U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

CVE-2007-5392 Detail

Current Description

Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a crafted PDF file, resulting in a heap-based buffer overflow.


View Analysis Description

Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.
CVSS 4.0 Severity and Vector Strings:

NIST CVSS score
NIST: NVD
N/A
NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

URL Source(s) Tag(s)
http://secunia.com/advisories/26503 CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/advisories/27260 CVE, Flexera Software LLC Patch  Vendor Advisory 
http://secunia.com/advisories/27553 CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/advisories/27573 CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/advisories/27574 CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/advisories/27575 CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/advisories/27577 CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/advisories/27578 CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/advisories/27599 CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/advisories/27615 CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/advisories/27618 CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/advisories/27619 CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/advisories/27632 CVE, Flexera Software LLC
http://secunia.com/advisories/27634 CVE, Flexera Software LLC
http://secunia.com/advisories/27636 CVE, Flexera Software LLC
http://secunia.com/advisories/27637 CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/advisories/27640 CVE, Flexera Software LLC Vendor Advisory 
http://secunia.com/advisories/27641 CVE, Flexera Software LLC
http://secunia.com/advisories/27642 CVE, Flexera Software LLC
http://secunia.com/advisories/27645 CVE, Flexera Software LLC
http://secunia.com/advisories/27656 CVE, Flexera Software LLC
http://secunia.com/advisories/27658 CVE, Flexera Software LLC
http://secunia.com/advisories/27705 CVE, Flexera Software LLC
http://secunia.com/advisories/27721 CVE, Flexera Software LLC
http://secunia.com/advisories/27724 CVE, Flexera Software LLC
http://secunia.com/advisories/27743 CVE, Flexera Software LLC
http://secunia.com/advisories/27856 CVE, Flexera Software LLC
http://secunia.com/advisories/28043 CVE, Flexera Software LLC
http://secunia.com/advisories/28812 CVE, Flexera Software LLC
http://secunia.com/advisories/29104 CVE, Flexera Software LLC
http://secunia.com/advisories/29604 CVE, Flexera Software LLC
http://secunia.com/advisories/30168 CVE, Flexera Software LLC
http://secunia.com/secunia_research/2007-88/advisory/ CVE, Flexera Software LLC Vendor Advisory 
http://security.gentoo.org/glsa/glsa-200711-22.xml CVE, Flexera Software LLC
http://security.gentoo.org/glsa/glsa-200711-34.xml CVE, Flexera Software LLC
http://security.gentoo.org/glsa/glsa-200805-13.xml CVE, Flexera Software LLC
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.761882 CVE, Flexera Software LLC
http://support.novell.com/techcenter/psdb/1d5fd29802b2ef7e342e733731f1e933.html CVE, Flexera Software LLC
http://support.novell.com/techcenter/psdb/3867a5092daac43cd6a92e6107d9fbce.html CVE, Flexera Software LLC
http://support.novell.com/techcenter/psdb/43ad7b3569dba59e7ba07677edc01cad.html CVE, Flexera Software LLC
http://support.novell.com/techcenter/psdb/da3498f05433976cc548cc4eaf8349c8.html CVE, Flexera Software LLC
http://support.novell.com/techcenter/psdb/f83e024a65d69ebc810d2117815b940d.html CVE, Flexera Software LLC
http://www.debian.org/security/2008/dsa-1480 CVE, Flexera Software LLC
http://www.debian.org/security/2008/dsa-1509 CVE, Flexera Software LLC
http://www.debian.org/security/2008/dsa-1537 CVE, Flexera Software LLC
http://www.kde.org/info/security/advisory-20071107-1.txt CVE, Flexera Software LLC
http://www.mandriva.com/security/advisories?name=MDKSA-2007:219 CVE, Flexera Software LLC
http://www.mandriva.com/security/advisories?name=MDKSA-2007:220 CVE, Flexera Software LLC
http://www.mandriva.com/security/advisories?name=MDKSA-2007:221 CVE, Flexera Software LLC
http://www.mandriva.com/security/advisories?name=MDKSA-2007:222 CVE, Flexera Software LLC
http://www.mandriva.com/security/advisories?name=MDKSA-2007:223 CVE, Flexera Software LLC
http://www.mandriva.com/security/advisories?name=MDKSA-2007:227 CVE, Flexera Software LLC
http://www.mandriva.com/security/advisories?name=MDKSA-2007:228 CVE, Flexera Software LLC
http://www.mandriva.com/security/advisories?name=MDKSA-2007:230 CVE, Flexera Software LLC
http://www.novell.com/linux/security/advisories/2007_60_pdf.html CVE, Flexera Software LLC
http://www.redhat.com/support/errata/RHSA-2007-1021.html CVE, Flexera Software LLC Vendor Advisory 
http://www.redhat.com/support/errata/RHSA-2007-1022.html CVE, Flexera Software LLC Vendor Advisory 
http://www.redhat.com/support/errata/RHSA-2007-1024.html CVE, Flexera Software LLC Vendor Advisory 
http://www.redhat.com/support/errata/RHSA-2007-1025.html CVE, Flexera Software LLC
http://www.redhat.com/support/errata/RHSA-2007-1026.html CVE, Flexera Software LLC Vendor Advisory 
http://www.redhat.com/support/errata/RHSA-2007-1027.html CVE, Flexera Software LLC Vendor Advisory 
http://www.redhat.com/support/errata/RHSA-2007-1029.html CVE, Flexera Software LLC Vendor Advisory 
http://www.redhat.com/support/errata/RHSA-2007-1030.html CVE, Flexera Software LLC Vendor Advisory 
http://www.securityfocus.com/archive/1/483372 CVE, Flexera Software LLC
http://www.securityfocus.com/bid/26367 CVE, Flexera Software LLC
http://www.securitytracker.com/id?1018905 CVE, Flexera Software LLC
http://www.ubuntu.com/usn/usn-542-1 CVE, Flexera Software LLC
http://www.ubuntu.com/usn/usn-542-2 CVE, Flexera Software LLC
http://www.vupen.com/english/advisories/2007/3774 CVE, Flexera Software LLC
http://www.vupen.com/english/advisories/2007/3775 CVE, Flexera Software LLC
http://www.vupen.com/english/advisories/2007/3776 CVE, Flexera Software LLC
http://www.vupen.com/english/advisories/2007/3779 CVE, Flexera Software LLC
http://www.vupen.com/english/advisories/2007/3786 CVE, Flexera Software LLC
https://exchange.xforce.ibmcloud.com/vulnerabilities/38303 CVE, Flexera Software LLC
https://issues.rpath.com/browse/RPL-1926 CVE, Flexera Software LLC
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10036 CVE, Flexera Software LLC
https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00369.html CVE, Flexera Software LLC
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00215.html CVE, Flexera Software LLC
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00224.html CVE, Flexera Software LLC
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00238.html CVE, Flexera Software LLC
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html CVE, Flexera Software LLC
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00724.html CVE, Flexera Software LLC

Weakness Enumeration

CWE-ID CWE Name Source
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer cwe source acceptance level NIST  

Known Affected Software Configurations Switch to CPE 2.2

CPEs loading, please wait.

Denotes Vulnerable Software
Are we missing a CPE here? Please let us know.

Change History

5 change records found show changes

Quick Info

CVE Dictionary Entry:
CVE-2007-5392
NVD Published Date:
11/07/2007
NVD Last Modified:
04/08/2025
Source:
Flexera Software LLC