Bug 428125 (CVE-2007-0103)

Summary: CVE-2007-0103 acroread infinite loop DoS
Product: [Other] Security Response Reporter: Mark J. Cox <mjc>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED NOTABUG QA Contact:
Severity: low Docs Contact:
Priority: low    
Version: unspecifiedCC: krh
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
URL: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0103
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2008-01-09 12:44:32 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Mark J. Cox 2008-01-09 12:38:45 UTC 
Common Vulnerabilities and Exposures assigned an identifier CVE-2007-0103 to the following vulnerability:

The Adobe PDF specification 1.3, as implemented by Adobe Acrobat before 8.0.0, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node.

References:

http://docs.info.apple.com/article.html?artnum=305214
http://www.us-cert.gov/cas/techalerts/TA07-072A.html
http://www.securityfocus.com/bid/21910
http://projects.info-pull.com/moab/MOAB-06-01-2007.html
http://www.frsirt.com/english/advisories/2007/0930
http://www.securitytracker.com/id?1017749
http://secunia.com/advisories/24479
http://xforce.iss.net/xforce/xfdb/31364
Comment 1 Mark J. Cox 2008-01-09 12:44:32 UTC 
Based on our own research and information from Adobe we believe the description
of this issue isn't totally accurate (this isn't a problem with the
specification, but with specific implementations of the specification).

Basically, some implementations of the PDF spec, including acrobat reader 7.0.8,
erroneously allow page tree objects that refer back to themselves. As a result,
an infinite loop could be created. As far as we could tell, the worst a
malformed file could do is DOS the application.

We do not consider a user-assisted DoS of a client application such as Adobe
Acrobat reader to be a security issue.