Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2010-3704

The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with a crafted PostScript Type1 font that contains a negative array index, which bypasses input validation and triggers memory corruption.

Published

2010-11-05T18:00:25.983

Last Modified

2025-04-11T00:51:21.963

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 6.8 (MEDIUM)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: PARTIAL
Availability Impact: PARTIAL

Exploitability Score

8.6

Impact Score

6.4

Weaknesses

Type: Primary
CWE-20

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	poppler	poppler	0.8.7	Yes
Application	poppler	poppler	0.9.0	Yes
Application	poppler	poppler	0.9.1	Yes
Application	poppler	poppler	0.9.2	Yes
Application	poppler	poppler	0.9.3	Yes
Application	poppler	poppler	0.10.0	Yes
Application	poppler	poppler	0.10.1	Yes
Application	poppler	poppler	0.10.2	Yes
Application	poppler	poppler	0.10.3	Yes
Application	poppler	poppler	0.10.4	Yes
Application	poppler	poppler	0.10.5	Yes
Application	poppler	poppler	0.10.6	Yes
Application	poppler	poppler	0.10.7	Yes
Application	poppler	poppler	0.11.0	Yes
Application	poppler	poppler	0.11.1	Yes
Application	poppler	poppler	0.11.2	Yes
Application	poppler	poppler	0.11.3	Yes
Application	poppler	poppler	0.12.0	Yes
Application	poppler	poppler	0.12.1	Yes
Application	poppler	poppler	0.12.2	Yes
Application	poppler	poppler	0.12.3	Yes
Application	poppler	poppler	0.12.4	Yes
Application	poppler	poppler	0.13.0	Yes
Application	poppler	poppler	0.13.1	Yes
Application	poppler	poppler	0.13.2	Yes
Application	poppler	poppler	0.13.3	Yes
Application	poppler	poppler	0.13.4	Yes
Application	poppler	poppler	0.14.0	Yes
Application	poppler	poppler	0.14.1	Yes
Application	poppler	poppler	0.14.2	Yes
Application	poppler	poppler	0.14.3	Yes
Application	poppler	poppler	0.14.4	Yes
Application	poppler	poppler	0.14.5	Yes
Application	poppler	poppler	0.15.0	Yes
Application	poppler	poppler	0.15.1	Yes
Application	foolabs	xpdf	0.5a	Yes
Application	foolabs	xpdf	0.7a	Yes
Application	foolabs	xpdf	0.91a	Yes
Application	foolabs	xpdf	0.91b	Yes
Application	foolabs	xpdf	0.91c	Yes
Application	foolabs	xpdf	0.92a	Yes
Application	foolabs	xpdf	0.92b	Yes
Application	foolabs	xpdf	0.92c	Yes
Application	foolabs	xpdf	0.92d	Yes
Application	foolabs	xpdf	0.92e	Yes
Application	foolabs	xpdf	0.93a	Yes
Application	foolabs	xpdf	0.93b	Yes
Application	foolabs	xpdf	0.93c	Yes
Application	foolabs	xpdf	1.00a	Yes
Application	foolabs	xpdf	3.0.1	Yes
Application	foolabs	xpdf	3.02pl1	Yes
Application	foolabs	xpdf	3.02pl2	Yes
Application	foolabs	xpdf	3.02pl3	Yes
Application	glyphandcog	xpdfreader	≤ 3.02	Yes
Application	glyphandcog	xpdfreader	0.2	Yes
Application	glyphandcog	xpdfreader	0.3	Yes
Application	glyphandcog	xpdfreader	0.4	Yes
Application	glyphandcog	xpdfreader	0.5	Yes
Application	glyphandcog	xpdfreader	0.6	Yes
Application	glyphandcog	xpdfreader	0.7	Yes
Application	glyphandcog	xpdfreader	0.80	Yes
Application	glyphandcog	xpdfreader	0.90	Yes
Application	glyphandcog	xpdfreader	0.91	Yes
Application	glyphandcog	xpdfreader	0.92	Yes
Application	glyphandcog	xpdfreader	0.93	Yes
Application	glyphandcog	xpdfreader	1.00	Yes
Application	glyphandcog	xpdfreader	1.01	Yes
Application	glyphandcog	xpdfreader	2.00	Yes
Application	glyphandcog	xpdfreader	2.01	Yes
Application	glyphandcog	xpdfreader	2.02	Yes
Application	glyphandcog	xpdfreader	2.03	Yes
Application	glyphandcog	xpdfreader	3.00	Yes
Application	glyphandcog	xpdfreader	3.01	Yes
Application	glyphandcog	xpdfreader	3.02	Yes
Application	kde	kdegraphics	*	Yes

References

ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch Patch ([email protected])
http://cgit.freedesktop.org/poppler/poppler/commit/?id=39d140bfc0b8239bdd96d6a55842034ae5c05473 Patch ([email protected])
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050268.html ([email protected])
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050285.html ([email protected])
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050390.html ([email protected])
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html ([email protected])
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html ([email protected])
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html ([email protected])
http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html ([email protected])
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html ([email protected])
http://rhn.redhat.com/errata/RHSA-2012-1201.html ([email protected])
http://secunia.com/advisories/42141 ([email protected])
http://secunia.com/advisories/42357 ([email protected])
http://secunia.com/advisories/42397 ([email protected])
http://secunia.com/advisories/42691 ([email protected])
http://secunia.com/advisories/43079 ([email protected])
http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.571720 ([email protected])
http://www.debian.org/security/2010/dsa-2119 ([email protected])
http://www.debian.org/security/2010/dsa-2135 ([email protected])
http://www.mandriva.com/security/advisories?name=MDVSA-2010:228 ([email protected])
http://www.mandriva.com/security/advisories?name=MDVSA-2010:229 ([email protected])
http://www.mandriva.com/security/advisories?name=MDVSA-2010:230 ([email protected])
http://www.mandriva.com/security/advisories?name=MDVSA-2010:231 ([email protected])
http://www.mandriva.com/security/advisories?name=MDVSA-2012:144 ([email protected])
http://www.openoffice.org/security/cves/CVE-2010-3702_CVE-2010-3704.html ([email protected])
http://www.openwall.com/lists/oss-security/2010/10/04/6 ([email protected])
http://www.redhat.com/support/errata/RHSA-2010-0749.html ([email protected])
http://www.redhat.com/support/errata/RHSA-2010-0751.html ([email protected])
http://www.redhat.com/support/errata/RHSA-2010-0752.html ([email protected])
http://www.redhat.com/support/errata/RHSA-2010-0753.html ([email protected])
http://www.redhat.com/support/errata/RHSA-2010-0859.html ([email protected])
http://www.securityfocus.com/bid/43841 ([email protected])
http://www.ubuntu.com/usn/USN-1005-1 ([email protected])
http://www.vupen.com/english/advisories/2010/2897 ([email protected])
http://www.vupen.com/english/advisories/2010/3097 ([email protected])
http://www.vupen.com/english/advisories/2011/0230 ([email protected])
https://bugzilla.redhat.com/show_bug.cgi?id=638960 ([email protected])
ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch Patch (af854a3a-2127-422b-91ae-364da2661108)
http://cgit.freedesktop.org/poppler/poppler/commit/?id=39d140bfc0b8239bdd96d6a55842034ae5c05473 Patch (af854a3a-2127-422b-91ae-364da2661108)
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050268.html (af854a3a-2127-422b-91ae-364da2661108)
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050285.html (af854a3a-2127-422b-91ae-364da2661108)
http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050390.html (af854a3a-2127-422b-91ae-364da2661108)
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html (af854a3a-2127-422b-91ae-364da2661108)
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html (af854a3a-2127-422b-91ae-364da2661108)
http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html (af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html (af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html (af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2012-1201.html (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/42141 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/42357 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/42397 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/42691 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/43079 (af854a3a-2127-422b-91ae-364da2661108)
http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.571720 (af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2010/dsa-2119 (af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2010/dsa-2135 (af854a3a-2127-422b-91ae-364da2661108)
http://www.mandriva.com/security/advisories?name=MDVSA-2010:228 (af854a3a-2127-422b-91ae-364da2661108)
http://www.mandriva.com/security/advisories?name=MDVSA-2010:229 (af854a3a-2127-422b-91ae-364da2661108)
http://www.mandriva.com/security/advisories?name=MDVSA-2010:230 (af854a3a-2127-422b-91ae-364da2661108)
http://www.mandriva.com/security/advisories?name=MDVSA-2010:231 (af854a3a-2127-422b-91ae-364da2661108)
http://www.mandriva.com/security/advisories?name=MDVSA-2012:144 (af854a3a-2127-422b-91ae-364da2661108)
http://www.openoffice.org/security/cves/CVE-2010-3702_CVE-2010-3704.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2010/10/04/6 (af854a3a-2127-422b-91ae-364da2661108)
http://www.redhat.com/support/errata/RHSA-2010-0749.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.redhat.com/support/errata/RHSA-2010-0751.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.redhat.com/support/errata/RHSA-2010-0752.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.redhat.com/support/errata/RHSA-2010-0753.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.redhat.com/support/errata/RHSA-2010-0859.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/43841 (af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/USN-1005-1 (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2010/2897 (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2010/3097 (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2011/0230 (af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=638960 (af854a3a-2127-422b-91ae-364da2661108)