Bug 428126 - (CVE-2007-0104) CVE-2007-0104 xpdf infinite loop DoS
CVE-2007-0104 xpdf infinite loop DoS
Status: CLOSED NOTABUG
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
low Severity low
: ---
: ---
Assigned To: Red Hat Product Security
http://nvd.nist.gov/nvd.cfm?cvename=C...
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2008-01-09 07:40 EST by Mark J. Cox (Product Security)
Modified: 2008-01-09 07:45 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-01-09 07:45:02 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Mark J. Cox (Product Security) 2008-01-09 07:40:19 EST
Common Vulnerabilities and Exposures assigned an identifier CVE-2007-0104 to the following vulnerability:

The Adobe PDF specification 1.3, as implemented by (a) xpdf 3.0.1 patch 2, (b) kpdf in KDE before 3.5.5, (c) poppler before 0.5.4, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node.

References:

http://www.securityfocus.com/archive/1/archive/1/457055/100/0/threaded
http://www.kde.org/info/security/advisory-20070115-1.txt
https://issues.rpath.com/browse/RPL-964
http://support.novell.com/techcenter/psdb/44d7cb9b669d58e0ce5aa5d7ab2c7c53.html
http://docs.info.apple.com/article.html?artnum=305214
http://www.mandriva.com/security/advisories?name=MDKSA-2007:018
http://www.mandriva.com/security/advisories?name=MDKSA-2007:020
http://www.mandriva.com/security/advisories?name=MDKSA-2007:022
http://www.mandriva.com/security/advisories?name=MDKSA-2007:019
http://www.mandriva.com/security/advisories?name=MDKSA-2007:021
http://www.mandriva.com/security/advisories?name=MDKSA-2007:024
http://www.novell.com/linux/security/advisories/2007_3_sr.html
http://www.ubuntu.com/usn/usn-410-1
http://www.ubuntu.com/usn/usn-410-2
http://www.us-cert.gov/cas/techalerts/TA07-072A.html
http://www.securityfocus.com/bid/21910
http://projects.info-pull.com/moab/MOAB-06-01-2007.html
http://www.frsirt.com/english/advisories/2007/0203
http://www.frsirt.com/english/advisories/2007/0212
http://www.frsirt.com/english/advisories/2007/0244
http://www.frsirt.com/english/advisories/2007/0930
http://securitytracker.com/id?1017514
http://www.securitytracker.com/id?1017749
http://secunia.com/advisories/23799
http://secunia.com/advisories/23791
http://secunia.com/advisories/23808
http://secunia.com/advisories/23813
http://secunia.com/advisories/23815
http://secunia.com/advisories/23844
http://secunia.com/advisories/23839
http://secunia.com/advisories/23876
http://secunia.com/advisories/24204
http://secunia.com/advisories/24479
http://xforce.iss.net/xforce/xfdb/31364
Comment 1 Mark J. Cox (Product Security) 2008-01-09 07:45:02 EST
Based on our own research and information from Adobe we believe the description
of this issue isn't totally accurate (this isn't a problem with the
specification, but with specific implementations of the specification).

Basically, some implementations of the PDF spec, including acrobat reader 7.0.8,
erroneously allow page tree objects that refer back to themselves. As a result,
an infinite loop could be created. As far as we could tell, the worst a
malformed file could do is DOS the application.

We do not consider a user-assisted DoS of a client application such as xpdf be a
security issue.

Note You need to log in before you can comment on or make changes to this bug.