LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

gpdf: integer overflow

Package(s):cups poppler xpdf CVE #(s):CVE-2007-3387
Created:July 31, 2007 Updated:November 28, 2007
Description: The gpdf library contains an integer overflow which can be exploited via a malicious PDF file. This code finds its way into multiple packages, including xpdf, kpdf, poppler, cups, and more.
Alerts:
Fedora FEDORA-2007-3390 2007-11-20
Fedora FEDORA-2007-3308 2007-11-20
Gentoo 200710-20 2007-10-18
Gentoo 200710-08 2007-10-09
Gentoo 200709-12 2007-09-19
Fedora FEDORA-2007-685 2007-08-30
Debian-Testing DTSA-54-1 2007-08-22
Fedora FEDORA-2007-669 2007-08-13
Fedora FEDORA-2007-644 2007-08-13
Debian DSA-1357-1 2007-08-19
Mandriva MDKSA-2007:162 2007-08-14
Mandriva MDKSA-2007:165 2007-08-15
Foresight FLEA-2007-0046-1 2007-08-14
Fedora FEDORA-2007-1614 2007-08-15
Mandriva MDKSA-2007:164 2007-08-14
Mandriva MDKSA-2007:163 2007-08-14
Foresight FLEA-2007-0045-1 2007-08-14
Foresight FLEA-2007-0044-1 2007-08-14
Mandriva MDKSA-2007:158 2007-08-13
Mandriva MDKSA-2007:160 2007-08-13
Mandriva MDKSA-2007:161 2007-08-13
Mandriva MDKSA-2007:159 2007-08-13
Fedora FEDORA-2007-1594 2007-08-13
Debian DSA-1355-1 2007-08-13
Slackware SSA:2007-222-05 2007-08-13
Slackware SSA:2007-222-02 2007-08-13
Fedora FEDORA-2007-1547 2007-08-10
Fedora FEDORA-2007-1541 2007-08-10
Debian DSA-1354-1 2007-08-13
rPath rPSA-2007-0154-1 2007-08-10
SuSE SUSE-SR:2007:016 2007-08-10
Ubuntu USN-496-2 2007-08-07
Debian DSA-1352-1 2007-08-07
Debian DSA-1350-1 2007-08-06
Debian DSA-1349-1 2007-08-05
Debian DSA-1348-1 2007-08-04
Debian DSA-1347-1 2007-08-04
SuSE SUSE-SR:2007:015 2007-08-03
Ubuntu USN-496-1 2007-08-03
Red Hat RHSA-2007:0731-01 2007-08-01
Red Hat RHSA-2007:0735-01 2007-07-30
Red Hat RHSA-2007:0732-01 2007-07-30
Red Hat RHSA-2007:0729-01 2007-07-30
Red Hat RHSA-2007:0730-01 2007-07-30
Red Hat RHSA-2007:0720-01 2007-07-30
(Log in to post comments)

cups: integer overflow

Posted Aug 4, 2007 1:09 UTC (Sat) by cortana (subscriber, #24596) [Link]

Yikes. Could someone please remind me why the hell cupsd runs as root?

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds