CVE-2007-5392

Description

Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a crafted PDF file, resulting in a heap-based buffer overflow.

Affected packages (4)

• Debian/cupsfrom 0, < 1.1.22-7
• Debian/libextractorfrom 0, < 0.5.12-1
• Debian/popplerfrom 0, < 0.6.2-1
• Debian/xpdffrom 0, < 3.02-1.3

References (1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2007-5392