Уязвимость CVE-2010-3702: Информация
Описание
The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, CUPS, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) via unknown vectors that trigger an uninitialized pointer dereference.
Важность: HIGH (7,5)
Ссылки на рекомендации, решения и инструменты
Ссылка | Ресурс |
---|---|
RHSA-2010:0749 |
|
USN-1005-1 |
|
https://bugzilla.redhat.com/show_bug.cgi?id=595245 |
|
http://cgit.freedesktop.org/poppler/poppler/commit/?id=e853106b58d6b4b0467dbd6436c9bb1cfbd372cf |
|
FEDORA-2010-15911 |
|
RHSA-2010:0753 |
|
RHSA-2010:0751 |
|
FEDORA-2010-15857 |
|
RHSA-2010:0752 |
|
43845 |
|
DSA-2119 |
|
ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch |
|
RHSA-2010:0750 |
|
FEDORA-2010-15981 |
|
[oss-security] 20101004 Re: CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils, FireGPG, Wireshark |
|
ADV-2010-2897 |
|
FEDORA-2010-16744 |
|
FEDORA-2010-16705 |
|
FEDORA-2010-16662 |
|
42141 |
|
RHSA-2010:0754 |
|
MDVSA-2010:230 |
|
SUSE-SR:2010:022 |
|
42397 |
|
MDVSA-2010:229 |
|
RHSA-2010:0755 |
|
RHSA-2010:0859 |
|
MDVSA-2010:231 |
|
MDVSA-2010:228 |
|
42357 |
|
ADV-2010-3097 |
|
SSA:2010-324-01 |
|
42691 |
|
DSA-2135 |
|
SUSE-SR:2010:023 |
|
SUSE-SR:2010:024 |
|
http://www.openoffice.org/security/cves/CVE-2010-3702_CVE-2010-3704.html |
|
ADV-2011-0230 |
|
43079 |
|
RHSA-2012:1201 |
|
MDVSA-2012:144 |
|