Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler prior to 0.5.91, (2) gpdf prior to 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote malicious users to execute arbitrary code via a crafted PDF file that triggers a stack-based buffer overflow in the StreamPredictor::getNextLine function.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
xpdfreader xpdf 3.02 |
||
apple cups |
||
freedesktop poppler |
||
gpdf project gpdf |
||
debian debian linux 3.1 |
||
debian debian linux 4.0 |
||
canonical ubuntu linux 7.04 |
||
canonical ubuntu linux 6.10 |
||
canonical ubuntu linux 6.06 |