VYPR
Unrated severityNVD Advisory· Published Jan 9, 2007· Updated Jun 16, 2026

CVE-2007-0104

CVE-2007-0104

Description

The Adobe PDF specification 1.3, as implemented by (a) xpdf 3.0.1 patch 2, (b) kpdf in KDE before 3.5.5, (c) poppler before 0.5.4, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

22
  • Xpdf/Xpdf6 versions
    cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:xpdf:xpdf:3.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:xpdf:xpdf:3.0.1_pl1:*:*:*:*:*:*:*
    • cpe:2.3:a:xpdf:xpdf:3.0.1_pl2:*:*:*:*:*:*:*
    • cpe:2.3:a:xpdf:xpdf:3.0_pl2:*:*:*:*:*:*:*
    • (no CPE)range: =3.0.1 patch 2
  • KDE/Kde12 versions
    cpe:2.3:o:kde:kde:3.2:*:*:*:*:*:*:*+ 11 more
    • cpe:2.3:o:kde:kde:3.2:*:*:*:*:*:*:*
    • cpe:2.3:o:kde:kde:3.2.1:*:*:*:*:*:*:*
    • cpe:2.3:o:kde:kde:3.2.2:*:*:*:*:*:*:*
    • cpe:2.3:o:kde:kde:3.2.3:*:*:*:*:*:*:*
    • cpe:2.3:o:kde:kde:3.3:*:*:*:*:*:*:*
    • cpe:2.3:o:kde:kde:3.3.1:*:*:*:*:*:*:*
    • cpe:2.3:o:kde:kde:3.3.2:*:*:*:*:*:*:*
    • cpe:2.3:o:kde:kde:3.4:*:*:*:*:*:*:*
    • cpe:2.3:o:kde:kde:3.4.1:*:*:*:*:*:*:*
    • cpe:2.3:o:kde:kde:3.4.2:*:*:*:*:*:*:*
    • cpe:2.3:o:kde:kde:3.4.3:*:*:*:*:*:*:*
    • cpe:2.3:o:kde:kde:3.5:*:*:*:*:*:*:*
  • KDE/Kpdfllm-fuzzy
    Range: <3.5.5
  • Range: <0.5.4
  • osv-coords2 versions
    < 2.3.3op2-4.2+ 1 more
    • (no CPE)range: < 2.3.3op2-4.2
    • (no CPE)range: < 21.08.0-1.3

Patches

Vulnerability mechanics

References

34

News mentions

0

No linked articles in our index yet.