Description

Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf before 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote attackers to execute arbitrary code via a crafted PDF file that triggers a stack-based buffer overflow in the StreamPredictor::getNextLine function.

INFO

Published Date :

July 30, 2007, 11:17 p.m.

Last Modified :

Feb. 13, 2023, 2:17 a.m.

Remotely Exploitable :

Yes !

Impact Score :

6.4

Exploitability Score :

8.6
Public PoC/Exploit Available at Github

CVE-2007-3387 has a 1 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

Affected Products

The following products are affected by CVE-2007-3387 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Apple cups
1 Canonical ubuntu_linux
1 Debian debian_linux
1 Freedesktop poppler
1 Xpdfreader xpdf
1 Gpdf_project gpdf
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2007-3387.

URL Resource
ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl1.patch Broken Link
ftp://patches.sgi.com/support/free/security/advisories/20070801-01-P.asc Broken Link
http://bugs.gentoo.org/show_bug.cgi?id=187139 Issue Tracking Third Party Advisory
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=248194 Issue Tracking Third Party Advisory
http://osvdb.org/40127 Broken Link
http://secunia.com/advisories/26188 Third Party Advisory
http://secunia.com/advisories/26251 Third Party Advisory
http://secunia.com/advisories/26254 Third Party Advisory
http://secunia.com/advisories/26255 Third Party Advisory
http://secunia.com/advisories/26257 Third Party Advisory
http://secunia.com/advisories/26278 Third Party Advisory
http://secunia.com/advisories/26281 Third Party Advisory
http://secunia.com/advisories/26283 Third Party Advisory
http://secunia.com/advisories/26292 Third Party Advisory
http://secunia.com/advisories/26293 Third Party Advisory
http://secunia.com/advisories/26297 Third Party Advisory
http://secunia.com/advisories/26307 Third Party Advisory
http://secunia.com/advisories/26318 Third Party Advisory
http://secunia.com/advisories/26325 Third Party Advisory
http://secunia.com/advisories/26342 Third Party Advisory
http://secunia.com/advisories/26343 Third Party Advisory
http://secunia.com/advisories/26358 Third Party Advisory
http://secunia.com/advisories/26365 Third Party Advisory
http://secunia.com/advisories/26370 Third Party Advisory
http://secunia.com/advisories/26395 Third Party Advisory
http://secunia.com/advisories/26403 Third Party Advisory
http://secunia.com/advisories/26405 Third Party Advisory
http://secunia.com/advisories/26407 Third Party Advisory
http://secunia.com/advisories/26410 Third Party Advisory
http://secunia.com/advisories/26413 Third Party Advisory
http://secunia.com/advisories/26425 Third Party Advisory
http://secunia.com/advisories/26432 Third Party Advisory
http://secunia.com/advisories/26436 Third Party Advisory
http://secunia.com/advisories/26467 Third Party Advisory
http://secunia.com/advisories/26468 Third Party Advisory
http://secunia.com/advisories/26470 Third Party Advisory
http://secunia.com/advisories/26514 Third Party Advisory
http://secunia.com/advisories/26607 Third Party Advisory
http://secunia.com/advisories/26627 Third Party Advisory
http://secunia.com/advisories/26862 Third Party Advisory
http://secunia.com/advisories/26982 Third Party Advisory
http://secunia.com/advisories/27156 Third Party Advisory
http://secunia.com/advisories/27281 Third Party Advisory
http://secunia.com/advisories/27308 Third Party Advisory
http://secunia.com/advisories/27637 Third Party Advisory
http://secunia.com/advisories/30168 Third Party Advisory
http://security.gentoo.org/glsa/glsa-200709-12.xml Third Party Advisory
http://security.gentoo.org/glsa/glsa-200709-17.xml Third Party Advisory
http://security.gentoo.org/glsa/glsa-200710-20.xml Third Party Advisory
http://security.gentoo.org/glsa/glsa-200711-34.xml Third Party Advisory
http://security.gentoo.org/glsa/glsa-200805-13.xml Third Party Advisory
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.761882 Third Party Advisory
http://sourceforge.net/project/shownotes.php?release_id=535497 Broken Link
http://support.avaya.com/elmodocs2/security/ASA-2007-401.htm Third Party Advisory
http://www.debian.org/security/2007/dsa-1347 Third Party Advisory
http://www.debian.org/security/2007/dsa-1348 Third Party Advisory
http://www.debian.org/security/2007/dsa-1349 Third Party Advisory
http://www.debian.org/security/2007/dsa-1350 Third Party Advisory
http://www.debian.org/security/2007/dsa-1352 Third Party Advisory
http://www.debian.org/security/2007/dsa-1354 Third Party Advisory
http://www.debian.org/security/2007/dsa-1355 Third Party Advisory
http://www.debian.org/security/2007/dsa-1357 Third Party Advisory
http://www.gentoo.org/security/en/glsa/glsa-200710-08.xml Third Party Advisory
http://www.kde.org/info/security/advisory-20070730-1.txt Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2007:158 Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2007:159 Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2007:160 Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2007:161 Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2007:162 Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2007:163 Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2007:164 Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2007:165 Third Party Advisory
http://www.novell.com/linux/security/advisories/2007_15_sr.html Broken Link
http://www.novell.com/linux/security/advisories/2007_16_sr.html Broken Link
http://www.redhat.com/support/errata/RHSA-2007-0720.html Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2007-0729.html Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2007-0730.html Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2007-0731.html Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2007-0732.html Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2007-0735.html Third Party Advisory
http://www.securityfocus.com/archive/1/476508/100/0/threaded Third Party Advisory VDB Entry
http://www.securityfocus.com/archive/1/476519/30/5400/threaded Third Party Advisory VDB Entry
http://www.securityfocus.com/archive/1/476765/30/5340/threaded Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/25124 Third Party Advisory VDB Entry
http://www.securitytracker.com/id?1018473 Third Party Advisory VDB Entry
http://www.slackware.org/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.423670 Third Party Advisory
http://www.ubuntu.com/usn/usn-496-1 Third Party Advisory
http://www.ubuntu.com/usn/usn-496-2 Third Party Advisory
http://www.vupen.com/english/advisories/2007/2704 Permissions Required Third Party Advisory
http://www.vupen.com/english/advisories/2007/2705 Permissions Required Third Party Advisory
https://issues.foresightlinux.org/browse/FL-471 Broken Link
https://issues.rpath.com/browse/RPL-1596 Broken Link
https://issues.rpath.com/browse/RPL-1604 Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11149 Third Party Advisory

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

CVEs and Techniques used PDF as an attack vector.

Updated: 2 months, 2 weeks ago
54 stars 12 fork 12 watcher
Born at : June 22, 2022, 6:01 a.m. This repo has been linked 701 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2007-3387 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2007-3387 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Modified by [email protected]

    May. 14, 2024

    Action Type Old Value New Value
  • CVE Modified by [email protected]

    Feb. 13, 2023

    Action Type Old Value New Value
    Changed Description CVE-2007-3387 xpdf integer overflow Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf before 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote attackers to execute arbitrary code via a crafted PDF file that triggers a stack-based buffer overflow in the StreamPredictor::getNextLine function.
    Removed Reference https://access.redhat.com/errata/RHSA-2007:0720 [No Types Assigned]
    Removed Reference https://access.redhat.com/errata/RHSA-2007:0729 [No Types Assigned]
    Removed Reference https://access.redhat.com/errata/RHSA-2007:0730 [No Types Assigned]
    Removed Reference https://access.redhat.com/errata/RHSA-2007:0731 [No Types Assigned]
    Removed Reference https://access.redhat.com/errata/RHSA-2007:0732 [No Types Assigned]
    Removed Reference https://access.redhat.com/errata/RHSA-2007:0735 [No Types Assigned]
    Removed Reference https://access.redhat.com/security/cve/CVE-2007-3387 [No Types Assigned]
    Removed Reference https://bugzilla.redhat.com/show_bug.cgi?id=248194 [No Types Assigned]
  • CVE Modified by [email protected]

    Feb. 02, 2023

    Action Type Old Value New Value
    Changed Description Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf before 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote attackers to execute arbitrary code via a crafted PDF file that triggers a stack-based buffer overflow in the StreamPredictor::getNextLine function. CVE-2007-3387 xpdf integer overflow
    Added Reference https://access.redhat.com/errata/RHSA-2007:0731 [No Types Assigned]
    Added Reference https://access.redhat.com/errata/RHSA-2007:0732 [No Types Assigned]
    Added Reference https://access.redhat.com/errata/RHSA-2007:0730 [No Types Assigned]
    Added Reference https://access.redhat.com/errata/RHSA-2007:0735 [No Types Assigned]
    Added Reference https://access.redhat.com/errata/RHSA-2007:0729 [No Types Assigned]
    Added Reference https://access.redhat.com/security/cve/CVE-2007-3387 [No Types Assigned]
    Added Reference https://bugzilla.redhat.com/show_bug.cgi?id=248194 [No Types Assigned]
    Added Reference https://access.redhat.com/errata/RHSA-2007:0720 [No Types Assigned]
  • Modified Analysis by [email protected]

    Dec. 23, 2020

    Action Type Old Value New Value
    Changed Reference Type ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl1.patch No Types Assigned ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl1.patch Broken Link
    Changed Reference Type ftp://patches.sgi.com/support/free/security/advisories/20070801-01-P.asc No Types Assigned ftp://patches.sgi.com/support/free/security/advisories/20070801-01-P.asc Broken Link
    Changed Reference Type http://bugs.gentoo.org/show_bug.cgi?id=187139 No Types Assigned http://bugs.gentoo.org/show_bug.cgi?id=187139 Issue Tracking, Third Party Advisory
    Changed Reference Type http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=248194 No Types Assigned http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=248194 Issue Tracking, Third Party Advisory
    Changed Reference Type http://osvdb.org/40127 No Types Assigned http://osvdb.org/40127 Broken Link
    Changed Reference Type http://secunia.com/advisories/26188 Vendor Advisory http://secunia.com/advisories/26188 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/26251 No Types Assigned http://secunia.com/advisories/26251 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/26254 Vendor Advisory http://secunia.com/advisories/26254 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/26255 Vendor Advisory http://secunia.com/advisories/26255 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/26257 Vendor Advisory http://secunia.com/advisories/26257 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/26278 No Types Assigned http://secunia.com/advisories/26278 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/26281 No Types Assigned http://secunia.com/advisories/26281 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/26283 No Types Assigned http://secunia.com/advisories/26283 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/26292 No Types Assigned http://secunia.com/advisories/26292 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/26293 No Types Assigned http://secunia.com/advisories/26293 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/26297 No Types Assigned http://secunia.com/advisories/26297 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/26307 No Types Assigned http://secunia.com/advisories/26307 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/26318 No Types Assigned http://secunia.com/advisories/26318 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/26325 No Types Assigned http://secunia.com/advisories/26325 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/26342 No Types Assigned http://secunia.com/advisories/26342 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/26343 No Types Assigned http://secunia.com/advisories/26343 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/26358 No Types Assigned http://secunia.com/advisories/26358 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/26365 No Types Assigned http://secunia.com/advisories/26365 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/26370 No Types Assigned http://secunia.com/advisories/26370 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/26395 No Types Assigned http://secunia.com/advisories/26395 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/26403 No Types Assigned http://secunia.com/advisories/26403 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/26405 No Types Assigned http://secunia.com/advisories/26405 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/26407 No Types Assigned http://secunia.com/advisories/26407 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/26410 No Types Assigned http://secunia.com/advisories/26410 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/26413 No Types Assigned http://secunia.com/advisories/26413 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/26425 No Types Assigned http://secunia.com/advisories/26425 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/26432 No Types Assigned http://secunia.com/advisories/26432 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/26436 No Types Assigned http://secunia.com/advisories/26436 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/26467 No Types Assigned http://secunia.com/advisories/26467 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/26468 No Types Assigned http://secunia.com/advisories/26468 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/26470 No Types Assigned http://secunia.com/advisories/26470 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/26514 No Types Assigned http://secunia.com/advisories/26514 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/26607 No Types Assigned http://secunia.com/advisories/26607 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/26627 No Types Assigned http://secunia.com/advisories/26627 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/26862 No Types Assigned http://secunia.com/advisories/26862 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/26982 No Types Assigned http://secunia.com/advisories/26982 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/27156 No Types Assigned http://secunia.com/advisories/27156 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/27281 No Types Assigned http://secunia.com/advisories/27281 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/27308 No Types Assigned http://secunia.com/advisories/27308 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/27637 No Types Assigned http://secunia.com/advisories/27637 Third Party Advisory
    Changed Reference Type http://secunia.com/advisories/30168 No Types Assigned http://secunia.com/advisories/30168 Third Party Advisory
    Changed Reference Type http://security.gentoo.org/glsa/glsa-200709-12.xml No Types Assigned http://security.gentoo.org/glsa/glsa-200709-12.xml Third Party Advisory
    Changed Reference Type http://security.gentoo.org/glsa/glsa-200709-17.xml No Types Assigned http://security.gentoo.org/glsa/glsa-200709-17.xml Third Party Advisory
    Changed Reference Type http://security.gentoo.org/glsa/glsa-200710-20.xml No Types Assigned http://security.gentoo.org/glsa/glsa-200710-20.xml Third Party Advisory
    Changed Reference Type http://security.gentoo.org/glsa/glsa-200711-34.xml No Types Assigned http://security.gentoo.org/glsa/glsa-200711-34.xml Third Party Advisory
    Changed Reference Type http://security.gentoo.org/glsa/glsa-200805-13.xml No Types Assigned http://security.gentoo.org/glsa/glsa-200805-13.xml Third Party Advisory
    Changed Reference Type http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.761882 No Types Assigned http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.761882 Third Party Advisory
    Changed Reference Type http://sourceforge.net/project/shownotes.php?release_id=535497 No Types Assigned http://sourceforge.net/project/shownotes.php?release_id=535497 Broken Link
    Changed Reference Type http://support.avaya.com/elmodocs2/security/ASA-2007-401.htm No Types Assigned http://support.avaya.com/elmodocs2/security/ASA-2007-401.htm Third Party Advisory
    Changed Reference Type http://www.debian.org/security/2007/dsa-1347 No Types Assigned http://www.debian.org/security/2007/dsa-1347 Third Party Advisory
    Changed Reference Type http://www.debian.org/security/2007/dsa-1348 No Types Assigned http://www.debian.org/security/2007/dsa-1348 Third Party Advisory
    Changed Reference Type http://www.debian.org/security/2007/dsa-1349 No Types Assigned http://www.debian.org/security/2007/dsa-1349 Third Party Advisory
    Changed Reference Type http://www.debian.org/security/2007/dsa-1350 No Types Assigned http://www.debian.org/security/2007/dsa-1350 Third Party Advisory
    Changed Reference Type http://www.debian.org/security/2007/dsa-1352 No Types Assigned http://www.debian.org/security/2007/dsa-1352 Third Party Advisory
    Changed Reference Type http://www.debian.org/security/2007/dsa-1354 No Types Assigned http://www.debian.org/security/2007/dsa-1354 Third Party Advisory
    Changed Reference Type http://www.debian.org/security/2007/dsa-1355 No Types Assigned http://www.debian.org/security/2007/dsa-1355 Third Party Advisory
    Changed Reference Type http://www.debian.org/security/2007/dsa-1357 No Types Assigned http://www.debian.org/security/2007/dsa-1357 Third Party Advisory
    Changed Reference Type http://www.gentoo.org/security/en/glsa/glsa-200710-08.xml No Types Assigned http://www.gentoo.org/security/en/glsa/glsa-200710-08.xml Third Party Advisory
    Changed Reference Type http://www.kde.org/info/security/advisory-20070730-1.txt No Types Assigned http://www.kde.org/info/security/advisory-20070730-1.txt Third Party Advisory
    Changed Reference Type http://www.mandriva.com/security/advisories?name=MDKSA-2007:158 No Types Assigned http://www.mandriva.com/security/advisories?name=MDKSA-2007:158 Third Party Advisory
    Changed Reference Type http://www.mandriva.com/security/advisories?name=MDKSA-2007:159 No Types Assigned http://www.mandriva.com/security/advisories?name=MDKSA-2007:159 Third Party Advisory
    Changed Reference Type http://www.mandriva.com/security/advisories?name=MDKSA-2007:160 No Types Assigned http://www.mandriva.com/security/advisories?name=MDKSA-2007:160 Third Party Advisory
    Changed Reference Type http://www.mandriva.com/security/advisories?name=MDKSA-2007:161 No Types Assigned http://www.mandriva.com/security/advisories?name=MDKSA-2007:161 Third Party Advisory
    Changed Reference Type http://www.mandriva.com/security/advisories?name=MDKSA-2007:162 No Types Assigned http://www.mandriva.com/security/advisories?name=MDKSA-2007:162 Third Party Advisory
    Changed Reference Type http://www.mandriva.com/security/advisories?name=MDKSA-2007:163 No Types Assigned http://www.mandriva.com/security/advisories?name=MDKSA-2007:163 Third Party Advisory
    Changed Reference Type http://www.mandriva.com/security/advisories?name=MDKSA-2007:164 No Types Assigned http://www.mandriva.com/security/advisories?name=MDKSA-2007:164 Third Party Advisory
    Changed Reference Type http://www.mandriva.com/security/advisories?name=MDKSA-2007:165 No Types Assigned http://www.mandriva.com/security/advisories?name=MDKSA-2007:165 Third Party Advisory
    Changed Reference Type http://www.novell.com/linux/security/advisories/2007_15_sr.html No Types Assigned http://www.novell.com/linux/security/advisories/2007_15_sr.html Broken Link
    Changed Reference Type http://www.novell.com/linux/security/advisories/2007_16_sr.html No Types Assigned http://www.novell.com/linux/security/advisories/2007_16_sr.html Broken Link
    Changed Reference Type http://www.redhat.com/support/errata/RHSA-2007-0720.html Vendor Advisory http://www.redhat.com/support/errata/RHSA-2007-0720.html Third Party Advisory
    Changed Reference Type http://www.redhat.com/support/errata/RHSA-2007-0729.html Vendor Advisory http://www.redhat.com/support/errata/RHSA-2007-0729.html Third Party Advisory
    Changed Reference Type http://www.redhat.com/support/errata/RHSA-2007-0730.html Patch, Vendor Advisory http://www.redhat.com/support/errata/RHSA-2007-0730.html Third Party Advisory
    Changed Reference Type http://www.redhat.com/support/errata/RHSA-2007-0731.html Vendor Advisory http://www.redhat.com/support/errata/RHSA-2007-0731.html Third Party Advisory
    Changed Reference Type http://www.redhat.com/support/errata/RHSA-2007-0732.html Vendor Advisory http://www.redhat.com/support/errata/RHSA-2007-0732.html Third Party Advisory
    Changed Reference Type http://www.redhat.com/support/errata/RHSA-2007-0735.html Vendor Advisory http://www.redhat.com/support/errata/RHSA-2007-0735.html Third Party Advisory
    Changed Reference Type http://www.securityfocus.com/archive/1/476508/100/0/threaded No Types Assigned http://www.securityfocus.com/archive/1/476508/100/0/threaded Third Party Advisory, VDB Entry
    Changed Reference Type http://www.securityfocus.com/archive/1/476519/30/5400/threaded No Types Assigned http://www.securityfocus.com/archive/1/476519/30/5400/threaded Third Party Advisory, VDB Entry
    Changed Reference Type http://www.securityfocus.com/archive/1/476765/30/5340/threaded No Types Assigned http://www.securityfocus.com/archive/1/476765/30/5340/threaded Third Party Advisory, VDB Entry
    Changed Reference Type http://www.securityfocus.com/bid/25124 No Types Assigned http://www.securityfocus.com/bid/25124 Third Party Advisory, VDB Entry
    Changed Reference Type http://www.securitytracker.com/id?1018473 No Types Assigned http://www.securitytracker.com/id?1018473 Third Party Advisory, VDB Entry
    Changed Reference Type http://www.slackware.org/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.423670 No Types Assigned http://www.slackware.org/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.423670 Third Party Advisory
    Changed Reference Type http://www.ubuntu.com/usn/usn-496-1 No Types Assigned http://www.ubuntu.com/usn/usn-496-1 Third Party Advisory
    Changed Reference Type http://www.ubuntu.com/usn/usn-496-2 No Types Assigned http://www.ubuntu.com/usn/usn-496-2 Third Party Advisory
    Changed Reference Type http://www.vupen.com/english/advisories/2007/2704 No Types Assigned http://www.vupen.com/english/advisories/2007/2704 Permissions Required, Third Party Advisory
    Changed Reference Type http://www.vupen.com/english/advisories/2007/2705 No Types Assigned http://www.vupen.com/english/advisories/2007/2705 Permissions Required, Third Party Advisory
    Changed Reference Type https://issues.foresightlinux.org/browse/FL-471 No Types Assigned https://issues.foresightlinux.org/browse/FL-471 Broken Link
    Changed Reference Type https://issues.rpath.com/browse/RPL-1596 No Types Assigned https://issues.rpath.com/browse/RPL-1596 Broken Link
    Changed Reference Type https://issues.rpath.com/browse/RPL-1604 No Types Assigned https://issues.rpath.com/browse/RPL-1604 Broken Link
    Changed Reference Type https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11149 No Types Assigned https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11149 Third Party Advisory
    Removed CWE NIST CWE-189
    Added CWE NIST CWE-190
    Removed CPE Configuration AND OR cpe:2.3:o:redhat:enterprise_linux:4.0:*:as:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:4.0:*:es:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:4.0:*:ws:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:* OR *cpe:2.3:a:easy_software_products:cups:*:*:*:*:*:*:*:* *cpe:2.3:a:gnome:gpdf:*:*:*:*:*:*:*:* versions up to (including) 2.8.1 *cpe:2.3:a:kde:kdegraphics:*:*:*:*:*:*:*:* *cpe:2.3:a:kde:kpdf:*:*:*:*:*:*:*:* *cpe:2.3:a:pdfedit:pdfedit:*:*:*:*:*:*:*:* *cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:* versions up to (including) 0.5.91 *cpe:2.3:a:xpdf:xpdf:3.02:*:*:*:*:*:*:*
    Added CPE Configuration OR *cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:* versions up to (including) 1.3.11 *cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:* versions up to (excluding) 0.5.91 *cpe:2.3:a:gpdf_project:gpdf:*:*:*:*:*:*:*:* versions up to (excluding) 2.8.2 *cpe:2.3:a:xpdfreader:xpdf:3.02:*:*:*:*:*:*:*
    Added CPE Configuration OR *cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:* *cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
    Added CPE Configuration OR *cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:* *cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:* *cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*
  • CVE Modified by [email protected]

    Oct. 16, 2018

    Action Type Old Value New Value
    Removed Reference http://www.securityfocus.com/archive/1/archive/1/476765/30/5340/threaded [No Types Assigned]
    Removed Reference http://www.securityfocus.com/archive/1/archive/1/476508/100/0/threaded [No Types Assigned]
    Removed Reference http://www.securityfocus.com/archive/1/archive/1/476519/30/5400/threaded [No Types Assigned]
    Added Reference http://www.securityfocus.com/archive/1/476765/30/5340/threaded [No Types Assigned]
    Added Reference http://www.securityfocus.com/archive/1/476519/30/5400/threaded [No Types Assigned]
    Added Reference http://www.securityfocus.com/archive/1/476508/100/0/threaded [No Types Assigned]
  • CVE Modified by [email protected]

    Oct. 11, 2017

    Action Type Old Value New Value
    Removed Reference http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11149 [No Types Assigned]
    Added Reference https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11149 [No Types Assigned]
  • Initial Analysis by [email protected]

    Jul. 31, 2007

    Action Type Old Value New Value
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2007-3387 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2007-3387 weaknesses.

Exploit Prediction

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days.

6.47 }} -0.97%

score

0.93782

percentile

CVSS2 - Vulnerability Scoring System
Access Vector
Access Complexity
Authentication
Confidentiality
Integrity
Availability