What is the severity of CVE-2010-3703?

CVE-2010-3703 is classified as a moderate severity vulnerability due to possible crashes or memory corruption.

How do I fix CVE-2010-3703?

To resolve CVE-2010-3703, update Poppler to a version that includes the fix from commit bf2055088a.

Which versions of Poppler are affected by CVE-2010-3703?

CVE-2010-3703 affects multiple Poppler versions, including 0.8.7 to 0.15.1, specifically those mentioned in the vulnerability details.

What type of vulnerability is CVE-2010-3703?

CVE-2010-3703 is a security vulnerability that relates to the possible use of an uninitialized pointer in the Poppler library.

Is there any exploit available for CVE-2010-3703?

There is no publicly known exploit for CVE-2010-3703, but the risk of crashes or memory corruption remains.

Vulnerability/
CVE-2010-3703

medium

4.3

CWE

1/10/2010

5/11/2010

29/9/2019

CVE-2010-3703: Input Validation

First published: Fri Oct 01 2010(Updated: )

poppler git commit bf2055088a corrects a possible use of an uninitialized pointer in PostScriptFunction, which can cause crash or memory corruption. Upstream git commit: <a href="http://cgit.freedesktop.org/poppler/poppler/commit/?id=bf2055088a3a2d3bb3d3c37d464954ec1a25771f">http://cgit.freedesktop.org/poppler/poppler/commit/?id=bf2055088a3a2d3bb3d3c37d464954ec1a25771f</a> This problem does not affect xpdf or other applications embedding xpdf code. It only affects recent poppler versions, not before commit: <a href="http://cgit.freedesktop.org/poppler/poppler/commit/?id=b1d4efb082ac3dadd7752a557e5aeb6651e17471">http://cgit.freedesktop.org/poppler/poppler/commit/?id=b1d4efb082ac3dadd7752a557e5aeb6651e17471</a> Reference: <a href="http://secunia.com/advisories/41596/">http://secunia.com/advisories/41596/</a>

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
Poppler Poppler	=0.13.3
Poppler Poppler	=0.13.1
Poppler Poppler	=0.10.3
Poppler Poppler	=0.9.3
Poppler Poppler	=0.10.1
Poppler Poppler	=0.10.0
Poppler Poppler	=0.10.7
Poppler Poppler	=0.12.2
Poppler Poppler	=0.14.2
Poppler Poppler	=0.13.2
Poppler Poppler	=0.11.3
Poppler Poppler	=0.10.6
Poppler Poppler	=0.12.3
Poppler Poppler	=0.13.4
Poppler Poppler	=0.10.4
Poppler Poppler	=0.9.2
Poppler Poppler	=0.11.2
Poppler Poppler	=0.12.0
Poppler Poppler	=0.14.1
Poppler Poppler	=0.14.4
Poppler Poppler	=0.9.0
Poppler Poppler	=0.15.1
Poppler Poppler	=0.14.5
Poppler Poppler	=0.8.7
Poppler Poppler	=0.9.1
Poppler Poppler	=0.12.1
Poppler Poppler	=0.11.0
Poppler Poppler	=0.13.0
Poppler Poppler	=0.14.3
Poppler Poppler	=0.10.2
Poppler Poppler	=0.14.0
Poppler Poppler	=0.15.0
Poppler Poppler	=0.11.1
Poppler Poppler	=0.10.5
Poppler Poppler	=0.12.4

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2010-3703?
CVE-2010-3703 is classified as a moderate severity vulnerability due to possible crashes or memory corruption.
How do I fix CVE-2010-3703?
To resolve CVE-2010-3703, update Poppler to a version that includes the fix from commit bf2055088a.
Which versions of Poppler are affected by CVE-2010-3703?
CVE-2010-3703 affects multiple Poppler versions, including 0.8.7 to 0.15.1, specifically those mentioned in the vulnerability details.
What type of vulnerability is CVE-2010-3703?
CVE-2010-3703 is a security vulnerability that relates to the possible use of an uninitialized pointer in the Poppler library.
Is there any exploit available for CVE-2010-3703?
There is no publicly known exploit for CVE-2010-3703, but the risk of crashes or memory corruption remains.

collector/nvd-historical
collector/redhat-bugzilla
alias/CVE-2010-3703
collector/nvd-index
agent/severity
agent/author
agent/weakness
agent/references
agent/description
agent/type
agent/tags
agent/event
agent/first-publish-date
agent/softwarecombine
agent/last-modified-date
vendor/poppler
canonical/poppler poppler
version/poppler poppler/0.13.3
version/poppler poppler/0.13.1
version/poppler poppler/0.10.3
version/poppler poppler/0.9.3
version/poppler poppler/0.10.1
version/poppler poppler/0.10.0
version/poppler poppler/0.10.7
version/poppler poppler/0.12.2
version/poppler poppler/0.14.2
version/poppler poppler/0.13.2
version/poppler poppler/0.11.3
version/poppler poppler/0.10.6
version/poppler poppler/0.12.3
version/poppler poppler/0.13.4
version/poppler poppler/0.10.4
version/poppler poppler/0.9.2
version/poppler poppler/0.11.2
version/poppler poppler/0.12.0
version/poppler poppler/0.14.1
version/poppler poppler/0.14.4
version/poppler poppler/0.9.0
version/poppler poppler/0.15.1
version/poppler poppler/0.14.5
version/poppler poppler/0.8.7
version/poppler poppler/0.9.1
version/poppler poppler/0.12.1
version/poppler poppler/0.11.0
version/poppler poppler/0.13.0
version/poppler poppler/0.14.3
version/poppler poppler/0.10.2
version/poppler poppler/0.14.0
version/poppler poppler/0.15.0
version/poppler poppler/0.11.1
version/poppler poppler/0.10.5
version/poppler poppler/0.12.4

CVE-2010-3703: Input Validation

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2010-3703?

How do I fix CVE-2010-3703?

Which versions of Poppler are affected by CVE-2010-3703?

What type of vulnerability is CVE-2010-3703?

Is there any exploit available for CVE-2010-3703?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2010-3703?

How do I fix CVE-2010-3703?

Which versions of Poppler are affected by CVE-2010-3703?

What type of vulnerability is CVE-2010-3703?

Is there any exploit available for CVE-2010-3703?