CVE-2010-3704: Input Validation
First published: Thu Sep 30 2010(Updated: )
The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with a crafted PostScript Type1 font that contains a negative array index, which bypasses input validation and triggers memory corruption.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Poppler Poppler | =0.13.3 | |
| Poppler Poppler | =0.13.1 | |
| Poppler Poppler | =0.10.3 | |
| Poppler Poppler | =0.9.3 | |
| Poppler Poppler | =0.10.1 | |
| Poppler Poppler | =0.10.0 | |
| Poppler Poppler | =0.10.7 | |
| Poppler Poppler | =0.12.2 | |
| Poppler Poppler | =0.14.2 | |
| Poppler Poppler | =0.13.2 | |
| Poppler Poppler | =0.11.3 | |
| Poppler Poppler | =0.10.6 | |
| Poppler Poppler | =0.12.3 | |
| Poppler Poppler | =0.13.4 | |
| Poppler Poppler | =0.10.4 | |
| Poppler Poppler | =0.9.2 | |
| Poppler Poppler | =0.11.2 | |
| Poppler Poppler | =0.12.0 | |
| Poppler Poppler | =0.14.1 | |
| Poppler Poppler | =0.14.4 | |
| Poppler Poppler | =0.9.0 | |
| Poppler Poppler | =0.15.1 | |
| Poppler Poppler | =0.14.5 | |
| Poppler Poppler | =0.8.7 | |
| Poppler Poppler | =0.9.1 | |
| Poppler Poppler | =0.12.1 | |
| Poppler Poppler | =0.11.0 | |
| Poppler Poppler | =0.13.0 | |
| Poppler Poppler | =0.14.3 | |
| Poppler Poppler | =0.10.2 | |
| Poppler Poppler | =0.14.0 | |
| Poppler Poppler | =0.15.0 | |
| Poppler Poppler | =0.11.1 | |
| Poppler Poppler | =0.10.5 | |
| Poppler Poppler | =0.12.4 | |
| Foolabs Xpdf | =0.91c | |
| Foolabs Xpdf | =0.91b | |
| Foolabs Xpdf | =0.93b | |
| Foolabs Xpdf | =1.00a | |
| Foolabs Xpdf | =0.91a | |
| Foolabs Xpdf | =3.02pl3 | |
| Foolabs Xpdf | =0.92e | |
| Foolabs Xpdf | =0.5a | |
| Foolabs Xpdf | =0.92b | |
| Foolabs Xpdf | =0.93c | |
| Foolabs Xpdf | =0.92c | |
| Foolabs Xpdf | =3.02pl1 | |
| Foolabs Xpdf | =0.7a | |
| Foolabs Xpdf | =0.93a | |
| Foolabs Xpdf | =3.0.1 | |
| Foolabs Xpdf | =3.02pl2 | |
| Kde Kdegraphics | ||
| Foolabs Xpdf | =0.92d | |
| Foolabs Xpdf | =0.92a | |
| Glyphandcog Xpdfreader | =0.2 | |
| Glyphandcog Xpdfreader | =0.3 | |
| Glyphandcog Xpdfreader | =0.4 | |
| Glyphandcog Xpdfreader | =0.5 | |
| Glyphandcog Xpdfreader | =0.6 | |
| Glyphandcog Xpdfreader | =0.80 | |
| Glyphandcog Xpdfreader | =0.90 | |
| Glyphandcog Xpdfreader | =1.00 | |
| Glyphandcog Xpdfreader | =1.01 | |
| Glyphandcog Xpdfreader | =2.00 | |
| Glyphandcog Xpdfreader | =2.01 | |
| Glyphandcog Xpdfreader | =2.03 | |
| Glyphandcog Xpdfreader | =3.00 | |
| Glyphandcog Xpdfreader | =3.01 | |
| Glyphandcog Xpdfreader | =0.7 | |
| Glyphandcog Xpdfreader | =0.91 | |
| Glyphandcog Xpdfreader | =0.92 | |
| Glyphandcog Xpdfreader | =0.93 | |
| Glyphandcog Xpdfreader | =2.02 | |
| Glyphandcog Xpdfreader | <=3.02 | |
| Glyphandcog Xpdfreader | =3.02 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html
- http://www.debian.org/security/2010/dsa-2119
- http://www.redhat.com/support/errata/RHSA-2010-0751.html
- https://bugzilla.redhat.com/show_bug.cgi?id=638960
- http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html
- http://www.redhat.com/support/errata/RHSA-2010-0749.html
- http://www.redhat.com/support/errata/RHSA-2010-0752.html
- http://www.redhat.com/support/errata/RHSA-2010-0753.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html
- http://www.ubuntu.com/usn/USN-1005-1
- http://cgit.freedesktop.org/poppler/poppler/commit/?id=39d140bfc0b8239bdd96d6a55842034ae5c05473
- http://www.openwall.com/lists/oss-security/2010/10/04/6
- http://secunia.com/advisories/42141
- http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050390.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050285.html
- http://www.securityfocus.com/bid/43841
- http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050268.html
- http://www.vupen.com/english/advisories/2010/2897
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:229
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:230
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:228
- http://www.redhat.com/support/errata/RHSA-2010-0859.html
- http://secunia.com/advisories/42397
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:231
- http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html
- http://www.vupen.com/english/advisories/2010/3097
- http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.571720
- http://secunia.com/advisories/42357
- http://www.debian.org/security/2010/dsa-2135
- http://secunia.com/advisories/42691
- http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html
- http://www.vupen.com/english/advisories/2011/0230
- http://www.openoffice.org/security/cves/CVE-2010-3702_CVE-2010-3704.html
- http://secunia.com/advisories/43079
- http://rhn.redhat.com/errata/RHSA-2012-1201.html
- http://www.mandriva.com/security/advisories?name=MDVSA-2012:144
- http://secunia.com/advisories/41596/
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=638960#c0
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=639861
- https://rhn.redhat.com/errata/RHSA-2010-0749.html
- https://rhn.redhat.com/errata/RHSA-2010-0751.html
- https://rhn.redhat.com/errata/RHSA-2010-0752.html
- https://rhn.redhat.com/errata/RHSA-2010-0753.html
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=595245#c22
- https://rhn.redhat.com/errata/RHSA-2010-0859.html
- https://rhn.redhat.com/errata/RHSA-2012-1201.html
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/remedy
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/type
- agent/weakness
- collector/nvd-historical
- collector/nvd-index
- collector/redhat-bugzilla
- alias/CVE-2010-3704
- vendor/poppler
- canonical/poppler poppler
- version/poppler poppler/0.13.3
- version/poppler poppler/0.13.1
- version/poppler poppler/0.10.3
- version/poppler poppler/0.9.3
- version/poppler poppler/0.10.1
- version/poppler poppler/0.10.0
- version/poppler poppler/0.10.7
- version/poppler poppler/0.12.2
- version/poppler poppler/0.14.2
- version/poppler poppler/0.13.2
- version/poppler poppler/0.11.3
- version/poppler poppler/0.10.6
- version/poppler poppler/0.12.3
- version/poppler poppler/0.13.4
- version/poppler poppler/0.10.4
- version/poppler poppler/0.9.2
- version/poppler poppler/0.11.2
- version/poppler poppler/0.12.0
- version/poppler poppler/0.14.1
- version/poppler poppler/0.14.4
- version/poppler poppler/0.9.0
- version/poppler poppler/0.15.1
- version/poppler poppler/0.14.5
- version/poppler poppler/0.8.7
- version/poppler poppler/0.9.1
- version/poppler poppler/0.12.1
- version/poppler poppler/0.11.0
- version/poppler poppler/0.13.0
- version/poppler poppler/0.14.3
- version/poppler poppler/0.10.2
- version/poppler poppler/0.14.0
- version/poppler poppler/0.15.0
- version/poppler poppler/0.11.1
- version/poppler poppler/0.10.5
- version/poppler poppler/0.12.4
- vendor/foolabs
- canonical/foolabs xpdf
- version/foolabs xpdf/0.91c
- version/foolabs xpdf/0.91b
- version/foolabs xpdf/0.93b
- version/foolabs xpdf/1.00a
- version/foolabs xpdf/0.91a
- version/foolabs xpdf/3.02pl3
- version/foolabs xpdf/0.92e
- version/foolabs xpdf/0.5a
- version/foolabs xpdf/0.92b
- version/foolabs xpdf/0.93c
- version/foolabs xpdf/0.92c
- version/foolabs xpdf/3.02pl1
- version/foolabs xpdf/0.7a
- version/foolabs xpdf/0.93a
- version/foolabs xpdf/3.0.1
- version/foolabs xpdf/3.02pl2
- vendor/kde
- canonical/kde kdegraphics
- version/foolabs xpdf/0.92d
- version/foolabs xpdf/0.92a
- vendor/glyphandcog
- canonical/glyphandcog xpdfreader
- version/glyphandcog xpdfreader/0.2
- version/glyphandcog xpdfreader/0.3
- version/glyphandcog xpdfreader/0.4
- version/glyphandcog xpdfreader/0.5
- version/glyphandcog xpdfreader/0.6
- version/glyphandcog xpdfreader/0.80
- version/glyphandcog xpdfreader/0.90
- version/glyphandcog xpdfreader/1.00
- version/glyphandcog xpdfreader/1.01
- version/glyphandcog xpdfreader/2.00
- version/glyphandcog xpdfreader/2.01
- version/glyphandcog xpdfreader/2.03
- version/glyphandcog xpdfreader/3.00
- version/glyphandcog xpdfreader/3.01
- version/glyphandcog xpdfreader/0.7
- version/glyphandcog xpdfreader/0.91
- version/glyphandcog xpdfreader/0.92
- version/glyphandcog xpdfreader/0.93
- version/glyphandcog xpdfreader/2.02
- version/glyphandcog xpdfreader/3.02