{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Gnome gpdf ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"KDE, au moins les versions 3.2.0 \u00e0 3.5.8;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"Xpdf version 3.02.","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"CUPS ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"Poppler ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"KOffice 1.x ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s dans le script Stream.cc de Xpdf permettent\n\u00e0 un individu malveillant l'ex\u00e9cution de code arbitraire en local via un\nfichier pdf sp\u00e9cialement con\u00e7u.\n\nCes vuln\u00e9rabilit\u00e9s affectent les produits utilisant la m\u00eame souche\nlogicielle.\n\n## Solution\n\nSe r\u00e9f\u00e9rer aux sites des \u00e9diteurs pour l'obtention des correctifs (cf.\nsection Documentation).\n","cves":[{"name":"CVE-2007-5392","url":"https://www.cve.org/CVERecord?id=CVE-2007-5392"},{"name":"CVE-2007-4352","url":"https://www.cve.org/CVERecord?id=CVE-2007-4352"},{"name":"CVE-2007-5393","url":"https://www.cve.org/CVERecord?id=CVE-2007-5393"}],"links":[{"title":"Bulletin KDE du 07 novembre 2007 :","url":"http://www.kde.org/info/security/advisory-20071107-1.txt"},{"title":"Bulletin de s\u00e9curit\u00e9 Redhat 1021-3 du 07 novembre 2007 :","url":"http://rhn.redhat.com/errata/RHSA-2007-1021.html"},{"title":"Rustine Xpdf :","url":"ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl2.patch"},{"title":"Bulletin de s\u00e9curit\u00e9 Redhat 1026-3 du 07 novembre 2007 :","url":"http://rhn.redhat.com/errata/RHSA-2007-1026.html"},{"title":"Bulletin de s\u00e9curit\u00e9 Redhat 1022-2 du 07 novembre 2007 :","url":"http://rhn.redhat.com/errata/RHSA-2007-1022.html"},{"title":"Bulletin de s\u00e9curit\u00e9 Secunia num\u00e9ro 27260 du 07 novembre    2007 :","url":"http://secunia.com/advisories/27260/"},{"title":"Bulletin de s\u00e9curit\u00e9 Redhat 1025-5 du 07 novembre 2007 :","url":"http://rhn.redhat.com/errata/RHSA-2007-1025.html"}],"reference":"CERTA-2007-AVI-484","revisions":[{"description":"version initiale.","revision_date":"2007-11-08T00:00:00.000000"},{"description":"ajouts des produits associ\u00e9s.","revision_date":"2007-11-09T00:00:00.000000"}],"risks":[{"description":"Ex\u00e9cution de code arbitraire"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s dans Xpdf permettent \u00e0 un individu\nmalveillant l'ex\u00e9cution de code arbitraire en local.\n\nCes vuln\u00e9rabilit\u00e9s affectent les produits utilisant la m\u00eame souche\nlogicielle.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans gpdf et produits deriv\u00e9s","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Secunia 27260 du 07 novembre 2007","url":null}]}