CVE-2010-3704

NONE EPSS 88.0%
Published Nov 5, 201015y ago · Modified Jun 16, 20262w ago
Find Similar
Published Nov 5, 2010 15y ago
Last Modified Jun 16, 2026 2w ago

Description

The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with a crafted PostScript Type1 font that contains a negative array index, which bypasses input validation and triggers memory corruption.

Threat Intelligence

EPSS Exploit Probability
88.0% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-20 Improper Input Validation Validation

Affected Products 75

VendorProductVersionRange
popplerpoppler0.8.7any
popplerpoppler0.9.0any
popplerpoppler0.9.1any
popplerpoppler0.9.2any
popplerpoppler0.9.3any
popplerpoppler0.10.0any
popplerpoppler0.10.1any
popplerpoppler0.10.2any
popplerpoppler0.10.3any
popplerpoppler0.10.4any
popplerpoppler0.10.5any
popplerpoppler0.10.6any
popplerpoppler0.10.7any
popplerpoppler0.11.0any
popplerpoppler0.11.1any
popplerpoppler0.11.2any
popplerpoppler0.11.3any
popplerpoppler0.12.0any
popplerpoppler0.12.1any
popplerpoppler0.12.2any
popplerpoppler0.12.3any
popplerpoppler0.12.4any
popplerpoppler0.13.0any
popplerpoppler0.13.1any
popplerpoppler0.13.2any
popplerpoppler0.13.3any
popplerpoppler0.13.4any
popplerpoppler0.14.0any
popplerpoppler0.14.1any
popplerpoppler0.14.2any
popplerpoppler0.14.3any
popplerpoppler0.14.4any
popplerpoppler0.14.5any
popplerpoppler0.15.0any
popplerpoppler0.15.1any
foolabsxpdf0.5aany
foolabsxpdf0.7aany
foolabsxpdf0.91aany
foolabsxpdf0.91bany
foolabsxpdf0.91cany
foolabsxpdf0.92aany
foolabsxpdf0.92bany
foolabsxpdf0.92cany
foolabsxpdf0.92dany
foolabsxpdf0.92eany
foolabsxpdf0.93aany
foolabsxpdf0.93bany
foolabsxpdf0.93cany
foolabsxpdf1.00aany
foolabsxpdf3.0.1any
foolabsxpdf3.02pl1any
foolabsxpdf3.02pl2any
foolabsxpdf3.02pl3any
glyphandcogxpdfreader* ≤3.02
glyphandcogxpdfreader0.2any
glyphandcogxpdfreader0.3any
glyphandcogxpdfreader0.4any
glyphandcogxpdfreader0.5any
glyphandcogxpdfreader0.6any
glyphandcogxpdfreader0.7any
glyphandcogxpdfreader0.80any
glyphandcogxpdfreader0.90any
glyphandcogxpdfreader0.91any
glyphandcogxpdfreader0.92any
glyphandcogxpdfreader0.93any
glyphandcogxpdfreader1.00any
glyphandcogxpdfreader1.01any
glyphandcogxpdfreader2.00any
glyphandcogxpdfreader2.01any
glyphandcogxpdfreader2.02any
glyphandcogxpdfreader2.03any
glyphandcogxpdfreader3.00any
glyphandcogxpdfreader3.01any
glyphandcogxpdfreader3.02any
kdekdegraphics*any

References 37

  • ftp.foolabs.com ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch
    Patch
  • cgit.freedesktop.org http://cgit.freedesktop.org/poppler/poppler/commit/?id=39d140bfc0b8239bdd96d6a55842034ae5c05473
    Patch
  • lists.fedoraproject.org http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050268.html
  • lists.fedoraproject.org http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050285.html
  • lists.fedoraproject.org http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050390.html
  • lists.fedoraproject.org http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html
  • lists.fedoraproject.org http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html
  • lists.fedoraproject.org http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html
  • lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html
  • lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html
  • rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2012-1201.html
  • secunia.com http://secunia.com/advisories/42141
  • secunia.com http://secunia.com/advisories/42357
  • secunia.com http://secunia.com/advisories/42397
  • secunia.com http://secunia.com/advisories/42691
  • secunia.com http://secunia.com/advisories/43079
  • slackware.com http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.571720
  • debian.org http://www.debian.org/security/2010/dsa-2119
  • debian.org http://www.debian.org/security/2010/dsa-2135
  • mandriva.com http://www.mandriva.com/security/advisories?name=MDVSA-2010:228
  • mandriva.com http://www.mandriva.com/security/advisories?name=MDVSA-2010:229
  • mandriva.com http://www.mandriva.com/security/advisories?name=MDVSA-2010:230
  • mandriva.com http://www.mandriva.com/security/advisories?name=MDVSA-2010:231
  • mandriva.com http://www.mandriva.com/security/advisories?name=MDVSA-2012:144
  • openoffice.org http://www.openoffice.org/security/cves/CVE-2010-3702_CVE-2010-3704.html
  • openwall.com http://www.openwall.com/lists/oss-security/2010/10/04/6
  • redhat.com http://www.redhat.com/support/errata/RHSA-2010-0749.html
  • redhat.com http://www.redhat.com/support/errata/RHSA-2010-0751.html
  • redhat.com http://www.redhat.com/support/errata/RHSA-2010-0752.html
  • redhat.com http://www.redhat.com/support/errata/RHSA-2010-0753.html
  • redhat.com http://www.redhat.com/support/errata/RHSA-2010-0859.html
  • securityfocus.com http://www.securityfocus.com/bid/43841
  • ubuntu.com http://www.ubuntu.com/usn/USN-1005-1
  • vupen.com http://www.vupen.com/english/advisories/2010/2897
  • vupen.com http://www.vupen.com/english/advisories/2010/3097
  • vupen.com http://www.vupen.com/english/advisories/2011/0230
  • bugzilla.redhat.com https://bugzilla.redhat.com/show_bug.cgi?id=638960

Remediation

  • ftp.foolabs.com ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch
    Patch
  • cgit.freedesktop.org http://cgit.freedesktop.org/poppler/poppler/commit/?id=39d140bfc0b8239bdd96d6a55842034ae5c05473
    Patch