The Adobe PDF specification 1.3, as implemented by (a) xpdf 3.0.1 patch 2, (b) kpdf in KDE before 3.5.5, (c) poppler before 0.5.4, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node.
Conclusion & alert: CVE-2007-0104 is rated High Exploit Risk (73/100): CVSS Medium severity, with high exploitation likelihood (EPSS 16.56%, 95th percentile). Core evidence: 1 public exploit reference(s) are indexed (Exploit-DB). Mandatory action: Public exploits are available—assess exposure, apply mitigations, and prioritize patching.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
| EDB-ID | Source | Kind | Published | Link |
|---|---|---|---|---|
| — | nvd_ref | exploit_tag | Exploit-DB ↗ |
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).
| # | Date | Old EPSS score | New EPSS score | Delta (New - Old) |
|---|---|---|---|---|
| 1 | 2026-05-31 | 19.01% | 16.56% | -2.45% |
| 2 | 2025-09-18 | 17.64% | 19.01% | +1.37% |
| 3 | 2025-08-28 | — | 17.64% | — |
Full EPSS history (16 records total)
CVSS metrics for this CVE.
| Base score | Version | Severity | Vector | Exploitability | Impact | Score source |
|---|---|---|---|---|---|---|
| 6.8 | 2.0 | MEDIUM |
|
8.6 | 6.4 | [email protected] |
| vendor | priority | summary | link |
|---|---|---|---|
alpine
|
— | CVE-2007-0104: no source package rows; 0 state rows across 0 repos (none); fixed 0, open 0. | https://security.alpinelinux.org/vuln/CVE-2007-0104 |
debian
|
unimportant | CVE-2007-0104 unimportant priority: Debian including 2 source packages (poppler, xpdf), 10 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 10. | https://security-tracker.debian.org/tracker/CVE-2007-0104 |
redhat
|
— | — | https://access.redhat.com/security/cve/CVE-2007-0104 |
suse
|
medium | CVE-2007-0104 severity moderate: SUSE including 86 source package names (cups-1.3.9-8.30.1, cups-1.3.9-8.44.1, …), 87 product×package rows across 10 product lines (SUSE Linux Enterprise Module for Legacy 12, SUSE Linux Enterprise Server 11 SP1, … (10 product lines)): Fixed 83, Known Not Affected 4. | https://www.suse.com/security/cve/CVE-2007-0104/ |
ubuntu
|
medium | CVE-2007-0104 medium priority: Ubuntu including 5 source packages (kdegraphics, koffice, poppler, tetex-bin, xpdf), 20 status rows across 4 suites (dapper, edgy, feisty, upstream): released 9, not-affected 6, needs-triage 5. | https://ubuntu.com/security/CVE-2007-0104 |
Not Vulnerable. This flaw is the result of an infinite recursion flaw in xpdf, which cannot result in arbitrary code execution.
| Vendor | Product | Version | Raw CPE |
|---|---|---|---|
| xpdf | xpdf | 3.0 | cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:* |
| xpdf | xpdf | 3.0.1 | cpe:2.3:a:xpdf:xpdf:3.0.1:*:*:*:*:*:*:* |
| xpdf | xpdf | 3.0.1_pl1 | cpe:2.3:a:xpdf:xpdf:3.0.1_pl1:*:*:*:*:*:*:* |
| xpdf | xpdf | 3.0.1_pl2 | cpe:2.3:a:xpdf:xpdf:3.0.1_pl2:*:*:*:*:*:*:* |
| xpdf | xpdf | 3.0_pl2 | cpe:2.3:a:xpdf:xpdf:3.0_pl2:*:*:*:*:*:*:* |
| kde | kde | 3.2 | cpe:2.3:o:kde:kde:3.2:*:*:*:*:*:*:* |
| kde | kde | 3.2.1 | cpe:2.3:o:kde:kde:3.2.1:*:*:*:*:*:*:* |
| kde | kde | 3.2.2 | cpe:2.3:o:kde:kde:3.2.2:*:*:*:*:*:*:* |
| kde | kde | 3.2.3 | cpe:2.3:o:kde:kde:3.2.3:*:*:*:*:*:*:* |
| kde | kde | 3.3 | cpe:2.3:o:kde:kde:3.3:*:*:*:*:*:*:* |
| kde | kde | 3.3.1 | cpe:2.3:o:kde:kde:3.3.1:*:*:*:*:*:*:* |
| kde | kde | 3.3.2 | cpe:2.3:o:kde:kde:3.3.2:*:*:*:*:*:*:* |
| kde | kde | 3.4 | cpe:2.3:o:kde:kde:3.4:*:*:*:*:*:*:* |
| kde | kde | 3.4.1 | cpe:2.3:o:kde:kde:3.4.1:*:*:*:*:*:*:* |
| kde | kde | 3.4.2 | cpe:2.3:o:kde:kde:3.4.2:*:*:*:*:*:*:* |
| kde | kde | 3.4.3 | cpe:2.3:o:kde:kde:3.4.3:*:*:*:*:*:*:* |
| kde | kde | 3.5 | cpe:2.3:o:kde:kde:3.5:*:*:*:*:*:*:* |