Bug 345121 (CVE-2007-5393) - CVE-2007-5393 xpdf buffer overflow in CCITTFaxStream::lookChar()
Summary: CVE-2007-5393 xpdf buffer overflow in CCITTFaxStream::lookChar()
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: CVE-2007-5393
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 356541 356551 356561 356571 356581 356601 356611 356621 356631 356641 356651 356671 356681 356691 356701 356711 356721 356751 356761 356781 356791 356811 356821 372461 372471 372481 372491 372501 372511 372521 372551 372561 372571 372581 372591 372601 372611 372651 372661 372671
Blocks:
TreeView+ depends on / blocked
 
Reported: 2007-10-22 12:51 UTC by Tomas Hoger
Modified: 2019-09-29 12:21 UTC (History)
6 users (show)

Fixed In Version: 0.5.4-8.fc7
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2008-02-13 05:19:59 UTC
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2007:1021 0 normal SHIPPED_LIVE Important: cups security update 2007-11-07 17:45:52 UTC
Red Hat Product Errata RHSA-2007:1022 0 normal SHIPPED_LIVE Important: cups security update 2007-11-07 17:52:42 UTC
Red Hat Product Errata RHSA-2007:1023 0 normal SHIPPED_LIVE Important: cups security update 2007-11-07 17:58:59 UTC
Red Hat Product Errata RHSA-2007:1024 0 normal SHIPPED_LIVE Important: kdegraphics security update 2007-11-12 09:23:07 UTC
Red Hat Product Errata RHSA-2007:1025 0 normal SHIPPED_LIVE Important: gpdf security update 2007-11-07 18:05:00 UTC
Red Hat Product Errata RHSA-2007:1026 0 normal SHIPPED_LIVE Important: poppler security update 2007-11-07 18:10:06 UTC
Red Hat Product Errata RHSA-2007:1027 0 normal SHIPPED_LIVE Important: tetex security update 2007-11-08 13:47:26 UTC
Red Hat Product Errata RHSA-2007:1028 0 normal SHIPPED_LIVE Important: tetex security update 2007-11-07 18:42:02 UTC
Red Hat Product Errata RHSA-2007:1029 0 normal SHIPPED_LIVE Important: xpdf security update 2007-11-07 18:48:15 UTC
Red Hat Product Errata RHSA-2007:1030 0 normal SHIPPED_LIVE Important: xpdf security update 2007-11-07 19:04:11 UTC
Red Hat Product Errata RHSA-2007:1031 0 normal SHIPPED_LIVE Important: xpdf security update 2007-11-07 19:05:48 UTC
Red Hat Product Errata RHSA-2007:1051 0 normal SHIPPED_LIVE Important: kdegraphics security update 2007-11-16 21:01:44 UTC

Description Tomas Hoger 2007-10-22 12:51:43 UTC
Alin Rad Pop of the Secunia Research has discovered a vulnerability in
xpdf/Stream.cc code:

A boundary error exists within the "CCITTFaxStream::lookChar()"
method in xpdf/Stream.cc. This can be exploited to cause a heap-based
buffer overflow by tricking a user into opening a PDF file containing a
specially crafted "CCITTFaxDecode" filter.

Successful exploitation allows execution of arbitrary code.

Comment 22 Josh Bressers 2007-11-07 16:24:43 UTC
This is now public

http://marc.info/?l=full-disclosure&m=119445179723160&w=2

Comment 23 Fedora Update System 2007-11-15 03:32:25 UTC
tetex-3.0-44.2.fc8 has been pushed to the Fedora 8 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update tetex'

Comment 24 Fedora Update System 2007-11-15 03:46:18 UTC
tetex-3.0-40.3.fc7 has been pushed to the Fedora 7 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update tetex'

Comment 25 Fedora Update System 2007-11-20 18:00:46 UTC
tetex-3.0-40.3.fc7 has been pushed to the Fedora 7 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 26 Fedora Update System 2007-11-20 18:04:56 UTC
tetex-3.0-44.3.fc8 has been pushed to the Fedora 8 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 27 Fedora Update System 2008-02-08 08:17:29 UTC
poppler-0.5.4-8.fc7 has been submitted as an update for Fedora 7

Comment 28 Fedora Update System 2008-02-13 05:19:50 UTC
poppler-0.5.4-8.fc7 has been pushed to the Fedora 7 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 29 Fedora Update System 2008-02-13 15:00:45 UTC
poppler-0.5.4-8.fc7 has been pushed to the Fedora 7 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 30 Fedora Update System 2008-02-13 15:09:48 UTC
poppler-0.5.4-8.fc7 has been pushed to the Fedora 7 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 31 Red Hat Product Security 2008-02-15 15:06:55 UTC
This issue was addressed in:

Red Hat Enterprise Linux:
  cups:
    http://rhn.redhat.com/errata/RHSA-2007-1021.html
    http://rhn.redhat.com/errata/RHSA-2007-1022.html
    http://rhn.redhat.com/errata/RHSA-2007-1023.html
  gpdf:
    http://rhn.redhat.com/errata/RHSA-2007-1025.html
  poppler:
    http://rhn.redhat.com/errata/RHSA-2007-1026.html
  xpdf:
    http://rhn.redhat.com/errata/RHSA-2007-1029.html
    http://rhn.redhat.com/errata/RHSA-2007-1030.html
    http://rhn.redhat.com/errata/RHSA-2007-1031.html
  tetex:
    http://rhn.redhat.com/errata/RHSA-2007-1027.html
    http://rhn.redhat.com/errata/RHSA-2007-1028.html
  kdegraphics:
    http://rhn.redhat.com/errata/RHSA-2007-1024.html
    http://rhn.redhat.com/errata/RHSA-2007-1051.html

Fedora:
  kdegraphics:
    https://admin.fedoraproject.org/updates/F7/FEDORA-2007-2985
    https://admin.fedoraproject.org/updates/F8/FEDORA-2007-3001
  xpdf:
    https://admin.fedoraproject.org/updates/F7/FEDORA-2007-3031
    https://admin.fedoraproject.org/updates/F8/FEDORA-2007-3014
  koffice:
    https://admin.fedoraproject.org/updates/F7/FEDORA-2007-3059
    https://admin.fedoraproject.org/updates/F8/FEDORA-2007-3093
  cups:
    https://admin.fedoraproject.org/updates/F7/FEDORA-2007-3100
    https://admin.fedoraproject.org/updates/F8/FEDORA-2007-2982
  poppler:
    https://admin.fedoraproject.org/updates/F7/FEDORA-2008-1651
    https://admin.fedoraproject.org/updates/F8/FEDORA-2007-4031
  tetex:
    https://admin.fedoraproject.org/updates/F7/FEDORA-2007-3390
    https://admin.fedoraproject.org/updates/F8/FEDORA-2007-3308


Note You need to log in before you can comment on or make changes to this bug.