{"id":"DEBIAN-CVE-2007-5393","details":"Heap-based buffer overflow in the CCITTFaxStream::lookChar method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a PDF file that contains a crafted CCITTFaxDecode filter.","modified":"2025-11-19T02:02:50.947960Z","published":"2007-11-08T02:46:00Z","upstream":["CVE-2007-5393"],"references":[{"type":"ADVISORY","url":"https://security-tracker.debian.org/tracker/CVE-2007-5393"}],"affected":[{"package":{"name":"cups","ecosystem":"Debian:11","purl":"pkg:deb/debian/cups?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.1.22-7"}]}],"ecosystem_specific":{"urgency":"not yet assigned"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2007-5393.json"}},{"package":{"name":"cups","ecosystem":"Debian:12","purl":"pkg:deb/debian/cups?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.1.22-7"}]}],"ecosystem_specific":{"urgency":"not yet assigned"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2007-5393.json"}},{"package":{"name":"cups","ecosystem":"Debian:13","purl":"pkg:deb/debian/cups?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.1.22-7"}]}],"ecosystem_specific":{"urgency":"not yet assigned"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2007-5393.json"}},{"package":{"name":"cups","ecosystem":"Debian:14","purl":"pkg:deb/debian/cups?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.1.22-7"}]}],"ecosystem_specific":{"urgency":"not yet assigned"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2007-5393.json"}},{"package":{"name":"libextractor","ecosystem":"Debian:11","purl":"pkg:deb/debian/libextractor?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.5.12-1"}]}],"ecosystem_specific":{"urgency":"not yet assigned"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2007-5393.json"}},{"package":{"name":"libextractor","ecosystem":"Debian:12","purl":"pkg:deb/debian/libextractor?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.5.12-1"}]}],"ecosystem_specific":{"urgency":"not yet assigned"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2007-5393.json"}},{"package":{"name":"libextractor","ecosystem":"Debian:13","purl":"pkg:deb/debian/libextractor?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.5.12-1"}]}],"ecosystem_specific":{"urgency":"not yet assigned"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2007-5393.json"}},{"package":{"name":"libextractor","ecosystem":"Debian:14","purl":"pkg:deb/debian/libextractor?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.5.12-1"}]}],"ecosystem_specific":{"urgency":"not yet assigned"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2007-5393.json"}},{"package":{"name":"poppler","ecosystem":"Debian:11","purl":"pkg:deb/debian/poppler?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.6.2-1"}]}],"ecosystem_specific":{"urgency":"medium"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2007-5393.json"}},{"package":{"name":"poppler","ecosystem":"Debian:12","purl":"pkg:deb/debian/poppler?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.6.2-1"}]}],"ecosystem_specific":{"urgency":"medium"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2007-5393.json"}},{"package":{"name":"poppler","ecosystem":"Debian:13","purl":"pkg:deb/debian/poppler?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.6.2-1"}]}],"ecosystem_specific":{"urgency":"medium"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2007-5393.json"}},{"package":{"name":"poppler","ecosystem":"Debian:14","purl":"pkg:deb/debian/poppler?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.6.2-1"}]}],"ecosystem_specific":{"urgency":"medium"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2007-5393.json"}},{"package":{"name":"xpdf","ecosystem":"Debian:11","purl":"pkg:deb/debian/xpdf?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.02-1.3"}]}],"ecosystem_specific":{"urgency":"medium"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2007-5393.json"}},{"package":{"name":"xpdf","ecosystem":"Debian:12","purl":"pkg:deb/debian/xpdf?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.02-1.3"}]}],"ecosystem_specific":{"urgency":"medium"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2007-5393.json"}},{"package":{"name":"xpdf","ecosystem":"Debian:13","purl":"pkg:deb/debian/xpdf?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.02-1.3"}]}],"ecosystem_specific":{"urgency":"medium"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2007-5393.json"}},{"package":{"name":"xpdf","ecosystem":"Debian:14","purl":"pkg:deb/debian/xpdf?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.02-1.3"}]}],"ecosystem_specific":{"urgency":"medium"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2007-5393.json"}}],"schema_version":"1.7.3"}