VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Jan 9, 2007· Updated Apr 23, 2026

CVE-2007-0104

CVE-2007-0104

Description

The Adobe PDF specification 1.3, as implemented by (a) xpdf 3.0.1 patch 2, (b) kpdf in KDE before 3.5.5, (c) poppler before 0.5.4, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node.

Affected products

17
  • Xpdf/Xpdf5 versions
    cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:xpdf:xpdf:3.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:xpdf:xpdf:3.0.1_pl1:*:*:*:*:*:*:*
    • cpe:2.3:a:xpdf:xpdf:3.0.1_pl2:*:*:*:*:*:*:*
    • cpe:2.3:a:xpdf:xpdf:3.0_pl2:*:*:*:*:*:*:*
  • KDE/Kde12 versions
    cpe:2.3:o:kde:kde:3.2:*:*:*:*:*:*:*+ 11 more
    • cpe:2.3:o:kde:kde:3.2:*:*:*:*:*:*:*
    • cpe:2.3:o:kde:kde:3.2.1:*:*:*:*:*:*:*
    • cpe:2.3:o:kde:kde:3.2.2:*:*:*:*:*:*:*
    • cpe:2.3:o:kde:kde:3.2.3:*:*:*:*:*:*:*
    • cpe:2.3:o:kde:kde:3.3:*:*:*:*:*:*:*
    • cpe:2.3:o:kde:kde:3.3.1:*:*:*:*:*:*:*
    • cpe:2.3:o:kde:kde:3.3.2:*:*:*:*:*:*:*
    • cpe:2.3:o:kde:kde:3.4:*:*:*:*:*:*:*
    • cpe:2.3:o:kde:kde:3.4.1:*:*:*:*:*:*:*
    • cpe:2.3:o:kde:kde:3.4.2:*:*:*:*:*:*:*
    • cpe:2.3:o:kde:kde:3.4.3:*:*:*:*:*:*:*
    • cpe:2.3:o:kde:kde:3.5:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

34

News mentions

0

No linked articles in our index yet.