Уязвимость CVE-2010-3702: Информация
Описание
The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, CUPS, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) via unknown vectors that trigger an uninitialized pointer dereference.
Важность: HIGH (7,5)
Ссылки на рекомендации, решения и инструменты
Ссылка | Ресурс |
|---|---|
| RHSA-2010:0749 |
|
| USN-1005-1 |
|
| https://bugzilla.redhat.com/show_bug.cgi?id=595245 |
|
| http://cgit.freedesktop.org/poppler/poppler/commit/?id=e853106b58d6b4b0467dbd6436c9bb1cfbd372cf |
|
| FEDORA-2010-15911 |
|
| RHSA-2010:0753 |
|
| RHSA-2010:0751 |
|
| FEDORA-2010-15857 |
|
| RHSA-2010:0752 |
|
| 43845 |
|
| DSA-2119 |
|
| ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch |
|
| RHSA-2010:0750 |
|
| FEDORA-2010-15981 |
|
| [oss-security] 20101004 Re: CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils, FireGPG, Wireshark |
|
| ADV-2010-2897 |
|
| FEDORA-2010-16744 |
|
| FEDORA-2010-16705 |
|
| FEDORA-2010-16662 |
|
| 42141 |
|
| RHSA-2010:0754 |
|
| MDVSA-2010:230 |
|
| SUSE-SR:2010:022 |
|
| 42397 |
|
| MDVSA-2010:229 |
|
| RHSA-2010:0755 |
|
| RHSA-2010:0859 |
|
| MDVSA-2010:231 |
|
| MDVSA-2010:228 |
|
| 42357 |
|
| ADV-2010-3097 |
|
| SSA:2010-324-01 |
|
| 42691 |
|
| DSA-2135 |
|
| SUSE-SR:2010:023 |
|
| SUSE-SR:2010:024 |
|
| http://www.openoffice.org/security/cves/CVE-2010-3702_CVE-2010-3704.html |
|
| ADV-2011-0230 |
|
| 43079 |
|
| RHSA-2012:1201 |
|
| MDVSA-2012:144 |
|