CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
Percentile
93.9%
The Adobe PDF specification 1.3, as implemented by (a) xpdf 3.0.1 patch 2,
(b) kpdf in KDE before 3.5.5, Β© poppler before 0.5.4, and other products,
allows remote attackers to have an unknown impact, possibly including
denial of service (infinite loop), arbitrary code execution, or memory
corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a
crafted Pages attribute that references an invalid page tree node.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 6.06 | noarch | koffice | <Β 1.5.0-0ubuntu9.2 | UNKNOWN |
ubuntu | 6.10 | noarch | koffice | <Β 1.5.2-0ubuntu2.2 | UNKNOWN |
ubuntu | 7.04 | noarch | koffice | <Β 1.6.2-0ubuntu1.1 | UNKNOWN |
ubuntu | 6.06 | noarch | poppler | <Β 0.5.1-0ubuntu7.2 | UNKNOWN |
ubuntu | 6.10 | noarch | poppler | <Β 0.5.4-0ubuntu4.2 | UNKNOWN |
ubuntu | 7.04 | noarch | poppler | <Β 0.5.4-0ubuntu8.1 | UNKNOWN |
ubuntu | 6.06 | noarch | xpdf | <Β 3.01-7ubuntu0.1 | UNKNOWN |
ubuntu | 6.10 | noarch | xpdf | <Β 3.01-9ubuntu1.1 | UNKNOWN |
ubuntu | 7.04 | noarch | xpdf | <Β 3.01-9ubuntu3 | UNKNOWN |