View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2007-0104 severity moderate: SUSE including 86 source package names (cups-1.3.9-8.30.1, cups-1.3.9-8.44.1, …), 87 product×package rows across 10 product lines (SUSE Linux Enterprise Module for Legacy 12, SUSE Linux Enterprise Server 11 SP1, … (10 product lines)): Fixed 83, Known Not Affected 4.
The Adobe PDF specification 1.3, as implemented by (a) xpdf 3.0.1 patch 2, (b) kpdf in KDE before 3.5.5, (c) poppler before 0.5.4, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node.