Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2010-3704

Опубликовано: 05 нояб. 2010
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 6.8

Описание

The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with a crafted PostScript Type1 font that contains a negative array index, which bypasses input validation and triggers memory corruption.

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

dapper

ignored

end of life
devel

DNE

disco

DNE

eoan

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

Показывать по

РелизСтатусПримечание
artful

ignored

end of life
bionic

ignored

end of standard support, was needs-triage
cosmic

ignored

end of life
dapper

ignored

end of life
devel

needs-triage

disco

ignored

end of life
eoan

ignored

end of life
esm-apps/bionic

needs-triage

esm-apps/focal

needs-triage

esm-apps/jammy

needs-triage

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

dapper

not-affected

linked to poppler
devel

DNE

disco

DNE

eoan

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

dapper

ignored

end of life
devel

DNE

disco

DNE

eoan

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

Показывать по

РелизСтатусПримечание
artful

ignored

end of life
bionic

not-affected

does not use xpdf anymore
cosmic

ignored

end of life
dapper

ignored

end of life
devel

not-affected

does not use xpdf anymore
disco

ignored

end of life
eoan

ignored

end of life
esm-apps/bionic

not-affected

does not use xpdf anymore
esm-apps/focal

not-affected

does not use xpdf anymore
esm-apps/jammy

not-affected

does not use xpdf anymore

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

dapper

ignored

end of life
devel

DNE

disco

DNE

eoan

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

dapper

ignored

end of life
devel

DNE

disco

DNE

eoan

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

Показывать по

РелизСтатусПримечание
artful

not-affected

0.16.0-0ubuntu2
bionic

not-affected

0.16.0-0ubuntu2
cosmic

not-affected

0.16.0-0ubuntu2
dapper

released

0.5.1-0ubuntu7.8
devel

not-affected

0.16.0-0ubuntu2
disco

not-affected

0.16.0-0ubuntu2
eoan

not-affected

0.16.0-0ubuntu2
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was not-affected [0.16.0-0ubuntu2]]
esm-infra/bionic

not-affected

0.16.0-0ubuntu2
esm-infra/focal

not-affected

0.16.0-0ubuntu2

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

dapper

not-affected

linked to poppler
devel

DNE

disco

DNE

eoan

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

Показывать по

РелизСтатусПримечание
artful

not-affected

linked to poppler
bionic

not-affected

linked to poppler
cosmic

not-affected

linked to poppler
dapper

DNE

devel

not-affected

linked to poppler
disco

not-affected

linked to poppler
eoan

not-affected

linked to poppler
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was not-affected [linked to poppler]]
esm-infra/bionic

not-affected

linked to poppler
esm-infra/focal

not-affected

linked to poppler

Показывать по

РелизСтатусПримечание
artful

not-affected

3.02-12ubuntu1
bionic

not-affected

3.02-12ubuntu1
cosmic

not-affected

3.02-12ubuntu1
dapper

ignored

end of life
devel

not-affected

disco

not-affected

3.02-12ubuntu1
eoan

not-affected

3.02-12ubuntu1
esm-apps/bionic

not-affected

3.02-12ubuntu1
esm-apps/jammy

not-affected

esm-apps/noble

not-affected

Показывать по

Ссылки на источники

EPSS

Процентиль: 86%
0.03021
Низкий

6.8 Medium

CVSS2

Связанные уязвимости

redhat логотип

CVE-2010-3704

redhat
больше 14 лет назад

The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with a crafted PostScript Type1 font that contains a negative array index, which bypasses input validation and triggers memory corruption.

nvd логотип

CVE-2010-3704

nvd
больше 14 лет назад

The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with a crafted PostScript Type1 font that contains a negative array index, which bypasses input validation and triggers memory corruption.

debian логотип

CVE-2010-3704

debian
больше 14 лет назад

The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser i ...

github логотип

GHSA-fwg7-7mhm-4945

github
около 3 лет назад

The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with a crafted PostScript Type1 font that contains a negative array index, which bypasses input validation and triggers memory corruption.

oracle-oval логотип

ELSA-2010-0749

oracle-oval
больше 14 лет назад

ELSA-2010-0749: poppler security update (IMPORTANT)

EPSS

Процентиль: 86%
0.03021
Низкий

6.8 Medium

CVSS2

Уязвимость CVE-2010-3704