Skip to content
Saturday, December 6, 2025
Medium Published: Jan 09, 2007 Modified: Apr 09, 2025

CVE-2007-0104

6.8 CVSS SCORE
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Share:

Description

The Adobe PDF specification 1.3, as implemented by (a) xpdf 3.0.1 patch 2, (b) kpdf in KDE before 3.5.5, (c) poppler before 0.5.4, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node.

CVSS Vector Details

Attack Vector Network
Attack Complexity M
Confidentiality P
Integrity P
Availability P

Affected Software Configurations

  • a xpdf xpdf 3.0 * * * * * * *
  • a xpdf xpdf 3.0.1 * * * * * * *
  • a xpdf xpdf 3.0.1_pl1 * * * * * * *
  • a xpdf xpdf 3.0.1_pl2 * * * * * * *
  • a xpdf xpdf 3.0_pl2 * * * * * * *
  • o kde kde 3.2 * * * * * * *
  • o kde kde 3.2.1 * * * * * * *
  • o kde kde 3.2.2 * * * * * * *
  • o kde kde 3.2.3 * * * * * * *
  • o kde kde 3.3 * * * * * * *

Weaknesses (CWE)

  • CWE-20

References & External Links

External Resources

NVD Official Record Exploit-DB Search Exploits CVE Details Statistics GitHub PoC / Tools X / Twitter Discussions Google Search More
← Back to CVE Tracker