Back to search
CVE-2010-3704
Published: Nov 5, 2010
Modified: Aug 7, 2024
PUBLISHED
Description
The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with a crafted PostScript Type1 font that contains a negative array index, which bypasses input validation and triggers memory corruption.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
FEDORA-2010-16662
vendor-advisory
x_refsource_FEDORA
[oss-security] 20101004 Re: CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils, FireGPG, Wireshark
mailing-list
x_refsource_MLIST
FEDORA-2010-15857
vendor-advisory
x_refsource_FEDORA
RHSA-2010:0859
vendor-advisory
x_refsource_REDHAT
42357
third-party-advisory
x_refsource_SECUNIA
MDVSA-2010:228
vendor-advisory
x_refsource_MANDRIVA
ADV-2011-0230
vdb-entry
x_refsource_VUPEN
RHSA-2010:0752
vendor-advisory
x_refsource_REDHAT
http://www.openoffice.org/security/cves/CVE-2010-3702_CVE-2010-3704.html
x_refsource_CONFIRM
https://bugzilla.redhat.com/show_bug.cgi?id=638960
x_refsource_CONFIRM
MDVSA-2010:230
vendor-advisory
x_refsource_MANDRIVA
SUSE-SR:2010:022
vendor-advisory
x_refsource_SUSE
RHSA-2012:1201
vendor-advisory
x_refsource_REDHAT
MDVSA-2010:231
vendor-advisory
x_refsource_MANDRIVA
FEDORA-2010-16705
vendor-advisory
x_refsource_FEDORA
SSA:2010-324-01
vendor-advisory
x_refsource_SLACKWARE
RHSA-2010:0751
vendor-advisory
x_refsource_REDHAT
42397
third-party-advisory
x_refsource_SECUNIA
42141
third-party-advisory
x_refsource_SECUNIA
FEDORA-2010-15911
vendor-advisory
x_refsource_FEDORA
MDVSA-2012:144
vendor-advisory
x_refsource_MANDRIVA
ADV-2010-3097
vdb-entry
x_refsource_VUPEN
USN-1005-1
vendor-advisory
x_refsource_UBUNTU
RHSA-2010:0749
vendor-advisory
x_refsource_REDHAT
FEDORA-2010-15981
vendor-advisory
x_refsource_FEDORA
FEDORA-2010-16744
vendor-advisory
x_refsource_FEDORA
ADV-2010-2897
vdb-entry
x_refsource_VUPEN
42691
third-party-advisory
x_refsource_SECUNIA
DSA-2119
vendor-advisory
x_refsource_DEBIAN
SUSE-SR:2010:024
vendor-advisory
x_refsource_SUSE
MDVSA-2010:229
vendor-advisory
x_refsource_MANDRIVA
43841
vdb-entry
x_refsource_BID
DSA-2135
vendor-advisory
x_refsource_DEBIAN
RHSA-2010:0753
vendor-advisory
x_refsource_REDHAT
43079
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now