virus logo Intrusion Prevention

PDF.Document.Catalog.Handling.Memory.Corruption

description-logoDescription

This indicates an attempt to exploit a vulnerability in the Adobe PDF implementation used in Adobe Acrobat Reader, Apple Mac OS X Preview, Apple CoreGraphics and Xpdf.
An attacker can create a PDF document with a specially crafted "catalog dictionary" or "Pages" attribute, which will cause memory corruption. As a result it may be possible to execute arbitrary code or cause a denial of service. To exploit the vulnerability the attacker must persuade the victim to open a malicious PDF file.

affected-products-logoAffected Products

Adobe: Adobe PDF 1.3
Adobe Systems Incorporated: Adobe Acrobat prior to 8.0.0
Apple: Apple CoreGraphics Any version
Apple: Mac OS X Preview 3.0.8
Apple Computer, Inc.: Mac OS X 10.4 - 10.4.8
Apple Computer, Inc.: Mac OS X Server 10.4 - 10.4.8
Canonical Ltd.: Ubuntu 5.10
Canonical Ltd.: Ubuntu 6.06 LTS
Canonical Ltd.: Ubuntu 6.10
Data General: DG/UX Any version
Glyph & Cog: Xpdf 3.01p2 and prior
Hewlett-Packard Company: HP-UX Any version
Hewlett-Packard Company: Tru64 UNIX Any version
IBM: AIX Any version
IBM: OS/2 Any version
Kristian Hogsberg: Poppler 0.5.4 and prior
Linux: Linux Any version
MandrakeSoft, Inc.: Mandrake Linux Corporate Server 3.0
MandrakeSoft, Inc.: Mandrake Linux Corporate Server 3.0/X86_64
MandrakeSoft, Inc.: Mandrake Linux Corporate Server 4.0
MandrakeSoft, Inc.: Mandrake Linux Corporate Server 4.0/X86_64
Mandriva Linux: Mandriva Linux 2006
Mandriva Linux: Mandriva Linux 2006/X86_64
Mandriva Linux: Mandriva Linux 2007
Mandriva Linux: Mandriva Linux 2007/X86_64
Microsoft Corporation: Windows 95
Microsoft Corporation: Windows 98
Microsoft Corporation: Windows 98 Second Edition
Microsoft Corporation: Windows Me
Microsoft Corporation: Windows XP
Microsoft Corporation: Windows 2000 Any version
Microsoft Corporation: Windows 2003 Any version
Microsoft Corporation: Windows NT 4.0
Santa Cruz Operation, Inc.: SCO Unix Any version
SGI: IRIX Any version
Sun Microsystems, Inc.: Solaris Any version
Wind River Systems, Inc.: BSD Any version

Impact logoImpact

System compromise: remote code execution.
Denial of service.

recomended-action-logoRecommended Actions

Please refer to corresponding vendors for the latest update.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)
ID 14391
Created Mar 23, 2007
Updated May 04, 2022
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
CVE ID CVE-2007-0104 CVE-2007-0103
Exploit Prediction Score 7.84%
Default Action drop
Active
Affected OS All
Affected App Other