251519, 251522, 251524    
Bug Blocks:    
Attachments:
Description Flags
Proposed upstream fix none

Description Josh Bressers 2007-07-13 20:24:45 UTC 
Maurycy Prodeus discovered an integer overflow flaw in the way xpdf processes
PDF files.  It's possible this flaw could be used to execute arbitrary code as
the user running the application using the xpdf source.
Comment 1 Josh Bressers 2007-07-13 20:25:28 UTC 
Created attachment 159239 [details]
Proposed upstream fix
Comment 13 Mark J. Cox 2007-07-19 10:25:32 UTC 
embargo moved by upstream to Jul 28
Comment 15 Mark J. Cox 2007-07-20 11:54:22 UTC 
krh, these packages are affected (I verified them) because of the patch we
applied to fix CVE-2005-3193.
Comment 23 Josh Bressers 2007-07-30 17:45:11 UTC 
These issues should now be considered public.
Comment 30 Tomas Hoger 2007-08-09 15:19:23 UTC 
KDE Security Advisory with patches for koffice and kdegraphics:

http://www.kde.org/info/security/advisory-20070730-1.txt
Comment 31 Fedora Update System 2008-02-08 08:17:22 UTC 
poppler-0.5.4-8.fc7 has been submitted as an update for Fedora 7
Comment 32 Fedora Update System 2008-02-13 05:19:43 UTC 
poppler-0.5.4-8.fc7 has been pushed to the Fedora 7 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 33 Fedora Update System 2008-02-13 15:00:37 UTC 
poppler-0.5.4-8.fc7 has been pushed to the Fedora 7 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 34 Fedora Update System 2008-02-13 15:09:40 UTC 
poppler-0.5.4-8.fc7 has been pushed to the Fedora 7 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 35 Red Hat Product Security 2008-02-15 14:52:56 UTC 
This issue was addressed in:

Red Hat Enterprise Linux:
  kdegraphics:
    http://rhn.redhat.com/errata/RHSA-2007-0729.html
  gpdf:
    http://rhn.redhat.com/errata/RHSA-2007-0730.html
  xpdf:
    http://rhn.redhat.com/errata/RHSA-2007-0735.html
  cups:
    http://rhn.redhat.com/errata/RHSA-2007-0720.html
  poppler:
    http://rhn.redhat.com/errata/RHSA-2007-0732.html
  tetex:
    http://rhn.redhat.com/errata/RHSA-2007-0731.html

Fedora:
  xpdf:
    https://admin.fedoraproject.org/updates/F7/FEDORA-2007-1383
  cups:
    https://admin.fedoraproject.org/updates/F7/FEDORA-2007-1541
  tetex:
    https://admin.fedoraproject.org/updates/F7/FEDORA-2007-1547
  kdegraphics:
    https://admin.fedoraproject.org/updates/F7/FEDORA-2007-1594
  koffice:
    https://admin.fedoraproject.org/updates/F7/FEDORA-2007-1614
  poppler:
    https://admin.fedoraproject.org/updates/F7/FEDORA-2008-1651