Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2010-3704 (GCVE-0-2010-3704)
Vulnerability from cvelistv5 – Published: 2010-11-05 17:00 – Updated: 2024-08-07 03:18
VLAI
EPSS
Summary
The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with a crafted PostScript Type1 font that contains a negative array index, which bypasses input validation and triggers memory corruption.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
37 references
Date Public
2010-09-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:18:53.042Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2010-16662",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050285.html"
},
{
"name": "[oss-security] 20101004 Re: CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils, FireGPG, Wireshark",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2010/10/04/6"
},
{
"name": "FEDORA-2010-15857",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html"
},
{
"name": "RHSA-2010:0859",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0859.html"
},
{
"name": "42357",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42357"
},
{
"name": "MDVSA-2010:228",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:228"
},
{
"name": "ADV-2011-0230",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0230"
},
{
"name": "RHSA-2010:0752",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0752.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openoffice.org/security/cves/CVE-2010-3702_CVE-2010-3704.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=638960"
},
{
"name": "MDVSA-2010:230",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:230"
},
{
"name": "SUSE-SR:2010:022",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=39d140bfc0b8239bdd96d6a55842034ae5c05473"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch"
},
{
"name": "RHSA-2012:1201",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html"
},
{
"name": "MDVSA-2010:231",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:231"
},
{
"name": "FEDORA-2010-16705",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050390.html"
},
{
"name": "SSA:2010-324-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.571720"
},
{
"name": "RHSA-2010:0751",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0751.html"
},
{
"name": "42397",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42397"
},
{
"name": "42141",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42141"
},
{
"name": "FEDORA-2010-15911",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html"
},
{
"name": "MDVSA-2012:144",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144"
},
{
"name": "ADV-2010-3097",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/3097"
},
{
"name": "USN-1005-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1005-1"
},
{
"name": "RHSA-2010:0749",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0749.html"
},
{
"name": "FEDORA-2010-15981",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html"
},
{
"name": "FEDORA-2010-16744",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050268.html"
},
{
"name": "ADV-2010-2897",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2897"
},
{
"name": "42691",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42691"
},
{
"name": "DSA-2119",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2010/dsa-2119"
},
{
"name": "SUSE-SR:2010:024",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
},
{
"name": "MDVSA-2010:229",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:229"
},
{
"name": "43841",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/43841"
},
{
"name": "DSA-2135",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2010/dsa-2135"
},
{
"name": "RHSA-2010:0753",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0753.html"
},
{
"name": "43079",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43079"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-09-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with a crafted PostScript Type1 font that contains a negative array index, which bypasses input validation and triggers memory corruption."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-11-19T10:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "FEDORA-2010-16662",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050285.html"
},
{
"name": "[oss-security] 20101004 Re: CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils, FireGPG, Wireshark",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2010/10/04/6"
},
{
"name": "FEDORA-2010-15857",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html"
},
{
"name": "RHSA-2010:0859",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0859.html"
},
{
"name": "42357",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42357"
},
{
"name": "MDVSA-2010:228",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:228"
},
{
"name": "ADV-2011-0230",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0230"
},
{
"name": "RHSA-2010:0752",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0752.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openoffice.org/security/cves/CVE-2010-3702_CVE-2010-3704.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=638960"
},
{
"name": "MDVSA-2010:230",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:230"
},
{
"name": "SUSE-SR:2010:022",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=39d140bfc0b8239bdd96d6a55842034ae5c05473"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch"
},
{
"name": "RHSA-2012:1201",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html"
},
{
"name": "MDVSA-2010:231",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:231"
},
{
"name": "FEDORA-2010-16705",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050390.html"
},
{
"name": "SSA:2010-324-01",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.571720"
},
{
"name": "RHSA-2010:0751",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0751.html"
},
{
"name": "42397",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42397"
},
{
"name": "42141",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42141"
},
{
"name": "FEDORA-2010-15911",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html"
},
{
"name": "MDVSA-2012:144",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144"
},
{
"name": "ADV-2010-3097",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/3097"
},
{
"name": "USN-1005-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1005-1"
},
{
"name": "RHSA-2010:0749",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0749.html"
},
{
"name": "FEDORA-2010-15981",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html"
},
{
"name": "FEDORA-2010-16744",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050268.html"
},
{
"name": "ADV-2010-2897",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2897"
},
{
"name": "42691",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42691"
},
{
"name": "DSA-2119",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2010/dsa-2119"
},
{
"name": "SUSE-SR:2010:024",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
},
{
"name": "MDVSA-2010:229",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:229"
},
{
"name": "43841",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/43841"
},
{
"name": "DSA-2135",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2010/dsa-2135"
},
{
"name": "RHSA-2010:0753",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0753.html"
},
{
"name": "43079",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43079"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-3704",
"datePublished": "2010-11-05T17:00:00.000Z",
"dateReserved": "2010-10-01T00:00:00.000Z",
"dateUpdated": "2024-08-07T03:18:53.042Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2010-3704",
"date": "2026-05-27",
"epss": "0.01262",
"percentile": "0.79687"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6323ED7A-6FE8-4885-B743-3E2F82ECA08B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"90D3345C-2D35-413C-B6F9-C308BC7C2AA6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"26216EEC-26B7-41C8-ADFB-64D2EA8DAA8F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A9D3618D-A183-4B09-9CA2-8D622C3486DD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A88294D9-563E-4AB3-9FE6-971F43B052B4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1A39F672-B238-4B21-A48E-5121771949F3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"58A5D199-E952-44B5-B5E5-170040FA813E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"349B4B75-32E2-49FB-9606-8B057AFA2E3E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"55A8D058-224E-467E-AB61-06F90B541F24\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"77C47EDD-2212-4259-8229-FF05E1A7B5AD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.10.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C52995D0-0986-427F-B37D-2F6726EA330D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.10.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7E4427C5-DBF0-4EF9-8B7A-61D56C14E3FB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.10.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B91206CA-7EBE-4E64-9A49-D7EC0D051012\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.11.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BFD43644-7F02-42AF-8EC3-C326A13E2F89\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.11.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"81FE2E6F-44B2-42D5-B986-D1FE2B510968\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.11.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0A605079-3705-4E2C-8F6D-C21B4D875817\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.11.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3ABBD590-8092-4920-BBC7-F3ACB9CCC900\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.12.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"14D812D5-BC8B-4907-AA70-F8D7F982A8DD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.12.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8E25003C-04CE-401F-B012-F2E13DC8E8C0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.12.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"189FE6D1-C001-4D43-BFD2-B8421C6FAB06\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.12.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CAF3866C-09D2-4564-A7AE-2C49A5E8480C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.12.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A43C280F-A571-4EF9-B301-244B05750933\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.13.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D37AC0D5-6811-4FE2-83BB-FEF44B228645\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.13.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D2B24274-2F2F-4F3A-8978-390BF69EF0AD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.13.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"14959178-17D0-4794-867F-AB62501EEF24\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.13.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C1129356-C0B0-4130-A1EF-888B02783317\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.13.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2CD0FA23-F797-4FB5-85AD-29AED926E02D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.14.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"77B06D79-50AD-49D0-B372-25CA226EEA80\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.14.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A34735C6-2738-4CCC-9322-8F7584AB616D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.14.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"339A5BC3-7AED-4912-B6D3-BBD5FBF4AA02\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.14.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"325750AA-5E10-457E-88E8-439DFB81FE1E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.14.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"235861C5-B126-4A27-A51F-94568DBA5FBB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.14.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0EE3D5F0-DA69-453A-9729-03FD1151D94E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.15.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"83E52568-A112-4533-9CFA-55D35F40AA9A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:poppler:poppler:0.15.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"38A9C7A2-DAC5-4334-9A88-CF9085A34186\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B8ABE533-8FC1-45E6-B574-A4CC7571EF7C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1B02805E-7BD0-4563-82C8-6FFB982D4913\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"852F526D-F388-4FF0-BDD9-DF7635DB46D8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"478D53EA-CC8C-4ECB-8410-0910505AD819\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8C84FB90-FF1C-4502-B2D2-390438DD422F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"13341DAE-D16D-41A7-BF17-FEC802997B15\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3E30BAEA-231C-4A82-B014-9EE3D1E81545\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FE1DE5A5-6448-43F6-A612-56998D16E6B9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"35F84699-D4CF-4FD1-A959-53E316559EBE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D820DFD5-0EF9-4C9A-B281-D553A4F63141\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E2EFC7E4-E513-42DB-BDA5-8D1E497971DD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0AA5CDDC-BFDE-4C5E-920F-5DA1B3C51B52\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F4CF839D-D034-4D47-977F-7E27B36EF04F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F3B3E8A4-14FE-42DA-B82E-839B092B5302\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:foolabs:xpdf:3.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"52D79ABD-202F-464F-B6C3-B225FD37DD3F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:foolabs:xpdf:3.02pl1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0BC500DA-7B3F-4CD5-BB0E-B244000CD19D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:foolabs:xpdf:3.02pl2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9D5D9CEA-0707-46FC-AEC3-9EC540B22BC3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:foolabs:xpdf:3.02pl3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BD38AC59-7518-40FB-BC29-EC64142DE682\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:glyphandcog:xpdfreader:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"3.02\", \"matchCriteriaId\": \"32628280-E2DB-45E0-AB8A-CFC90419A182\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DEF5EC54-9145-4B51-8241-C9343160BF80\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D33C2C1D-C1C1-4B1D-BDC8-6480CE8EC24B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D1344DF7-9917-4DB0-9256-9E8131C55B0A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:glyphandcog:xpdfreader:0.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"309F0CF2-4AF7-4F46-91EA-39BA07BAF312\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"36FA872B-74B8-48E4-9D5C-5ACA6FCB8026\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"20311EDE-0E34-432A-AE41-F61EA68F134A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"16FEF460-3569-4294-ABA4-D7C251D67071\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BB41E8C2-BBCC-48CB-805B-23411D39E936\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"16670F8A-E70B-4CDF-8C61-414D86E20C84\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"69483A91-53DB-4736-908F-7B14EFB40888\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:glyphandcog:xpdfreader:0.93:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5B3E7962-0A95-4E7B-A983-683B02350B93\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:glyphandcog:xpdfreader:1.00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BD1120B3-3372-417B-BCA0-FD515638FBFB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F7397645-3225-4980-8465-28F93322B58B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1672587F-ED28-4A8A-A6C1-AD1D6B5DF9F3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D5A45EAF-B511-4360-A201-D588E7EEB39D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D14637F7-DC99-4AC4-854C-DBA0B4C6BE54\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9EE03979-D564-4ABD-BEBD-E86E7C1BAF9D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"15D08CFD-BEE1-4DEE-926D-F4291F88224D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D244903F-5407-4C35-AE2C-1A05D3C227D4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:glyphandcog:xpdfreader:3.02:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F7D4E256-FF91-47BA-B1D4-940FB2D970AF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:kde:kdegraphics:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3A0E0FC3-B53F-462D-8562-D2464BB111E2\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with a crafted PostScript Type1 font that contains a negative array index, which bypasses input validation and triggers memory corruption.\"}, {\"lang\": \"es\", \"value\": \"La funci\\u00f3n FoFiType1::parse en fofi/FoFiType1.cc del parseador de PDF de xpdf antes de v3.02pl5, poppler v0.8.7 y posiblemente otras versiones hasta v0.15.1, kdegraphics, y posiblemente otros productos, permite a atacantes dependientes del contexto provocar una denegaci\\u00f3n de servicio (ca\\u00edda de la aplicaci\\u00f3n) y posiblemente ejecutar c\\u00f3digo arbitrario mediante un archivo PDF con una fuente Type1 modificada que contiene un \\u00edndice de matriz negativo, el cual se salta la validaci\\u00f3n de entrada y que provoca una corrupci\\u00f3n de memoria.\"}]",
"id": "CVE-2010-3704",
"lastModified": "2024-11-21T01:19:25.887",
"metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:P/A:P\", \"baseScore\": 6.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
"published": "2010-11-05T18:00:25.983",
"references": "[{\"url\": \"ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\"]}, {\"url\": \"http://cgit.freedesktop.org/poppler/poppler/commit/?id=39d140bfc0b8239bdd96d6a55842034ae5c05473\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\"]}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050268.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050285.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050390.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2012-1201.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://secunia.com/advisories/42141\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://secunia.com/advisories/42357\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://secunia.com/advisories/42397\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://secunia.com/advisories/42691\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://secunia.com/advisories/43079\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.571720\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.debian.org/security/2010/dsa-2119\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.debian.org/security/2010/dsa-2135\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2010:228\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2010:229\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2010:230\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2010:231\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2012:144\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.openoffice.org/security/cves/CVE-2010-3702_CVE-2010-3704.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2010/10/04/6\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0749.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0751.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0752.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0753.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0859.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.securityfocus.com/bid/43841\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-1005-1\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.vupen.com/english/advisories/2010/2897\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.vupen.com/english/advisories/2010/3097\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.vupen.com/english/advisories/2011/0230\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=638960\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://cgit.freedesktop.org/poppler/poppler/commit/?id=39d140bfc0b8239bdd96d6a55842034ae5c05473\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050268.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050285.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050390.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2012-1201.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/42141\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/42357\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/42397\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/42691\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/43079\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.571720\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.debian.org/security/2010/dsa-2119\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.debian.org/security/2010/dsa-2135\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2010:228\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2010:229\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2010:230\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2010:231\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2012:144\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openoffice.org/security/cves/CVE-2010-3702_CVE-2010-3704.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2010/10/04/6\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0749.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0751.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0752.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0753.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2010-0859.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/43841\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-1005-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2010/2897\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2010/3097\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2011/0230\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=638960\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2010-3704\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2010-11-05T18:00:25.983\",\"lastModified\":\"2026-04-29T01:13:23.040\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with a crafted PostScript Type1 font that contains a negative array index, which bypasses input validation and triggers memory corruption.\"},{\"lang\":\"es\",\"value\":\"La funci\u00f3n FoFiType1::parse en fofi/FoFiType1.cc del parseador de PDF de xpdf antes de v3.02pl5, poppler v0.8.7 y posiblemente otras versiones hasta v0.15.1, kdegraphics, y posiblemente otros productos, permite a atacantes dependientes del contexto provocar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) y posiblemente ejecutar c\u00f3digo arbitrario mediante un archivo PDF con una fuente Type1 modificada que contiene un \u00edndice de matriz negativo, el cual se salta la validaci\u00f3n de entrada y que provoca una corrupci\u00f3n de memoria.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6323ED7A-6FE8-4885-B743-3E2F82ECA08B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"90D3345C-2D35-413C-B6F9-C308BC7C2AA6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"26216EEC-26B7-41C8-ADFB-64D2EA8DAA8F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9D3618D-A183-4B09-9CA2-8D622C3486DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A88294D9-563E-4AB3-9FE6-971F43B052B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A39F672-B238-4B21-A48E-5121771949F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"58A5D199-E952-44B5-B5E5-170040FA813E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"349B4B75-32E2-49FB-9606-8B057AFA2E3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55A8D058-224E-467E-AB61-06F90B541F24\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77C47EDD-2212-4259-8229-FF05E1A7B5AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.10.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C52995D0-0986-427F-B37D-2F6726EA330D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.10.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E4427C5-DBF0-4EF9-8B7A-61D56C14E3FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.10.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B91206CA-7EBE-4E64-9A49-D7EC0D051012\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BFD43644-7F02-42AF-8EC3-C326A13E2F89\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.11.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"81FE2E6F-44B2-42D5-B986-D1FE2B510968\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.11.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A605079-3705-4E2C-8F6D-C21B4D875817\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.11.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3ABBD590-8092-4920-BBC7-F3ACB9CCC900\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"14D812D5-BC8B-4907-AA70-F8D7F982A8DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.12.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E25003C-04CE-401F-B012-F2E13DC8E8C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.12.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"189FE6D1-C001-4D43-BFD2-B8421C6FAB06\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.12.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CAF3866C-09D2-4564-A7AE-2C49A5E8480C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.12.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A43C280F-A571-4EF9-B301-244B05750933\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.13.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D37AC0D5-6811-4FE2-83BB-FEF44B228645\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.13.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2B24274-2F2F-4F3A-8978-390BF69EF0AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.13.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"14959178-17D0-4794-867F-AB62501EEF24\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.13.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1129356-C0B0-4130-A1EF-888B02783317\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.13.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CD0FA23-F797-4FB5-85AD-29AED926E02D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.14.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77B06D79-50AD-49D0-B372-25CA226EEA80\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.14.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A34735C6-2738-4CCC-9322-8F7584AB616D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.14.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"339A5BC3-7AED-4912-B6D3-BBD5FBF4AA02\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.14.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"325750AA-5E10-457E-88E8-439DFB81FE1E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.14.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"235861C5-B126-4A27-A51F-94568DBA5FBB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.14.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0EE3D5F0-DA69-453A-9729-03FD1151D94E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.15.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83E52568-A112-4533-9CFA-55D35F40AA9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:poppler:poppler:0.15.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"38A9C7A2-DAC5-4334-9A88-CF9085A34186\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8ABE533-8FC1-45E6-B574-A4CC7571EF7C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B02805E-7BD0-4563-82C8-6FFB982D4913\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"852F526D-F388-4FF0-BDD9-DF7635DB46D8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"478D53EA-CC8C-4ECB-8410-0910505AD819\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C84FB90-FF1C-4502-B2D2-390438DD422F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"13341DAE-D16D-41A7-BF17-FEC802997B15\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E30BAEA-231C-4A82-B014-9EE3D1E81545\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE1DE5A5-6448-43F6-A612-56998D16E6B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"35F84699-D4CF-4FD1-A959-53E316559EBE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D820DFD5-0EF9-4C9A-B281-D553A4F63141\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2EFC7E4-E513-42DB-BDA5-8D1E497971DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0AA5CDDC-BFDE-4C5E-920F-5DA1B3C51B52\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4CF839D-D034-4D47-977F-7E27B36EF04F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3B3E8A4-14FE-42DA-B82E-839B092B5302\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:foolabs:xpdf:3.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"52D79ABD-202F-464F-B6C3-B225FD37DD3F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:foolabs:xpdf:3.02pl1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0BC500DA-7B3F-4CD5-BB0E-B244000CD19D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:foolabs:xpdf:3.02pl2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D5D9CEA-0707-46FC-AEC3-9EC540B22BC3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:foolabs:xpdf:3.02pl3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD38AC59-7518-40FB-BC29-EC64142DE682\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:glyphandcog:xpdfreader:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.02\",\"matchCriteriaId\":\"32628280-E2DB-45E0-AB8A-CFC90419A182\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEF5EC54-9145-4B51-8241-C9343160BF80\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D33C2C1D-C1C1-4B1D-BDC8-6480CE8EC24B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1344DF7-9917-4DB0-9256-9E8131C55B0A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:glyphandcog:xpdfreader:0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"309F0CF2-4AF7-4F46-91EA-39BA07BAF312\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36FA872B-74B8-48E4-9D5C-5ACA6FCB8026\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"20311EDE-0E34-432A-AE41-F61EA68F134A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16FEF460-3569-4294-ABA4-D7C251D67071\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB41E8C2-BBCC-48CB-805B-23411D39E936\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16670F8A-E70B-4CDF-8C61-414D86E20C84\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"69483A91-53DB-4736-908F-7B14EFB40888\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:glyphandcog:xpdfreader:0.93:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B3E7962-0A95-4E7B-A983-683B02350B93\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:glyphandcog:xpdfreader:1.00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD1120B3-3372-417B-BCA0-FD515638FBFB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7397645-3225-4980-8465-28F93322B58B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1672587F-ED28-4A8A-A6C1-AD1D6B5DF9F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5A45EAF-B511-4360-A201-D588E7EEB39D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D14637F7-DC99-4AC4-854C-DBA0B4C6BE54\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EE03979-D564-4ABD-BEBD-E86E7C1BAF9D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"15D08CFD-BEE1-4DEE-926D-F4291F88224D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D244903F-5407-4C35-AE2C-1A05D3C227D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:glyphandcog:xpdfreader:3.02:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7D4E256-FF91-47BA-B1D4-940FB2D970AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kde:kdegraphics:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A0E0FC3-B53F-462D-8562-D2464BB111E2\"}]}]}],\"references\":[{\"url\":\"ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://cgit.freedesktop.org/poppler/poppler/commit/?id=39d140bfc0b8239bdd96d6a55842034ae5c05473\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050268.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050285.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050390.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2012-1201.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/42141\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/42357\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/42397\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/42691\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/43079\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.571720\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2010/dsa-2119\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2010/dsa-2135\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2010:228\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2010:229\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2010:230\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2010:231\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2012:144\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.openoffice.org/security/cves/CVE-2010-3702_CVE-2010-3704.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2010/10/04/6\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0749.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0751.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0752.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0753.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0859.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/43841\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.ubuntu.com/usn/USN-1005-1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2010/2897\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2010/3097\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2011/0230\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=638960\",\"source\":\"secalert@redhat.com\"},{\"url\":\"ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://cgit.freedesktop.org/poppler/poppler/commit/?id=39d140bfc0b8239bdd96d6a55842034ae5c05473\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050268.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050285.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050390.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2012-1201.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/42141\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/42357\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/42397\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/42691\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/43079\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.571720\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2010/dsa-2119\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2010/dsa-2135\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2010:228\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2010:229\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2010:230\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2010:231\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2012:144\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openoffice.org/security/cves/CVE-2010-3702_CVE-2010-3704.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2010/10/04/6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0749.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0751.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0752.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0753.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0859.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/43841\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/USN-1005-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2010/2897\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2010/3097\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2011/0230\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=638960\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
CERTA-2010-AVI-479
Vulnerability from certfr_avis - Published: - Updated:
Deux vulnérabilités permettant à une personne distante malintentionnée de provoquer un déni de service ou d'exécuter du code arbitraire à distance ont été découvertes dans Xpdf et Poppler.
Description
Des vulnérabilités de type utilisation de pointeur non initialisé et de type débordement de mémoire ont été identifiées dans Xpdf. L'exploitation de ces vulnérabilités peut conduire à un déni de service à distance ou de l'exécution de code arbitraire à distance par le biais d'un fichier pdf spécialement construit.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Xpdf dans différentes distributions Linux (cf. section Documentation).
Impacted products
| Vendor | Product | Description |
|---|
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cp\u003eXpdf dans diff\u00e9rentes distributions Linux (cf. section Documentation).\u003c/p\u003e",
"content": "## Description\n\nDes vuln\u00e9rabilit\u00e9s de type utilisation de pointeur non initialis\u00e9 et de\ntype d\u00e9bordement de m\u00e9moire ont \u00e9t\u00e9 identifi\u00e9es dans Xpdf.\nL\u0027exploitation de ces vuln\u00e9rabilit\u00e9s peut conduire \u00e0 un d\u00e9ni de service\n\u00e0 distance ou de l\u0027ex\u00e9cution de code arbitraire \u00e0 distance par le biais\nd\u0027un fichier pdf sp\u00e9cialement construit.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2010-3702",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3702"
},
{
"name": "CVE-2010-3704",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3704"
}
],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2010:0753 du 07 octobre 2010 :",
"url": "http://rhn.redhat.com/errata/RHSA-2010-0753.html"
},
{
"title": "Avis de s\u00e9curit\u00e9 Debian DSA-2119-1 du 12 octobre 2010 :",
"url": "http://debian.org/security/2010/dsa-2119"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2010:0752 du 07 octobre 2010 :",
"url": "http://rhn.redhat.com/errata/RHSA-2010-0752.html"
},
{
"title": "Avis de s\u00e9curit\u00e9 Ubuntu USN-1005-1 :",
"url": "http://www.ubuntu.com/usn/usn-1005-1"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2010:0749 du 07 octobre 2010 :",
"url": "http://rhn.redhat.com/errata/RHSA-2010-0749.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2010:0750 du 07 octobre 2010 :",
"url": "http://rhn.redhat.com/errata/RHSA-2010-0750.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2010:0755 du 07 octobre 2010 :",
"url": "http://rhn.redhat.com/errata/RHSA-2010-0755.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2010:0751 du 07 octobre 2010 :",
"url": "http://rhn.redhat.com/errata/RHSA-2010-0751.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2010:0754 du 07 octobre 2010 :",
"url": "http://rhn.redhat.com/errata/RHSA-2010-0754.html"
}
],
"reference": "CERTA-2010-AVI-479",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2010-10-08T00:00:00.000000"
},
{
"description": "ajout des r\u00e9f\u00e9rences aux bulletins de s\u00e9curit\u00e9 Red Hat.",
"revision_date": "2010-10-13T00:00:00.000000"
},
{
"description": "ajout de la r\u00e9f\u00e9rence au bulletin de s\u00e9curit\u00e9 Debian.",
"revision_date": "2010-10-18T00:00:00.000000"
},
{
"description": "ajout de la r\u00e9f\u00e9rence au bulletin de s\u00e9curit\u00e9 Ubuntu.",
"revision_date": "2010-10-20T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "Deux vuln\u00e9rabilit\u00e9s permettant \u00e0 une personne distante malintentionn\u00e9e\nde provoquer un d\u00e9ni de service ou d\u0027ex\u00e9cuter du code arbitraire \u00e0\ndistance ont \u00e9t\u00e9 d\u00e9couvertes dans Xpdf et Poppler.\n",
"title": "Vuln\u00e9rabilit\u00e9s dans Xpdf",
"vendor_advisories": [
{
"published_at": null,
"title": "Avis de s\u00e9curit\u00e9 Red Hat RHSA-2010-0751 du 07 octobre 2010",
"url": null
}
]
}
CERTA-2011-AVI-039
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités dans OpenOffice.org permettent à un utilisateur malveillant d'exécuter du code arbitraire à distance.
Description
Plusieurs vulnérabilités ont été découvertes dans OpenOffice.org. Elle permettent à un utilisateur distant, par le biais d'un document malveillant, d'exécuter du code arbitraire avec les privilèges de l'application.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
OpenOffice.org, versions 3.x antérieures à la version 3.3.
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | |
|---|---|---|---|
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cp\u003eOpenOffice.org, versions 3.x ant\u00e9rieures \u00e0 la version 3.3.\u003c/p\u003e",
"content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans OpenOffice.org. Elle\npermettent \u00e0 un utilisateur distant, par le biais d\u0027un document\nmalveillant, d\u0027ex\u00e9cuter du code arbitraire avec les privil\u00e8ges de\nl\u0027application.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2010-3702",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3702"
},
{
"name": "CVE-2010-4494",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4494"
},
{
"name": "CVE-2010-4643",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4643"
},
{
"name": "CVE-2010-3453",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3453"
},
{
"name": "CVE-2010-3451",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3451"
},
{
"name": "CVE-2010-3452",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3452"
},
{
"name": "CVE-2010-2936",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2936"
},
{
"name": "CVE-2010-3454",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3454"
},
{
"name": "CVE-2010-4253",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4253"
},
{
"name": "CVE-2010-3450",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3450"
},
{
"name": "CVE-2010-3689",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3689"
},
{
"name": "CVE-2010-4008",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4008"
},
{
"name": "CVE-2010-2935",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2935"
},
{
"name": "CVE-2010-3704",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3704"
}
],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Debian dsa-2151 du 26 janvier 2011 :",
"url": "http://www.debian.org/security/2011/dsa-2151"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2011-0181 du 28 janvier 2011 :",
"url": "http://rhn.redhat.com/errata/RHSA-2011-0181.html"
},
{
"title": "Bulletins de s\u00e9curit\u00e9 OpenOffice du 26 janvier 2011 :",
"url": "http://www.openoffice.org/security/bulletin.html"
}
],
"reference": "CERTA-2011-AVI-039",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2011-01-28T00:00:00.000000"
},
{
"description": "ajout des bulletins des distributions Debian et RedHat.",
"revision_date": "2011-02-01T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s dans OpenOffice.org permettent \u00e0 un\nutilisateur malveillant d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans OpenOffice.org",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 OpenOffice.org",
"url": null
}
]
}
CERTA-2010-AVI-479
Vulnerability from certfr_avis - Published: - Updated:
Deux vulnérabilités permettant à une personne distante malintentionnée de provoquer un déni de service ou d'exécuter du code arbitraire à distance ont été découvertes dans Xpdf et Poppler.
Description
Des vulnérabilités de type utilisation de pointeur non initialisé et de type débordement de mémoire ont été identifiées dans Xpdf. L'exploitation de ces vulnérabilités peut conduire à un déni de service à distance ou de l'exécution de code arbitraire à distance par le biais d'un fichier pdf spécialement construit.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Xpdf dans différentes distributions Linux (cf. section Documentation).
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cp\u003eXpdf dans diff\u00e9rentes distributions Linux (cf. section Documentation).\u003c/p\u003e",
"content": "## Description\n\nDes vuln\u00e9rabilit\u00e9s de type utilisation de pointeur non initialis\u00e9 et de\ntype d\u00e9bordement de m\u00e9moire ont \u00e9t\u00e9 identifi\u00e9es dans Xpdf.\nL\u0027exploitation de ces vuln\u00e9rabilit\u00e9s peut conduire \u00e0 un d\u00e9ni de service\n\u00e0 distance ou de l\u0027ex\u00e9cution de code arbitraire \u00e0 distance par le biais\nd\u0027un fichier pdf sp\u00e9cialement construit.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2010-3702",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3702"
},
{
"name": "CVE-2010-3704",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3704"
}
],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2010:0753 du 07 octobre 2010 :",
"url": "http://rhn.redhat.com/errata/RHSA-2010-0753.html"
},
{
"title": "Avis de s\u00e9curit\u00e9 Debian DSA-2119-1 du 12 octobre 2010 :",
"url": "http://debian.org/security/2010/dsa-2119"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2010:0752 du 07 octobre 2010 :",
"url": "http://rhn.redhat.com/errata/RHSA-2010-0752.html"
},
{
"title": "Avis de s\u00e9curit\u00e9 Ubuntu USN-1005-1 :",
"url": "http://www.ubuntu.com/usn/usn-1005-1"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2010:0749 du 07 octobre 2010 :",
"url": "http://rhn.redhat.com/errata/RHSA-2010-0749.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2010:0750 du 07 octobre 2010 :",
"url": "http://rhn.redhat.com/errata/RHSA-2010-0750.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2010:0755 du 07 octobre 2010 :",
"url": "http://rhn.redhat.com/errata/RHSA-2010-0755.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2010:0751 du 07 octobre 2010 :",
"url": "http://rhn.redhat.com/errata/RHSA-2010-0751.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2010:0754 du 07 octobre 2010 :",
"url": "http://rhn.redhat.com/errata/RHSA-2010-0754.html"
}
],
"reference": "CERTA-2010-AVI-479",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2010-10-08T00:00:00.000000"
},
{
"description": "ajout des r\u00e9f\u00e9rences aux bulletins de s\u00e9curit\u00e9 Red Hat.",
"revision_date": "2010-10-13T00:00:00.000000"
},
{
"description": "ajout de la r\u00e9f\u00e9rence au bulletin de s\u00e9curit\u00e9 Debian.",
"revision_date": "2010-10-18T00:00:00.000000"
},
{
"description": "ajout de la r\u00e9f\u00e9rence au bulletin de s\u00e9curit\u00e9 Ubuntu.",
"revision_date": "2010-10-20T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "Deux vuln\u00e9rabilit\u00e9s permettant \u00e0 une personne distante malintentionn\u00e9e\nde provoquer un d\u00e9ni de service ou d\u0027ex\u00e9cuter du code arbitraire \u00e0\ndistance ont \u00e9t\u00e9 d\u00e9couvertes dans Xpdf et Poppler.\n",
"title": "Vuln\u00e9rabilit\u00e9s dans Xpdf",
"vendor_advisories": [
{
"published_at": null,
"title": "Avis de s\u00e9curit\u00e9 Red Hat RHSA-2010-0751 du 07 octobre 2010",
"url": null
}
]
}
CERTA-2011-AVI-039
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités dans OpenOffice.org permettent à un utilisateur malveillant d'exécuter du code arbitraire à distance.
Description
Plusieurs vulnérabilités ont été découvertes dans OpenOffice.org. Elle permettent à un utilisateur distant, par le biais d'un document malveillant, d'exécuter du code arbitraire avec les privilèges de l'application.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
OpenOffice.org, versions 3.x antérieures à la version 3.3.
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | |
|---|---|---|---|
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cp\u003eOpenOffice.org, versions 3.x ant\u00e9rieures \u00e0 la version 3.3.\u003c/p\u003e",
"content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans OpenOffice.org. Elle\npermettent \u00e0 un utilisateur distant, par le biais d\u0027un document\nmalveillant, d\u0027ex\u00e9cuter du code arbitraire avec les privil\u00e8ges de\nl\u0027application.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2010-3702",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3702"
},
{
"name": "CVE-2010-4494",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4494"
},
{
"name": "CVE-2010-4643",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4643"
},
{
"name": "CVE-2010-3453",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3453"
},
{
"name": "CVE-2010-3451",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3451"
},
{
"name": "CVE-2010-3452",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3452"
},
{
"name": "CVE-2010-2936",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2936"
},
{
"name": "CVE-2010-3454",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3454"
},
{
"name": "CVE-2010-4253",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4253"
},
{
"name": "CVE-2010-3450",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3450"
},
{
"name": "CVE-2010-3689",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3689"
},
{
"name": "CVE-2010-4008",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4008"
},
{
"name": "CVE-2010-2935",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2935"
},
{
"name": "CVE-2010-3704",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3704"
}
],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Debian dsa-2151 du 26 janvier 2011 :",
"url": "http://www.debian.org/security/2011/dsa-2151"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2011-0181 du 28 janvier 2011 :",
"url": "http://rhn.redhat.com/errata/RHSA-2011-0181.html"
},
{
"title": "Bulletins de s\u00e9curit\u00e9 OpenOffice du 26 janvier 2011 :",
"url": "http://www.openoffice.org/security/bulletin.html"
}
],
"reference": "CERTA-2011-AVI-039",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2011-01-28T00:00:00.000000"
},
{
"description": "ajout des bulletins des distributions Debian et RedHat.",
"revision_date": "2011-02-01T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s dans OpenOffice.org permettent \u00e0 un\nutilisateur malveillant d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans OpenOffice.org",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 OpenOffice.org",
"url": null
}
]
}
FKIE_CVE-2010-3704
Vulnerability from fkie_nvd - Published: 2010-11-05 18:00 - Updated: 2026-04-29 01:13
Severity
Summary
The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with a crafted PostScript Type1 font that contains a negative array index, which bypasses input validation and triggers memory corruption.
References
| URL | Tags | ||
|---|---|---|---|
| secalert@redhat.com | ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch | Patch | |
| secalert@redhat.com | http://cgit.freedesktop.org/poppler/poppler/commit/?id=39d140bfc0b8239bdd96d6a55842034ae5c05473 | Patch | |
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050268.html | ||
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050285.html | ||
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050390.html | ||
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html | ||
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html | ||
| secalert@redhat.com | http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html | ||
| secalert@redhat.com | http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html | ||
| secalert@redhat.com | http://rhn.redhat.com/errata/RHSA-2012-1201.html | ||
| secalert@redhat.com | http://secunia.com/advisories/42141 | ||
| secalert@redhat.com | http://secunia.com/advisories/42357 | ||
| secalert@redhat.com | http://secunia.com/advisories/42397 | ||
| secalert@redhat.com | http://secunia.com/advisories/42691 | ||
| secalert@redhat.com | http://secunia.com/advisories/43079 | ||
| secalert@redhat.com | http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.571720 | ||
| secalert@redhat.com | http://www.debian.org/security/2010/dsa-2119 | ||
| secalert@redhat.com | http://www.debian.org/security/2010/dsa-2135 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2010:228 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2010:229 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2010:230 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2010:231 | ||
| secalert@redhat.com | http://www.mandriva.com/security/advisories?name=MDVSA-2012:144 | ||
| secalert@redhat.com | http://www.openoffice.org/security/cves/CVE-2010-3702_CVE-2010-3704.html | ||
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2010/10/04/6 | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2010-0749.html | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2010-0751.html | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2010-0752.html | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2010-0753.html | ||
| secalert@redhat.com | http://www.redhat.com/support/errata/RHSA-2010-0859.html | ||
| secalert@redhat.com | http://www.securityfocus.com/bid/43841 | ||
| secalert@redhat.com | http://www.ubuntu.com/usn/USN-1005-1 | ||
| secalert@redhat.com | http://www.vupen.com/english/advisories/2010/2897 | ||
| secalert@redhat.com | http://www.vupen.com/english/advisories/2010/3097 | ||
| secalert@redhat.com | http://www.vupen.com/english/advisories/2011/0230 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=638960 | ||
| af854a3a-2127-422b-91ae-364da2661108 | ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://cgit.freedesktop.org/poppler/poppler/commit/?id=39d140bfc0b8239bdd96d6a55842034ae5c05473 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050268.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050285.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050390.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2012-1201.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/42141 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/42357 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/42397 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/42691 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/43079 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.571720 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2010/dsa-2119 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2010/dsa-2135 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2010:228 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2010:229 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2010:230 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2010:231 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDVSA-2012:144 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openoffice.org/security/cves/CVE-2010-3702_CVE-2010-3704.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2010/10/04/6 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2010-0749.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2010-0751.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2010-0752.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2010-0753.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2010-0859.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/43841 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-1005-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/2897 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/3097 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2011/0230 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=638960 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| poppler | poppler | 0.8.7 | |
| poppler | poppler | 0.9.0 | |
| poppler | poppler | 0.9.1 | |
| poppler | poppler | 0.9.2 | |
| poppler | poppler | 0.9.3 | |
| poppler | poppler | 0.10.0 | |
| poppler | poppler | 0.10.1 | |
| poppler | poppler | 0.10.2 | |
| poppler | poppler | 0.10.3 | |
| poppler | poppler | 0.10.4 | |
| poppler | poppler | 0.10.5 | |
| poppler | poppler | 0.10.6 | |
| poppler | poppler | 0.10.7 | |
| poppler | poppler | 0.11.0 | |
| poppler | poppler | 0.11.1 | |
| poppler | poppler | 0.11.2 | |
| poppler | poppler | 0.11.3 | |
| poppler | poppler | 0.12.0 | |
| poppler | poppler | 0.12.1 | |
| poppler | poppler | 0.12.2 | |
| poppler | poppler | 0.12.3 | |
| poppler | poppler | 0.12.4 | |
| poppler | poppler | 0.13.0 | |
| poppler | poppler | 0.13.1 | |
| poppler | poppler | 0.13.2 | |
| poppler | poppler | 0.13.3 | |
| poppler | poppler | 0.13.4 | |
| poppler | poppler | 0.14.0 | |
| poppler | poppler | 0.14.1 | |
| poppler | poppler | 0.14.2 | |
| poppler | poppler | 0.14.3 | |
| poppler | poppler | 0.14.4 | |
| poppler | poppler | 0.14.5 | |
| poppler | poppler | 0.15.0 | |
| poppler | poppler | 0.15.1 | |
| foolabs | xpdf | 0.5a | |
| foolabs | xpdf | 0.7a | |
| foolabs | xpdf | 0.91a | |
| foolabs | xpdf | 0.91b | |
| foolabs | xpdf | 0.91c | |
| foolabs | xpdf | 0.92a | |
| foolabs | xpdf | 0.92b | |
| foolabs | xpdf | 0.92c | |
| foolabs | xpdf | 0.92d | |
| foolabs | xpdf | 0.92e | |
| foolabs | xpdf | 0.93a | |
| foolabs | xpdf | 0.93b | |
| foolabs | xpdf | 0.93c | |
| foolabs | xpdf | 1.00a | |
| foolabs | xpdf | 3.0.1 | |
| foolabs | xpdf | 3.02pl1 | |
| foolabs | xpdf | 3.02pl2 | |
| foolabs | xpdf | 3.02pl3 | |
| glyphandcog | xpdfreader | * | |
| glyphandcog | xpdfreader | 0.2 | |
| glyphandcog | xpdfreader | 0.3 | |
| glyphandcog | xpdfreader | 0.4 | |
| glyphandcog | xpdfreader | 0.5 | |
| glyphandcog | xpdfreader | 0.6 | |
| glyphandcog | xpdfreader | 0.7 | |
| glyphandcog | xpdfreader | 0.80 | |
| glyphandcog | xpdfreader | 0.90 | |
| glyphandcog | xpdfreader | 0.91 | |
| glyphandcog | xpdfreader | 0.92 | |
| glyphandcog | xpdfreader | 0.93 | |
| glyphandcog | xpdfreader | 1.00 | |
| glyphandcog | xpdfreader | 1.01 | |
| glyphandcog | xpdfreader | 2.00 | |
| glyphandcog | xpdfreader | 2.01 | |
| glyphandcog | xpdfreader | 2.02 | |
| glyphandcog | xpdfreader | 2.03 | |
| glyphandcog | xpdfreader | 3.00 | |
| glyphandcog | xpdfreader | 3.01 | |
| glyphandcog | xpdfreader | 3.02 | |
| kde | kdegraphics | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6323ED7A-6FE8-4885-B743-3E2F82ECA08B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "90D3345C-2D35-413C-B6F9-C308BC7C2AA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "26216EEC-26B7-41C8-ADFB-64D2EA8DAA8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A9D3618D-A183-4B09-9CA2-8D622C3486DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A88294D9-563E-4AB3-9FE6-971F43B052B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1A39F672-B238-4B21-A48E-5121771949F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "58A5D199-E952-44B5-B5E5-170040FA813E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "349B4B75-32E2-49FB-9606-8B057AFA2E3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "55A8D058-224E-467E-AB61-06F90B541F24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*",
"matchCriteriaId": "77C47EDD-2212-4259-8229-FF05E1A7B5AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C52995D0-0986-427F-B37D-2F6726EA330D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.10.6:*:*:*:*:*:*:*",
"matchCriteriaId": "7E4427C5-DBF0-4EF9-8B7A-61D56C14E3FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.10.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B91206CA-7EBE-4E64-9A49-D7EC0D051012",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BFD43644-7F02-42AF-8EC3-C326A13E2F89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "81FE2E6F-44B2-42D5-B986-D1FE2B510968",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0A605079-3705-4E2C-8F6D-C21B4D875817",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3ABBD590-8092-4920-BBC7-F3ACB9CCC900",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "14D812D5-BC8B-4907-AA70-F8D7F982A8DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8E25003C-04CE-401F-B012-F2E13DC8E8C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "189FE6D1-C001-4D43-BFD2-B8421C6FAB06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CAF3866C-09D2-4564-A7AE-2C49A5E8480C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.12.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A43C280F-A571-4EF9-B301-244B05750933",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D37AC0D5-6811-4FE2-83BB-FEF44B228645",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D2B24274-2F2F-4F3A-8978-390BF69EF0AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "14959178-17D0-4794-867F-AB62501EEF24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.13.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C1129356-C0B0-4130-A1EF-888B02783317",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.13.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD0FA23-F797-4FB5-85AD-29AED926E02D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "77B06D79-50AD-49D0-B372-25CA226EEA80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.14.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A34735C6-2738-4CCC-9322-8F7584AB616D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.14.2:*:*:*:*:*:*:*",
"matchCriteriaId": "339A5BC3-7AED-4912-B6D3-BBD5FBF4AA02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.14.3:*:*:*:*:*:*:*",
"matchCriteriaId": "325750AA-5E10-457E-88E8-439DFB81FE1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.14.4:*:*:*:*:*:*:*",
"matchCriteriaId": "235861C5-B126-4A27-A51F-94568DBA5FBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.14.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0EE3D5F0-DA69-453A-9729-03FD1151D94E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "83E52568-A112-4533-9CFA-55D35F40AA9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:poppler:poppler:0.15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "38A9C7A2-DAC5-4334-9A88-CF9085A34186",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "B8ABE533-8FC1-45E6-B574-A4CC7571EF7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*",
"matchCriteriaId": "1B02805E-7BD0-4563-82C8-6FFB982D4913",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*",
"matchCriteriaId": "852F526D-F388-4FF0-BDD9-DF7635DB46D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*",
"matchCriteriaId": "478D53EA-CC8C-4ECB-8410-0910505AD819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*",
"matchCriteriaId": "8C84FB90-FF1C-4502-B2D2-390438DD422F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*",
"matchCriteriaId": "13341DAE-D16D-41A7-BF17-FEC802997B15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*",
"matchCriteriaId": "3E30BAEA-231C-4A82-B014-9EE3D1E81545",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*",
"matchCriteriaId": "FE1DE5A5-6448-43F6-A612-56998D16E6B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*",
"matchCriteriaId": "35F84699-D4CF-4FD1-A959-53E316559EBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*",
"matchCriteriaId": "D820DFD5-0EF9-4C9A-B281-D553A4F63141",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*",
"matchCriteriaId": "E2EFC7E4-E513-42DB-BDA5-8D1E497971DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*",
"matchCriteriaId": "0AA5CDDC-BFDE-4C5E-920F-5DA1B3C51B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CF839D-D034-4D47-977F-7E27B36EF04F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*",
"matchCriteriaId": "F3B3E8A4-14FE-42DA-B82E-839B092B5302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "52D79ABD-202F-464F-B6C3-B225FD37DD3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl1:*:*:*:*:*:*:*",
"matchCriteriaId": "0BC500DA-7B3F-4CD5-BB0E-B244000CD19D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl2:*:*:*:*:*:*:*",
"matchCriteriaId": "9D5D9CEA-0707-46FC-AEC3-9EC540B22BC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:foolabs:xpdf:3.02pl3:*:*:*:*:*:*:*",
"matchCriteriaId": "BD38AC59-7518-40FB-BC29-EC64142DE682",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:*:*:*:*:*:*:*:*",
"matchCriteriaId": "32628280-E2DB-45E0-AB8A-CFC90419A182",
"versionEndIncluding": "3.02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DEF5EC54-9145-4B51-8241-C9343160BF80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D33C2C1D-C1C1-4B1D-BDC8-6480CE8EC24B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D1344DF7-9917-4DB0-9256-9E8131C55B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "309F0CF2-4AF7-4F46-91EA-39BA07BAF312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "36FA872B-74B8-48E4-9D5C-5ACA6FCB8026",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "20311EDE-0E34-432A-AE41-F61EA68F134A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*",
"matchCriteriaId": "16FEF460-3569-4294-ABA4-D7C251D67071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*",
"matchCriteriaId": "BB41E8C2-BBCC-48CB-805B-23411D39E936",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*",
"matchCriteriaId": "16670F8A-E70B-4CDF-8C61-414D86E20C84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*",
"matchCriteriaId": "69483A91-53DB-4736-908F-7B14EFB40888",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:0.93:*:*:*:*:*:*:*",
"matchCriteriaId": "5B3E7962-0A95-4E7B-A983-683B02350B93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "BD1120B3-3372-417B-BCA0-FD515638FBFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "F7397645-3225-4980-8465-28F93322B58B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*",
"matchCriteriaId": "1672587F-ED28-4A8A-A6C1-AD1D6B5DF9F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*",
"matchCriteriaId": "D5A45EAF-B511-4360-A201-D588E7EEB39D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "D14637F7-DC99-4AC4-854C-DBA0B4C6BE54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "9EE03979-D564-4ABD-BEBD-E86E7C1BAF9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*",
"matchCriteriaId": "15D08CFD-BEE1-4DEE-926D-F4291F88224D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*",
"matchCriteriaId": "D244903F-5407-4C35-AE2C-1A05D3C227D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:glyphandcog:xpdfreader:3.02:*:*:*:*:*:*:*",
"matchCriteriaId": "F7D4E256-FF91-47BA-B1D4-940FB2D970AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kde:kdegraphics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A0E0FC3-B53F-462D-8562-D2464BB111E2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with a crafted PostScript Type1 font that contains a negative array index, which bypasses input validation and triggers memory corruption."
},
{
"lang": "es",
"value": "La funci\u00f3n FoFiType1::parse en fofi/FoFiType1.cc del parseador de PDF de xpdf antes de v3.02pl5, poppler v0.8.7 y posiblemente otras versiones hasta v0.15.1, kdegraphics, y posiblemente otros productos, permite a atacantes dependientes del contexto provocar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) y posiblemente ejecutar c\u00f3digo arbitrario mediante un archivo PDF con una fuente Type1 modificada que contiene un \u00edndice de matriz negativo, el cual se salta la validaci\u00f3n de entrada y que provoca una corrupci\u00f3n de memoria."
}
],
"id": "CVE-2010-3704",
"lastModified": "2026-04-29T01:13:23.040",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-11-05T18:00:25.983",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=39d140bfc0b8239bdd96d6a55842034ae5c05473"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050268.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050285.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050390.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/42141"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/42357"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/42397"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/42691"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/43079"
},
{
"source": "secalert@redhat.com",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.571720"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2010/dsa-2119"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2010/dsa-2135"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:228"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:229"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:230"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:231"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openoffice.org/security/cves/CVE-2010-3702_CVE-2010-3704.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2010/10/04/6"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0749.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0751.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0752.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0753.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0859.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/43841"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1005-1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2010/2897"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2010/3097"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2011/0230"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=638960"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=39d140bfc0b8239bdd96d6a55842034ae5c05473"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050268.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050285.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050390.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/42141"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/42357"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/42397"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/42691"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/43079"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.571720"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2010/dsa-2119"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2010/dsa-2135"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:229"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:230"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:231"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openoffice.org/security/cves/CVE-2010-3702_CVE-2010-3704.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2010/10/04/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0749.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0751.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0752.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0753.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0859.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/43841"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1005-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2010/2897"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2010/3097"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2011/0230"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=638960"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-FWG7-7MHM-4945
Vulnerability from github – Published: 2022-05-17 19:48 – Updated: 2022-05-17 19:48
VLAI
Details
The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with a crafted PostScript Type1 font that contains a negative array index, which bypasses input validation and triggers memory corruption.
{
"affected": [],
"aliases": [
"CVE-2010-3704"
],
"database_specific": {
"cwe_ids": [
"CWE-20"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2010-11-05T18:00:00Z",
"severity": "MODERATE"
},
"details": "The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with a crafted PostScript Type1 font that contains a negative array index, which bypasses input validation and triggers memory corruption.",
"id": "GHSA-fwg7-7mhm-4945",
"modified": "2022-05-17T19:48:15Z",
"published": "2022-05-17T19:48:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3704"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=638960"
},
{
"type": "WEB",
"url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=39d140bfc0b8239bdd96d6a55842034ae5c05473"
},
{
"type": "WEB",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050268.html"
},
{
"type": "WEB",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050285.html"
},
{
"type": "WEB",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050390.html"
},
{
"type": "WEB",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html"
},
{
"type": "WEB",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html"
},
{
"type": "WEB",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/42141"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/42357"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/42397"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/42691"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/43079"
},
{
"type": "WEB",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.571720"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2010/dsa-2119"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2010/dsa-2135"
},
{
"type": "WEB",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:228"
},
{
"type": "WEB",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:229"
},
{
"type": "WEB",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:230"
},
{
"type": "WEB",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:231"
},
{
"type": "WEB",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144"
},
{
"type": "WEB",
"url": "http://www.openoffice.org/security/cves/CVE-2010-3702_CVE-2010-3704.html"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2010/10/04/6"
},
{
"type": "WEB",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0749.html"
},
{
"type": "WEB",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0751.html"
},
{
"type": "WEB",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0752.html"
},
{
"type": "WEB",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0753.html"
},
{
"type": "WEB",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0859.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/43841"
},
{
"type": "WEB",
"url": "http://www.ubuntu.com/usn/USN-1005-1"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2010/2897"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2010/3097"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2011/0230"
}
],
"schema_version": "1.4.0",
"severity": []
}
GSD-2010-3704
Vulnerability from gsd - Updated: 2023-12-13 01:21Details
The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with a crafted PostScript Type1 font that contains a negative array index, which bypasses input validation and triggers memory corruption.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2010-3704",
"description": "The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with a crafted PostScript Type1 font that contains a negative array index, which bypasses input validation and triggers memory corruption.",
"id": "GSD-2010-3704",
"references": [
"https://www.suse.com/security/cve/CVE-2010-3704.html",
"https://www.debian.org/security/2010/dsa-2135",
"https://www.debian.org/security/2010/dsa-2119",
"https://access.redhat.com/errata/RHSA-2012:1201",
"https://access.redhat.com/errata/RHSA-2010:0859",
"https://access.redhat.com/errata/RHSA-2010:0753",
"https://access.redhat.com/errata/RHSA-2010:0752",
"https://access.redhat.com/errata/RHSA-2010:0751",
"https://access.redhat.com/errata/RHSA-2010:0749",
"https://linux.oracle.com/cve/CVE-2010-3704.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2010-3704"
],
"details": "The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with a crafted PostScript Type1 font that contains a negative array index, which bypasses input validation and triggers memory corruption.",
"id": "GSD-2010-3704",
"modified": "2023-12-13T01:21:34.320758Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-3704",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with a crafted PostScript Type1 font that contains a negative array index, which bypasses input validation and triggers memory corruption."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html",
"refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
},
{
"name": "http://www.vupen.com/english/advisories/2011/0230",
"refsource": "MISC",
"url": "http://www.vupen.com/english/advisories/2011/0230"
},
{
"name": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html",
"refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html"
},
{
"name": "http://secunia.com/advisories/42397",
"refsource": "MISC",
"url": "http://secunia.com/advisories/42397"
},
{
"name": "http://www.vupen.com/english/advisories/2010/3097",
"refsource": "MISC",
"url": "http://www.vupen.com/english/advisories/2010/3097"
},
{
"name": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch",
"refsource": "MISC",
"url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch"
},
{
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050268.html",
"refsource": "MISC",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050268.html"
},
{
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050285.html",
"refsource": "MISC",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050285.html"
},
{
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050390.html",
"refsource": "MISC",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050390.html"
},
{
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html",
"refsource": "MISC",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html"
},
{
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html",
"refsource": "MISC",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html"
},
{
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html",
"refsource": "MISC",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html"
},
{
"name": "http://rhn.redhat.com/errata/RHSA-2012-1201.html",
"refsource": "MISC",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html"
},
{
"name": "http://secunia.com/advisories/42141",
"refsource": "MISC",
"url": "http://secunia.com/advisories/42141"
},
{
"name": "http://secunia.com/advisories/42357",
"refsource": "MISC",
"url": "http://secunia.com/advisories/42357"
},
{
"name": "http://secunia.com/advisories/42691",
"refsource": "MISC",
"url": "http://secunia.com/advisories/42691"
},
{
"name": "http://secunia.com/advisories/43079",
"refsource": "MISC",
"url": "http://secunia.com/advisories/43079"
},
{
"name": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.571720",
"refsource": "MISC",
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.571720"
},
{
"name": "http://www.debian.org/security/2010/dsa-2119",
"refsource": "MISC",
"url": "http://www.debian.org/security/2010/dsa-2119"
},
{
"name": "http://www.debian.org/security/2010/dsa-2135",
"refsource": "MISC",
"url": "http://www.debian.org/security/2010/dsa-2135"
},
{
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:228",
"refsource": "MISC",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:228"
},
{
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:229",
"refsource": "MISC",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:229"
},
{
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:230",
"refsource": "MISC",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:230"
},
{
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:231",
"refsource": "MISC",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:231"
},
{
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144",
"refsource": "MISC",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144"
},
{
"name": "http://www.openoffice.org/security/cves/CVE-2010-3702_CVE-2010-3704.html",
"refsource": "MISC",
"url": "http://www.openoffice.org/security/cves/CVE-2010-3702_CVE-2010-3704.html"
},
{
"name": "http://www.openwall.com/lists/oss-security/2010/10/04/6",
"refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2010/10/04/6"
},
{
"name": "http://www.redhat.com/support/errata/RHSA-2010-0749.html",
"refsource": "MISC",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0749.html"
},
{
"name": "http://www.redhat.com/support/errata/RHSA-2010-0751.html",
"refsource": "MISC",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0751.html"
},
{
"name": "http://www.redhat.com/support/errata/RHSA-2010-0752.html",
"refsource": "MISC",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0752.html"
},
{
"name": "http://www.redhat.com/support/errata/RHSA-2010-0753.html",
"refsource": "MISC",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0753.html"
},
{
"name": "http://www.redhat.com/support/errata/RHSA-2010-0859.html",
"refsource": "MISC",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0859.html"
},
{
"name": "http://www.ubuntu.com/usn/USN-1005-1",
"refsource": "MISC",
"url": "http://www.ubuntu.com/usn/USN-1005-1"
},
{
"name": "http://www.vupen.com/english/advisories/2010/2897",
"refsource": "MISC",
"url": "http://www.vupen.com/english/advisories/2010/2897"
},
{
"name": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=39d140bfc0b8239bdd96d6a55842034ae5c05473",
"refsource": "MISC",
"url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=39d140bfc0b8239bdd96d6a55842034ae5c05473"
},
{
"name": "http://www.securityfocus.com/bid/43841",
"refsource": "MISC",
"url": "http://www.securityfocus.com/bid/43841"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=638960",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=638960"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:poppler:poppler:0.10.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:poppler:poppler:0.12.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:poppler:poppler:0.12.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:poppler:poppler:0.13.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:poppler:poppler:0.13.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:poppler:poppler:0.15.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:poppler:poppler:0.11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:poppler:poppler:0.11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:poppler:poppler:0.12.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:poppler:poppler:0.13.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:poppler:poppler:0.14.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:poppler:poppler:0.14.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:poppler:poppler:0.11.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:poppler:poppler:0.11.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:poppler:poppler:0.13.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:poppler:poppler:0.13.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:poppler:poppler:0.14.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:poppler:poppler:0.15.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:poppler:poppler:0.10.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:poppler:poppler:0.10.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:poppler:poppler:0.12.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:poppler:poppler:0.12.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:poppler:poppler:0.14.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:poppler:poppler:0.14.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:poppler:poppler:0.14.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:foolabs:xpdf:3.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:foolabs:xpdf:3.02pl2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:foolabs:xpdf:3.02pl3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.02",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kde:kdegraphics:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:foolabs:xpdf:3.02pl1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:1.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:0.93:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:glyphandcog:xpdfreader:3.02:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-3704"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with a crafted PostScript Type1 font that contains a negative array index, which bypasses input validation and triggers memory corruption."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FEDORA-2010-15911",
"refsource": "FEDORA",
"tags": [],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html"
},
{
"name": "DSA-2119",
"refsource": "DEBIAN",
"tags": [],
"url": "http://www.debian.org/security/2010/dsa-2119"
},
{
"name": "RHSA-2010:0751",
"refsource": "REDHAT",
"tags": [],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0751.html"
},
{
"name": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch",
"refsource": "CONFIRM",
"tags": [
"Patch"
],
"url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=638960",
"refsource": "CONFIRM",
"tags": [],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=638960"
},
{
"name": "FEDORA-2010-15981",
"refsource": "FEDORA",
"tags": [],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html"
},
{
"name": "RHSA-2010:0749",
"refsource": "REDHAT",
"tags": [],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0749.html"
},
{
"name": "RHSA-2010:0752",
"refsource": "REDHAT",
"tags": [],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0752.html"
},
{
"name": "RHSA-2010:0753",
"refsource": "REDHAT",
"tags": [],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0753.html"
},
{
"name": "FEDORA-2010-15857",
"refsource": "FEDORA",
"tags": [],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html"
},
{
"name": "USN-1005-1",
"refsource": "UBUNTU",
"tags": [],
"url": "http://www.ubuntu.com/usn/USN-1005-1"
},
{
"name": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=39d140bfc0b8239bdd96d6a55842034ae5c05473",
"refsource": "CONFIRM",
"tags": [
"Patch"
],
"url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=39d140bfc0b8239bdd96d6a55842034ae5c05473"
},
{
"name": "[oss-security] 20101004 Re: CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils, FireGPG, Wireshark",
"refsource": "MLIST",
"tags": [],
"url": "http://www.openwall.com/lists/oss-security/2010/10/04/6"
},
{
"name": "42141",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/42141"
},
{
"name": "FEDORA-2010-16705",
"refsource": "FEDORA",
"tags": [],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050390.html"
},
{
"name": "FEDORA-2010-16662",
"refsource": "FEDORA",
"tags": [],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050285.html"
},
{
"name": "43841",
"refsource": "BID",
"tags": [],
"url": "http://www.securityfocus.com/bid/43841"
},
{
"name": "FEDORA-2010-16744",
"refsource": "FEDORA",
"tags": [],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050268.html"
},
{
"name": "ADV-2010-2897",
"refsource": "VUPEN",
"tags": [],
"url": "http://www.vupen.com/english/advisories/2010/2897"
},
{
"name": "MDVSA-2010:229",
"refsource": "MANDRIVA",
"tags": [],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:229"
},
{
"name": "MDVSA-2010:230",
"refsource": "MANDRIVA",
"tags": [],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:230"
},
{
"name": "MDVSA-2010:228",
"refsource": "MANDRIVA",
"tags": [],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:228"
},
{
"name": "RHSA-2010:0859",
"refsource": "REDHAT",
"tags": [],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0859.html"
},
{
"name": "42397",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/42397"
},
{
"name": "MDVSA-2010:231",
"refsource": "MANDRIVA",
"tags": [],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:231"
},
{
"name": "SUSE-SR:2010:022",
"refsource": "SUSE",
"tags": [],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html"
},
{
"name": "ADV-2010-3097",
"refsource": "VUPEN",
"tags": [],
"url": "http://www.vupen.com/english/advisories/2010/3097"
},
{
"name": "SSA:2010-324-01",
"refsource": "SLACKWARE",
"tags": [],
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.571720"
},
{
"name": "42357",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/42357"
},
{
"name": "DSA-2135",
"refsource": "DEBIAN",
"tags": [],
"url": "http://www.debian.org/security/2010/dsa-2135"
},
{
"name": "42691",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/42691"
},
{
"name": "SUSE-SR:2010:024",
"refsource": "SUSE",
"tags": [],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
},
{
"name": "ADV-2011-0230",
"refsource": "VUPEN",
"tags": [],
"url": "http://www.vupen.com/english/advisories/2011/0230"
},
{
"name": "http://www.openoffice.org/security/cves/CVE-2010-3702_CVE-2010-3704.html",
"refsource": "CONFIRM",
"tags": [],
"url": "http://www.openoffice.org/security/cves/CVE-2010-3702_CVE-2010-3704.html"
},
{
"name": "43079",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/43079"
},
{
"name": "RHSA-2012:1201",
"refsource": "REDHAT",
"tags": [],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html"
},
{
"name": "MDVSA-2012:144",
"refsource": "MANDRIVA",
"tags": [],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": true
}
},
"lastModifiedDate": "2019-03-06T16:30Z",
"publishedDate": "2010-11-05T18:00Z"
}
}
}
RHSA-2010:0749
Vulnerability from csaf_redhat - Published: 2010-10-07 15:02 - Updated: 2026-01-28 22:51Summary
Red Hat Security Advisory: poppler security update
Severity
Important
Notes
Topic: Updated poppler packages that fix two security issues are now available for
Red Hat Enterprise Linux 5.
The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.
Details: Poppler is a Portable Document Format (PDF) rendering library, used by
applications such as Evince.
An uninitialized pointer use flaw was discovered in poppler. An attacker
could create a malicious PDF file that, when opened, would cause
applications that use poppler (such as Evince) to crash or, potentially,
execute arbitrary code. (CVE-2010-3702)
An array index error was found in the way poppler parsed PostScript Type 1
fonts embedded in PDF documents. An attacker could create a malicious PDF
file that, when opened, would cause applications that use poppler (such as
Evince) to crash or, potentially, execute arbitrary code. (CVE-2010-3704)
Users are advised to upgrade to these updated packages, which contain
backported patches to correct these issues.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, CUPS, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) via unknown vectors that trigger an uninitialized pointer dereference.
5.8 ()
Affected products
Fixed
81 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_5.14.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_5.14.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_5.14.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_5.14.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_5.14.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:poppler-0:0.5.4-4.4.el5_5.14.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:poppler-0:0.5.4-4.4.el5_5.14.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:poppler-0:0.5.4-4.4.el5_5.14.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:poppler-0:0.5.4-4.4.el5_5.14.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:poppler-0:0.5.4-4.4.el5_5.14.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:poppler-0:0.5.4-4.4.el5_5.14.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:poppler-0:0.5.4-4.4.el5_5.14.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:poppler-0:0.5.4-4.4.el5_5.14.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:poppler-utils-0:0.5.4-4.4.el5_5.14.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:poppler-utils-0:0.5.4-4.4.el5_5.14.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:poppler-utils-0:0.5.4-4.4.el5_5.14.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:poppler-utils-0:0.5.4-4.4.el5_5.14.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:poppler-utils-0:0.5.4-4.4.el5_5.14.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:poppler-0:0.5.4-4.4.el5_5.14.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:poppler-0:0.5.4-4.4.el5_5.14.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:poppler-0:0.5.4-4.4.el5_5.14.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:poppler-0:0.5.4-4.4.el5_5.14.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:poppler-0:0.5.4-4.4.el5_5.14.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:poppler-0:0.5.4-4.4.el5_5.14.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:poppler-0:0.5.4-4.4.el5_5.14.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:poppler-0:0.5.4-4.4.el5_5.14.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:poppler-utils-0:0.5.4-4.4.el5_5.14.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:poppler-utils-0:0.5.4-4.4.el5_5.14.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:poppler-utils-0:0.5.4-4.4.el5_5.14.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:poppler-utils-0:0.5.4-4.4.el5_5.14.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:poppler-utils-0:0.5.4-4.4.el5_5.14.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with a crafted PostScript Type1 font that contains a negative array index, which bypasses input validation and triggers memory corruption.
6.8 ()
Affected products
Fixed
81 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_5.14.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_5.14.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_5.14.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_5.14.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_5.14.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:poppler-0:0.5.4-4.4.el5_5.14.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:poppler-0:0.5.4-4.4.el5_5.14.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:poppler-0:0.5.4-4.4.el5_5.14.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:poppler-0:0.5.4-4.4.el5_5.14.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:poppler-0:0.5.4-4.4.el5_5.14.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:poppler-0:0.5.4-4.4.el5_5.14.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:poppler-0:0.5.4-4.4.el5_5.14.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:poppler-0:0.5.4-4.4.el5_5.14.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:poppler-utils-0:0.5.4-4.4.el5_5.14.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:poppler-utils-0:0.5.4-4.4.el5_5.14.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:poppler-utils-0:0.5.4-4.4.el5_5.14.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:poppler-utils-0:0.5.4-4.4.el5_5.14.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Client:poppler-utils-0:0.5.4-4.4.el5_5.14.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:poppler-0:0.5.4-4.4.el5_5.14.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:poppler-0:0.5.4-4.4.el5_5.14.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:poppler-0:0.5.4-4.4.el5_5.14.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:poppler-0:0.5.4-4.4.el5_5.14.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:poppler-0:0.5.4-4.4.el5_5.14.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:poppler-0:0.5.4-4.4.el5_5.14.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:poppler-0:0.5.4-4.4.el5_5.14.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:poppler-0:0.5.4-4.4.el5_5.14.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.ppc64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:poppler-utils-0:0.5.4-4.4.el5_5.14.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:poppler-utils-0:0.5.4-4.4.el5_5.14.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:poppler-utils-0:0.5.4-4.4.el5_5.14.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:poppler-utils-0:0.5.4-4.4.el5_5.14.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 5Server:poppler-utils-0:0.5.4-4.4.el5_5.14.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
References
13 references
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2010:0749 | self |
| https://access.redhat.com/security/updates/classi… | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=595245 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=638960 | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2010-3702 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=595245 | external |
| https://www.cve.org/CVERecord?id=CVE-2010-3702 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2010-3702 | external |
| https://access.redhat.com/security/cve/CVE-2010-3704 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=638960 | external |
| https://www.cve.org/CVERecord?id=CVE-2010-3704 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2010-3704 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated poppler packages that fix two security issues are now available for\nRed Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Poppler is a Portable Document Format (PDF) rendering library, used by\napplications such as Evince.\n\nAn uninitialized pointer use flaw was discovered in poppler. An attacker\ncould create a malicious PDF file that, when opened, would cause\napplications that use poppler (such as Evince) to crash or, potentially,\nexecute arbitrary code. (CVE-2010-3702)\n\nAn array index error was found in the way poppler parsed PostScript Type 1\nfonts embedded in PDF documents. An attacker could create a malicious PDF\nfile that, when opened, would cause applications that use poppler (such as\nEvince) to crash or, potentially, execute arbitrary code. (CVE-2010-3704)\n\nUsers are advised to upgrade to these updated packages, which contain\nbackported patches to correct these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2010:0749",
"url": "https://access.redhat.com/errata/RHSA-2010:0749"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "595245",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=595245"
},
{
"category": "external",
"summary": "638960",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=638960"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2010/rhsa-2010_0749.json"
}
],
"title": "Red Hat Security Advisory: poppler security update",
"tracking": {
"current_release_date": "2026-01-28T22:51:23+00:00",
"generator": {
"date": "2026-01-28T22:51:23+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.16"
}
},
"id": "RHSA-2010:0749",
"initial_release_date": "2010-10-07T15:02:00+00:00",
"revision_history": [
{
"date": "2010-10-07T15:02:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2010-10-07T11:05:08+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-28T22:51:23+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client_workstation"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product": {
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.x86_64",
"product": {
"name": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.x86_64",
"product_id": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/poppler-debuginfo@0.5.4-4.4.el5_5.14?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "poppler-devel-0:0.5.4-4.4.el5_5.14.x86_64",
"product": {
"name": "poppler-devel-0:0.5.4-4.4.el5_5.14.x86_64",
"product_id": "poppler-devel-0:0.5.4-4.4.el5_5.14.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/poppler-devel@0.5.4-4.4.el5_5.14?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "poppler-utils-0:0.5.4-4.4.el5_5.14.x86_64",
"product": {
"name": "poppler-utils-0:0.5.4-4.4.el5_5.14.x86_64",
"product_id": "poppler-utils-0:0.5.4-4.4.el5_5.14.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/poppler-utils@0.5.4-4.4.el5_5.14?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "poppler-0:0.5.4-4.4.el5_5.14.x86_64",
"product": {
"name": "poppler-0:0.5.4-4.4.el5_5.14.x86_64",
"product_id": "poppler-0:0.5.4-4.4.el5_5.14.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/poppler@0.5.4-4.4.el5_5.14?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.i386",
"product": {
"name": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.i386",
"product_id": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/poppler-debuginfo@0.5.4-4.4.el5_5.14?arch=i386"
}
}
},
{
"category": "product_version",
"name": "poppler-devel-0:0.5.4-4.4.el5_5.14.i386",
"product": {
"name": "poppler-devel-0:0.5.4-4.4.el5_5.14.i386",
"product_id": "poppler-devel-0:0.5.4-4.4.el5_5.14.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/poppler-devel@0.5.4-4.4.el5_5.14?arch=i386"
}
}
},
{
"category": "product_version",
"name": "poppler-0:0.5.4-4.4.el5_5.14.i386",
"product": {
"name": "poppler-0:0.5.4-4.4.el5_5.14.i386",
"product_id": "poppler-0:0.5.4-4.4.el5_5.14.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/poppler@0.5.4-4.4.el5_5.14?arch=i386"
}
}
},
{
"category": "product_version",
"name": "poppler-utils-0:0.5.4-4.4.el5_5.14.i386",
"product": {
"name": "poppler-utils-0:0.5.4-4.4.el5_5.14.i386",
"product_id": "poppler-utils-0:0.5.4-4.4.el5_5.14.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/poppler-utils@0.5.4-4.4.el5_5.14?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "poppler-0:0.5.4-4.4.el5_5.14.src",
"product": {
"name": "poppler-0:0.5.4-4.4.el5_5.14.src",
"product_id": "poppler-0:0.5.4-4.4.el5_5.14.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/poppler@0.5.4-4.4.el5_5.14?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "poppler-utils-0:0.5.4-4.4.el5_5.14.ia64",
"product": {
"name": "poppler-utils-0:0.5.4-4.4.el5_5.14.ia64",
"product_id": "poppler-utils-0:0.5.4-4.4.el5_5.14.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/poppler-utils@0.5.4-4.4.el5_5.14?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ia64",
"product": {
"name": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ia64",
"product_id": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/poppler-debuginfo@0.5.4-4.4.el5_5.14?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "poppler-0:0.5.4-4.4.el5_5.14.ia64",
"product": {
"name": "poppler-0:0.5.4-4.4.el5_5.14.ia64",
"product_id": "poppler-0:0.5.4-4.4.el5_5.14.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/poppler@0.5.4-4.4.el5_5.14?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "poppler-devel-0:0.5.4-4.4.el5_5.14.ia64",
"product": {
"name": "poppler-devel-0:0.5.4-4.4.el5_5.14.ia64",
"product_id": "poppler-devel-0:0.5.4-4.4.el5_5.14.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/poppler-devel@0.5.4-4.4.el5_5.14?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "poppler-utils-0:0.5.4-4.4.el5_5.14.ppc",
"product": {
"name": "poppler-utils-0:0.5.4-4.4.el5_5.14.ppc",
"product_id": "poppler-utils-0:0.5.4-4.4.el5_5.14.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/poppler-utils@0.5.4-4.4.el5_5.14?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc",
"product": {
"name": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc",
"product_id": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/poppler-debuginfo@0.5.4-4.4.el5_5.14?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "poppler-0:0.5.4-4.4.el5_5.14.ppc",
"product": {
"name": "poppler-0:0.5.4-4.4.el5_5.14.ppc",
"product_id": "poppler-0:0.5.4-4.4.el5_5.14.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/poppler@0.5.4-4.4.el5_5.14?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "poppler-devel-0:0.5.4-4.4.el5_5.14.ppc",
"product": {
"name": "poppler-devel-0:0.5.4-4.4.el5_5.14.ppc",
"product_id": "poppler-devel-0:0.5.4-4.4.el5_5.14.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/poppler-devel@0.5.4-4.4.el5_5.14?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc64",
"product": {
"name": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc64",
"product_id": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/poppler-debuginfo@0.5.4-4.4.el5_5.14?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "poppler-0:0.5.4-4.4.el5_5.14.ppc64",
"product": {
"name": "poppler-0:0.5.4-4.4.el5_5.14.ppc64",
"product_id": "poppler-0:0.5.4-4.4.el5_5.14.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/poppler@0.5.4-4.4.el5_5.14?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "poppler-devel-0:0.5.4-4.4.el5_5.14.ppc64",
"product": {
"name": "poppler-devel-0:0.5.4-4.4.el5_5.14.ppc64",
"product_id": "poppler-devel-0:0.5.4-4.4.el5_5.14.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/poppler-devel@0.5.4-4.4.el5_5.14?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "poppler-utils-0:0.5.4-4.4.el5_5.14.s390x",
"product": {
"name": "poppler-utils-0:0.5.4-4.4.el5_5.14.s390x",
"product_id": "poppler-utils-0:0.5.4-4.4.el5_5.14.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/poppler-utils@0.5.4-4.4.el5_5.14?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390x",
"product": {
"name": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390x",
"product_id": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/poppler-debuginfo@0.5.4-4.4.el5_5.14?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "poppler-0:0.5.4-4.4.el5_5.14.s390x",
"product": {
"name": "poppler-0:0.5.4-4.4.el5_5.14.s390x",
"product_id": "poppler-0:0.5.4-4.4.el5_5.14.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/poppler@0.5.4-4.4.el5_5.14?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "poppler-devel-0:0.5.4-4.4.el5_5.14.s390x",
"product": {
"name": "poppler-devel-0:0.5.4-4.4.el5_5.14.s390x",
"product_id": "poppler-devel-0:0.5.4-4.4.el5_5.14.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/poppler-devel@0.5.4-4.4.el5_5.14?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390",
"product": {
"name": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390",
"product_id": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/poppler-debuginfo@0.5.4-4.4.el5_5.14?arch=s390"
}
}
},
{
"category": "product_version",
"name": "poppler-0:0.5.4-4.4.el5_5.14.s390",
"product": {
"name": "poppler-0:0.5.4-4.4.el5_5.14.s390",
"product_id": "poppler-0:0.5.4-4.4.el5_5.14.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/poppler@0.5.4-4.4.el5_5.14?arch=s390"
}
}
},
{
"category": "product_version",
"name": "poppler-devel-0:0.5.4-4.4.el5_5.14.s390",
"product": {
"name": "poppler-devel-0:0.5.4-4.4.el5_5.14.s390",
"product_id": "poppler-devel-0:0.5.4-4.4.el5_5.14.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/poppler-devel@0.5.4-4.4.el5_5.14?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-0:0.5.4-4.4.el5_5.14.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.i386"
},
"product_reference": "poppler-0:0.5.4-4.4.el5_5.14.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-0:0.5.4-4.4.el5_5.14.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.ia64"
},
"product_reference": "poppler-0:0.5.4-4.4.el5_5.14.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-0:0.5.4-4.4.el5_5.14.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.ppc"
},
"product_reference": "poppler-0:0.5.4-4.4.el5_5.14.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-0:0.5.4-4.4.el5_5.14.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.ppc64"
},
"product_reference": "poppler-0:0.5.4-4.4.el5_5.14.ppc64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-0:0.5.4-4.4.el5_5.14.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.s390"
},
"product_reference": "poppler-0:0.5.4-4.4.el5_5.14.s390",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-0:0.5.4-4.4.el5_5.14.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.s390x"
},
"product_reference": "poppler-0:0.5.4-4.4.el5_5.14.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-0:0.5.4-4.4.el5_5.14.src as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.src"
},
"product_reference": "poppler-0:0.5.4-4.4.el5_5.14.src",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-0:0.5.4-4.4.el5_5.14.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.x86_64"
},
"product_reference": "poppler-0:0.5.4-4.4.el5_5.14.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.i386"
},
"product_reference": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ia64"
},
"product_reference": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc"
},
"product_reference": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc64"
},
"product_reference": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390"
},
"product_reference": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390x"
},
"product_reference": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.x86_64"
},
"product_reference": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-devel-0:0.5.4-4.4.el5_5.14.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.i386"
},
"product_reference": "poppler-devel-0:0.5.4-4.4.el5_5.14.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-devel-0:0.5.4-4.4.el5_5.14.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.ia64"
},
"product_reference": "poppler-devel-0:0.5.4-4.4.el5_5.14.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-devel-0:0.5.4-4.4.el5_5.14.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.ppc"
},
"product_reference": "poppler-devel-0:0.5.4-4.4.el5_5.14.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-devel-0:0.5.4-4.4.el5_5.14.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.ppc64"
},
"product_reference": "poppler-devel-0:0.5.4-4.4.el5_5.14.ppc64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-devel-0:0.5.4-4.4.el5_5.14.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.s390"
},
"product_reference": "poppler-devel-0:0.5.4-4.4.el5_5.14.s390",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-devel-0:0.5.4-4.4.el5_5.14.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.s390x"
},
"product_reference": "poppler-devel-0:0.5.4-4.4.el5_5.14.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-devel-0:0.5.4-4.4.el5_5.14.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.x86_64"
},
"product_reference": "poppler-devel-0:0.5.4-4.4.el5_5.14.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-utils-0:0.5.4-4.4.el5_5.14.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_5.14.i386"
},
"product_reference": "poppler-utils-0:0.5.4-4.4.el5_5.14.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-utils-0:0.5.4-4.4.el5_5.14.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_5.14.ia64"
},
"product_reference": "poppler-utils-0:0.5.4-4.4.el5_5.14.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-utils-0:0.5.4-4.4.el5_5.14.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_5.14.ppc"
},
"product_reference": "poppler-utils-0:0.5.4-4.4.el5_5.14.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-utils-0:0.5.4-4.4.el5_5.14.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_5.14.s390x"
},
"product_reference": "poppler-utils-0:0.5.4-4.4.el5_5.14.s390x",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-utils-0:0.5.4-4.4.el5_5.14.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_5.14.x86_64"
},
"product_reference": "poppler-utils-0:0.5.4-4.4.el5_5.14.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-0:0.5.4-4.4.el5_5.14.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:poppler-0:0.5.4-4.4.el5_5.14.i386"
},
"product_reference": "poppler-0:0.5.4-4.4.el5_5.14.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-0:0.5.4-4.4.el5_5.14.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:poppler-0:0.5.4-4.4.el5_5.14.ia64"
},
"product_reference": "poppler-0:0.5.4-4.4.el5_5.14.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-0:0.5.4-4.4.el5_5.14.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:poppler-0:0.5.4-4.4.el5_5.14.ppc"
},
"product_reference": "poppler-0:0.5.4-4.4.el5_5.14.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-0:0.5.4-4.4.el5_5.14.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:poppler-0:0.5.4-4.4.el5_5.14.ppc64"
},
"product_reference": "poppler-0:0.5.4-4.4.el5_5.14.ppc64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-0:0.5.4-4.4.el5_5.14.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:poppler-0:0.5.4-4.4.el5_5.14.s390"
},
"product_reference": "poppler-0:0.5.4-4.4.el5_5.14.s390",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-0:0.5.4-4.4.el5_5.14.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:poppler-0:0.5.4-4.4.el5_5.14.s390x"
},
"product_reference": "poppler-0:0.5.4-4.4.el5_5.14.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-0:0.5.4-4.4.el5_5.14.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:poppler-0:0.5.4-4.4.el5_5.14.src"
},
"product_reference": "poppler-0:0.5.4-4.4.el5_5.14.src",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-0:0.5.4-4.4.el5_5.14.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:poppler-0:0.5.4-4.4.el5_5.14.x86_64"
},
"product_reference": "poppler-0:0.5.4-4.4.el5_5.14.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.i386"
},
"product_reference": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ia64"
},
"product_reference": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc"
},
"product_reference": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc64"
},
"product_reference": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390"
},
"product_reference": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390x"
},
"product_reference": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.x86_64"
},
"product_reference": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-devel-0:0.5.4-4.4.el5_5.14.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.i386"
},
"product_reference": "poppler-devel-0:0.5.4-4.4.el5_5.14.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-devel-0:0.5.4-4.4.el5_5.14.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.ia64"
},
"product_reference": "poppler-devel-0:0.5.4-4.4.el5_5.14.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-devel-0:0.5.4-4.4.el5_5.14.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.ppc"
},
"product_reference": "poppler-devel-0:0.5.4-4.4.el5_5.14.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-devel-0:0.5.4-4.4.el5_5.14.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.ppc64"
},
"product_reference": "poppler-devel-0:0.5.4-4.4.el5_5.14.ppc64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-devel-0:0.5.4-4.4.el5_5.14.s390 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.s390"
},
"product_reference": "poppler-devel-0:0.5.4-4.4.el5_5.14.s390",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-devel-0:0.5.4-4.4.el5_5.14.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.s390x"
},
"product_reference": "poppler-devel-0:0.5.4-4.4.el5_5.14.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-devel-0:0.5.4-4.4.el5_5.14.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.x86_64"
},
"product_reference": "poppler-devel-0:0.5.4-4.4.el5_5.14.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-utils-0:0.5.4-4.4.el5_5.14.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:poppler-utils-0:0.5.4-4.4.el5_5.14.i386"
},
"product_reference": "poppler-utils-0:0.5.4-4.4.el5_5.14.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-utils-0:0.5.4-4.4.el5_5.14.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:poppler-utils-0:0.5.4-4.4.el5_5.14.ia64"
},
"product_reference": "poppler-utils-0:0.5.4-4.4.el5_5.14.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-utils-0:0.5.4-4.4.el5_5.14.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:poppler-utils-0:0.5.4-4.4.el5_5.14.ppc"
},
"product_reference": "poppler-utils-0:0.5.4-4.4.el5_5.14.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-utils-0:0.5.4-4.4.el5_5.14.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:poppler-utils-0:0.5.4-4.4.el5_5.14.s390x"
},
"product_reference": "poppler-utils-0:0.5.4-4.4.el5_5.14.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-utils-0:0.5.4-4.4.el5_5.14.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:poppler-utils-0:0.5.4-4.4.el5_5.14.x86_64"
},
"product_reference": "poppler-utils-0:0.5.4-4.4.el5_5.14.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-0:0.5.4-4.4.el5_5.14.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:poppler-0:0.5.4-4.4.el5_5.14.i386"
},
"product_reference": "poppler-0:0.5.4-4.4.el5_5.14.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-0:0.5.4-4.4.el5_5.14.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:poppler-0:0.5.4-4.4.el5_5.14.ia64"
},
"product_reference": "poppler-0:0.5.4-4.4.el5_5.14.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-0:0.5.4-4.4.el5_5.14.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:poppler-0:0.5.4-4.4.el5_5.14.ppc"
},
"product_reference": "poppler-0:0.5.4-4.4.el5_5.14.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-0:0.5.4-4.4.el5_5.14.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:poppler-0:0.5.4-4.4.el5_5.14.ppc64"
},
"product_reference": "poppler-0:0.5.4-4.4.el5_5.14.ppc64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-0:0.5.4-4.4.el5_5.14.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:poppler-0:0.5.4-4.4.el5_5.14.s390"
},
"product_reference": "poppler-0:0.5.4-4.4.el5_5.14.s390",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-0:0.5.4-4.4.el5_5.14.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:poppler-0:0.5.4-4.4.el5_5.14.s390x"
},
"product_reference": "poppler-0:0.5.4-4.4.el5_5.14.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-0:0.5.4-4.4.el5_5.14.src as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:poppler-0:0.5.4-4.4.el5_5.14.src"
},
"product_reference": "poppler-0:0.5.4-4.4.el5_5.14.src",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-0:0.5.4-4.4.el5_5.14.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:poppler-0:0.5.4-4.4.el5_5.14.x86_64"
},
"product_reference": "poppler-0:0.5.4-4.4.el5_5.14.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.i386"
},
"product_reference": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ia64"
},
"product_reference": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc"
},
"product_reference": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc64"
},
"product_reference": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390"
},
"product_reference": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390x"
},
"product_reference": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.x86_64"
},
"product_reference": "poppler-debuginfo-0:0.5.4-4.4.el5_5.14.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-devel-0:0.5.4-4.4.el5_5.14.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.i386"
},
"product_reference": "poppler-devel-0:0.5.4-4.4.el5_5.14.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-devel-0:0.5.4-4.4.el5_5.14.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.ia64"
},
"product_reference": "poppler-devel-0:0.5.4-4.4.el5_5.14.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-devel-0:0.5.4-4.4.el5_5.14.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.ppc"
},
"product_reference": "poppler-devel-0:0.5.4-4.4.el5_5.14.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-devel-0:0.5.4-4.4.el5_5.14.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.ppc64"
},
"product_reference": "poppler-devel-0:0.5.4-4.4.el5_5.14.ppc64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-devel-0:0.5.4-4.4.el5_5.14.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.s390"
},
"product_reference": "poppler-devel-0:0.5.4-4.4.el5_5.14.s390",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-devel-0:0.5.4-4.4.el5_5.14.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.s390x"
},
"product_reference": "poppler-devel-0:0.5.4-4.4.el5_5.14.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-devel-0:0.5.4-4.4.el5_5.14.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.x86_64"
},
"product_reference": "poppler-devel-0:0.5.4-4.4.el5_5.14.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-utils-0:0.5.4-4.4.el5_5.14.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:poppler-utils-0:0.5.4-4.4.el5_5.14.i386"
},
"product_reference": "poppler-utils-0:0.5.4-4.4.el5_5.14.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-utils-0:0.5.4-4.4.el5_5.14.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:poppler-utils-0:0.5.4-4.4.el5_5.14.ia64"
},
"product_reference": "poppler-utils-0:0.5.4-4.4.el5_5.14.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-utils-0:0.5.4-4.4.el5_5.14.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:poppler-utils-0:0.5.4-4.4.el5_5.14.ppc"
},
"product_reference": "poppler-utils-0:0.5.4-4.4.el5_5.14.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-utils-0:0.5.4-4.4.el5_5.14.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:poppler-utils-0:0.5.4-4.4.el5_5.14.s390x"
},
"product_reference": "poppler-utils-0:0.5.4-4.4.el5_5.14.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "poppler-utils-0:0.5.4-4.4.el5_5.14.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:poppler-utils-0:0.5.4-4.4.el5_5.14.x86_64"
},
"product_reference": "poppler-utils-0:0.5.4-4.4.el5_5.14.x86_64",
"relates_to_product_reference": "5Server"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2010-3702",
"discovery_date": "2010-05-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "595245"
}
],
"notes": [
{
"category": "description",
"text": "The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, CUPS, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) via unknown vectors that trigger an uninitialized pointer dereference.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xpdf: uninitialized Gfx::parser pointer dereference",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.i386",
"5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.ia64",
"5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.ppc",
"5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.ppc64",
"5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.s390",
"5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.s390x",
"5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.src",
"5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.x86_64",
"5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.i386",
"5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ia64",
"5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc",
"5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc64",
"5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390",
"5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390x",
"5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.x86_64",
"5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.i386",
"5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.ia64",
"5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.ppc",
"5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.ppc64",
"5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.s390",
"5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.s390x",
"5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.x86_64",
"5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_5.14.i386",
"5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_5.14.ia64",
"5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_5.14.ppc",
"5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_5.14.s390x",
"5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_5.14.x86_64",
"5Client:poppler-0:0.5.4-4.4.el5_5.14.i386",
"5Client:poppler-0:0.5.4-4.4.el5_5.14.ia64",
"5Client:poppler-0:0.5.4-4.4.el5_5.14.ppc",
"5Client:poppler-0:0.5.4-4.4.el5_5.14.ppc64",
"5Client:poppler-0:0.5.4-4.4.el5_5.14.s390",
"5Client:poppler-0:0.5.4-4.4.el5_5.14.s390x",
"5Client:poppler-0:0.5.4-4.4.el5_5.14.src",
"5Client:poppler-0:0.5.4-4.4.el5_5.14.x86_64",
"5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.i386",
"5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ia64",
"5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc",
"5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc64",
"5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390",
"5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390x",
"5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.x86_64",
"5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.i386",
"5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.ia64",
"5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.ppc",
"5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.ppc64",
"5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.s390",
"5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.s390x",
"5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.x86_64",
"5Client:poppler-utils-0:0.5.4-4.4.el5_5.14.i386",
"5Client:poppler-utils-0:0.5.4-4.4.el5_5.14.ia64",
"5Client:poppler-utils-0:0.5.4-4.4.el5_5.14.ppc",
"5Client:poppler-utils-0:0.5.4-4.4.el5_5.14.s390x",
"5Client:poppler-utils-0:0.5.4-4.4.el5_5.14.x86_64",
"5Server:poppler-0:0.5.4-4.4.el5_5.14.i386",
"5Server:poppler-0:0.5.4-4.4.el5_5.14.ia64",
"5Server:poppler-0:0.5.4-4.4.el5_5.14.ppc",
"5Server:poppler-0:0.5.4-4.4.el5_5.14.ppc64",
"5Server:poppler-0:0.5.4-4.4.el5_5.14.s390",
"5Server:poppler-0:0.5.4-4.4.el5_5.14.s390x",
"5Server:poppler-0:0.5.4-4.4.el5_5.14.src",
"5Server:poppler-0:0.5.4-4.4.el5_5.14.x86_64",
"5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.i386",
"5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ia64",
"5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc",
"5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc64",
"5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390",
"5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390x",
"5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.x86_64",
"5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.i386",
"5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.ia64",
"5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.ppc",
"5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.ppc64",
"5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.s390",
"5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.s390x",
"5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.x86_64",
"5Server:poppler-utils-0:0.5.4-4.4.el5_5.14.i386",
"5Server:poppler-utils-0:0.5.4-4.4.el5_5.14.ia64",
"5Server:poppler-utils-0:0.5.4-4.4.el5_5.14.ppc",
"5Server:poppler-utils-0:0.5.4-4.4.el5_5.14.s390x",
"5Server:poppler-utils-0:0.5.4-4.4.el5_5.14.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3702"
},
{
"category": "external",
"summary": "RHBZ#595245",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=595245"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3702",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3702"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3702",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3702"
}
],
"release_date": "2010-09-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-10-07T15:02:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.i386",
"5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.ia64",
"5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.ppc",
"5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.ppc64",
"5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.s390",
"5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.s390x",
"5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.src",
"5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.x86_64",
"5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.i386",
"5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ia64",
"5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc",
"5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc64",
"5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390",
"5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390x",
"5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.x86_64",
"5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.i386",
"5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.ia64",
"5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.ppc",
"5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.ppc64",
"5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.s390",
"5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.s390x",
"5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.x86_64",
"5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_5.14.i386",
"5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_5.14.ia64",
"5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_5.14.ppc",
"5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_5.14.s390x",
"5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_5.14.x86_64",
"5Client:poppler-0:0.5.4-4.4.el5_5.14.i386",
"5Client:poppler-0:0.5.4-4.4.el5_5.14.ia64",
"5Client:poppler-0:0.5.4-4.4.el5_5.14.ppc",
"5Client:poppler-0:0.5.4-4.4.el5_5.14.ppc64",
"5Client:poppler-0:0.5.4-4.4.el5_5.14.s390",
"5Client:poppler-0:0.5.4-4.4.el5_5.14.s390x",
"5Client:poppler-0:0.5.4-4.4.el5_5.14.src",
"5Client:poppler-0:0.5.4-4.4.el5_5.14.x86_64",
"5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.i386",
"5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ia64",
"5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc",
"5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc64",
"5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390",
"5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390x",
"5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.x86_64",
"5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.i386",
"5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.ia64",
"5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.ppc",
"5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.ppc64",
"5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.s390",
"5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.s390x",
"5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.x86_64",
"5Client:poppler-utils-0:0.5.4-4.4.el5_5.14.i386",
"5Client:poppler-utils-0:0.5.4-4.4.el5_5.14.ia64",
"5Client:poppler-utils-0:0.5.4-4.4.el5_5.14.ppc",
"5Client:poppler-utils-0:0.5.4-4.4.el5_5.14.s390x",
"5Client:poppler-utils-0:0.5.4-4.4.el5_5.14.x86_64",
"5Server:poppler-0:0.5.4-4.4.el5_5.14.i386",
"5Server:poppler-0:0.5.4-4.4.el5_5.14.ia64",
"5Server:poppler-0:0.5.4-4.4.el5_5.14.ppc",
"5Server:poppler-0:0.5.4-4.4.el5_5.14.ppc64",
"5Server:poppler-0:0.5.4-4.4.el5_5.14.s390",
"5Server:poppler-0:0.5.4-4.4.el5_5.14.s390x",
"5Server:poppler-0:0.5.4-4.4.el5_5.14.src",
"5Server:poppler-0:0.5.4-4.4.el5_5.14.x86_64",
"5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.i386",
"5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ia64",
"5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc",
"5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc64",
"5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390",
"5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390x",
"5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.x86_64",
"5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.i386",
"5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.ia64",
"5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.ppc",
"5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.ppc64",
"5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.s390",
"5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.s390x",
"5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.x86_64",
"5Server:poppler-utils-0:0.5.4-4.4.el5_5.14.i386",
"5Server:poppler-utils-0:0.5.4-4.4.el5_5.14.ia64",
"5Server:poppler-utils-0:0.5.4-4.4.el5_5.14.ppc",
"5Server:poppler-utils-0:0.5.4-4.4.el5_5.14.s390x",
"5Server:poppler-utils-0:0.5.4-4.4.el5_5.14.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0749"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.i386",
"5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.ia64",
"5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.ppc",
"5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.ppc64",
"5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.s390",
"5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.s390x",
"5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.src",
"5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.x86_64",
"5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.i386",
"5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ia64",
"5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc",
"5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc64",
"5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390",
"5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390x",
"5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.x86_64",
"5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.i386",
"5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.ia64",
"5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.ppc",
"5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.ppc64",
"5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.s390",
"5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.s390x",
"5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.x86_64",
"5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_5.14.i386",
"5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_5.14.ia64",
"5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_5.14.ppc",
"5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_5.14.s390x",
"5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_5.14.x86_64",
"5Client:poppler-0:0.5.4-4.4.el5_5.14.i386",
"5Client:poppler-0:0.5.4-4.4.el5_5.14.ia64",
"5Client:poppler-0:0.5.4-4.4.el5_5.14.ppc",
"5Client:poppler-0:0.5.4-4.4.el5_5.14.ppc64",
"5Client:poppler-0:0.5.4-4.4.el5_5.14.s390",
"5Client:poppler-0:0.5.4-4.4.el5_5.14.s390x",
"5Client:poppler-0:0.5.4-4.4.el5_5.14.src",
"5Client:poppler-0:0.5.4-4.4.el5_5.14.x86_64",
"5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.i386",
"5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ia64",
"5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc",
"5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc64",
"5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390",
"5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390x",
"5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.x86_64",
"5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.i386",
"5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.ia64",
"5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.ppc",
"5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.ppc64",
"5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.s390",
"5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.s390x",
"5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.x86_64",
"5Client:poppler-utils-0:0.5.4-4.4.el5_5.14.i386",
"5Client:poppler-utils-0:0.5.4-4.4.el5_5.14.ia64",
"5Client:poppler-utils-0:0.5.4-4.4.el5_5.14.ppc",
"5Client:poppler-utils-0:0.5.4-4.4.el5_5.14.s390x",
"5Client:poppler-utils-0:0.5.4-4.4.el5_5.14.x86_64",
"5Server:poppler-0:0.5.4-4.4.el5_5.14.i386",
"5Server:poppler-0:0.5.4-4.4.el5_5.14.ia64",
"5Server:poppler-0:0.5.4-4.4.el5_5.14.ppc",
"5Server:poppler-0:0.5.4-4.4.el5_5.14.ppc64",
"5Server:poppler-0:0.5.4-4.4.el5_5.14.s390",
"5Server:poppler-0:0.5.4-4.4.el5_5.14.s390x",
"5Server:poppler-0:0.5.4-4.4.el5_5.14.src",
"5Server:poppler-0:0.5.4-4.4.el5_5.14.x86_64",
"5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.i386",
"5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ia64",
"5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc",
"5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc64",
"5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390",
"5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390x",
"5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.x86_64",
"5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.i386",
"5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.ia64",
"5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.ppc",
"5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.ppc64",
"5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.s390",
"5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.s390x",
"5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.x86_64",
"5Server:poppler-utils-0:0.5.4-4.4.el5_5.14.i386",
"5Server:poppler-utils-0:0.5.4-4.4.el5_5.14.ia64",
"5Server:poppler-utils-0:0.5.4-4.4.el5_5.14.ppc",
"5Server:poppler-utils-0:0.5.4-4.4.el5_5.14.s390x",
"5Server:poppler-utils-0:0.5.4-4.4.el5_5.14.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "xpdf: uninitialized Gfx::parser pointer dereference"
},
{
"cve": "CVE-2010-3704",
"discovery_date": "2010-09-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "638960"
}
],
"notes": [
{
"category": "description",
"text": "The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with a crafted PostScript Type1 font that contains a negative array index, which bypasses input validation and triggers memory corruption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xpdf: array indexing error in FoFiType1::parse()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.i386",
"5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.ia64",
"5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.ppc",
"5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.ppc64",
"5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.s390",
"5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.s390x",
"5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.src",
"5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.x86_64",
"5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.i386",
"5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ia64",
"5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc",
"5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc64",
"5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390",
"5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390x",
"5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.x86_64",
"5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.i386",
"5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.ia64",
"5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.ppc",
"5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.ppc64",
"5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.s390",
"5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.s390x",
"5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.x86_64",
"5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_5.14.i386",
"5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_5.14.ia64",
"5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_5.14.ppc",
"5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_5.14.s390x",
"5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_5.14.x86_64",
"5Client:poppler-0:0.5.4-4.4.el5_5.14.i386",
"5Client:poppler-0:0.5.4-4.4.el5_5.14.ia64",
"5Client:poppler-0:0.5.4-4.4.el5_5.14.ppc",
"5Client:poppler-0:0.5.4-4.4.el5_5.14.ppc64",
"5Client:poppler-0:0.5.4-4.4.el5_5.14.s390",
"5Client:poppler-0:0.5.4-4.4.el5_5.14.s390x",
"5Client:poppler-0:0.5.4-4.4.el5_5.14.src",
"5Client:poppler-0:0.5.4-4.4.el5_5.14.x86_64",
"5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.i386",
"5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ia64",
"5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc",
"5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc64",
"5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390",
"5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390x",
"5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.x86_64",
"5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.i386",
"5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.ia64",
"5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.ppc",
"5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.ppc64",
"5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.s390",
"5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.s390x",
"5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.x86_64",
"5Client:poppler-utils-0:0.5.4-4.4.el5_5.14.i386",
"5Client:poppler-utils-0:0.5.4-4.4.el5_5.14.ia64",
"5Client:poppler-utils-0:0.5.4-4.4.el5_5.14.ppc",
"5Client:poppler-utils-0:0.5.4-4.4.el5_5.14.s390x",
"5Client:poppler-utils-0:0.5.4-4.4.el5_5.14.x86_64",
"5Server:poppler-0:0.5.4-4.4.el5_5.14.i386",
"5Server:poppler-0:0.5.4-4.4.el5_5.14.ia64",
"5Server:poppler-0:0.5.4-4.4.el5_5.14.ppc",
"5Server:poppler-0:0.5.4-4.4.el5_5.14.ppc64",
"5Server:poppler-0:0.5.4-4.4.el5_5.14.s390",
"5Server:poppler-0:0.5.4-4.4.el5_5.14.s390x",
"5Server:poppler-0:0.5.4-4.4.el5_5.14.src",
"5Server:poppler-0:0.5.4-4.4.el5_5.14.x86_64",
"5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.i386",
"5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ia64",
"5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc",
"5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc64",
"5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390",
"5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390x",
"5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.x86_64",
"5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.i386",
"5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.ia64",
"5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.ppc",
"5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.ppc64",
"5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.s390",
"5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.s390x",
"5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.x86_64",
"5Server:poppler-utils-0:0.5.4-4.4.el5_5.14.i386",
"5Server:poppler-utils-0:0.5.4-4.4.el5_5.14.ia64",
"5Server:poppler-utils-0:0.5.4-4.4.el5_5.14.ppc",
"5Server:poppler-utils-0:0.5.4-4.4.el5_5.14.s390x",
"5Server:poppler-utils-0:0.5.4-4.4.el5_5.14.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3704"
},
{
"category": "external",
"summary": "RHBZ#638960",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=638960"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3704",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3704"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3704",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3704"
}
],
"release_date": "2010-09-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-10-07T15:02:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.i386",
"5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.ia64",
"5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.ppc",
"5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.ppc64",
"5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.s390",
"5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.s390x",
"5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.src",
"5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.x86_64",
"5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.i386",
"5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ia64",
"5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc",
"5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc64",
"5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390",
"5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390x",
"5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.x86_64",
"5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.i386",
"5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.ia64",
"5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.ppc",
"5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.ppc64",
"5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.s390",
"5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.s390x",
"5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.x86_64",
"5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_5.14.i386",
"5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_5.14.ia64",
"5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_5.14.ppc",
"5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_5.14.s390x",
"5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_5.14.x86_64",
"5Client:poppler-0:0.5.4-4.4.el5_5.14.i386",
"5Client:poppler-0:0.5.4-4.4.el5_5.14.ia64",
"5Client:poppler-0:0.5.4-4.4.el5_5.14.ppc",
"5Client:poppler-0:0.5.4-4.4.el5_5.14.ppc64",
"5Client:poppler-0:0.5.4-4.4.el5_5.14.s390",
"5Client:poppler-0:0.5.4-4.4.el5_5.14.s390x",
"5Client:poppler-0:0.5.4-4.4.el5_5.14.src",
"5Client:poppler-0:0.5.4-4.4.el5_5.14.x86_64",
"5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.i386",
"5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ia64",
"5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc",
"5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc64",
"5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390",
"5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390x",
"5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.x86_64",
"5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.i386",
"5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.ia64",
"5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.ppc",
"5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.ppc64",
"5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.s390",
"5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.s390x",
"5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.x86_64",
"5Client:poppler-utils-0:0.5.4-4.4.el5_5.14.i386",
"5Client:poppler-utils-0:0.5.4-4.4.el5_5.14.ia64",
"5Client:poppler-utils-0:0.5.4-4.4.el5_5.14.ppc",
"5Client:poppler-utils-0:0.5.4-4.4.el5_5.14.s390x",
"5Client:poppler-utils-0:0.5.4-4.4.el5_5.14.x86_64",
"5Server:poppler-0:0.5.4-4.4.el5_5.14.i386",
"5Server:poppler-0:0.5.4-4.4.el5_5.14.ia64",
"5Server:poppler-0:0.5.4-4.4.el5_5.14.ppc",
"5Server:poppler-0:0.5.4-4.4.el5_5.14.ppc64",
"5Server:poppler-0:0.5.4-4.4.el5_5.14.s390",
"5Server:poppler-0:0.5.4-4.4.el5_5.14.s390x",
"5Server:poppler-0:0.5.4-4.4.el5_5.14.src",
"5Server:poppler-0:0.5.4-4.4.el5_5.14.x86_64",
"5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.i386",
"5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ia64",
"5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc",
"5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc64",
"5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390",
"5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390x",
"5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.x86_64",
"5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.i386",
"5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.ia64",
"5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.ppc",
"5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.ppc64",
"5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.s390",
"5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.s390x",
"5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.x86_64",
"5Server:poppler-utils-0:0.5.4-4.4.el5_5.14.i386",
"5Server:poppler-utils-0:0.5.4-4.4.el5_5.14.ia64",
"5Server:poppler-utils-0:0.5.4-4.4.el5_5.14.ppc",
"5Server:poppler-utils-0:0.5.4-4.4.el5_5.14.s390x",
"5Server:poppler-utils-0:0.5.4-4.4.el5_5.14.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0749"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.i386",
"5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.ia64",
"5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.ppc",
"5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.ppc64",
"5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.s390",
"5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.s390x",
"5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.src",
"5Client-Workstation:poppler-0:0.5.4-4.4.el5_5.14.x86_64",
"5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.i386",
"5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ia64",
"5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc",
"5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc64",
"5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390",
"5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390x",
"5Client-Workstation:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.x86_64",
"5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.i386",
"5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.ia64",
"5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.ppc",
"5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.ppc64",
"5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.s390",
"5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.s390x",
"5Client-Workstation:poppler-devel-0:0.5.4-4.4.el5_5.14.x86_64",
"5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_5.14.i386",
"5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_5.14.ia64",
"5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_5.14.ppc",
"5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_5.14.s390x",
"5Client-Workstation:poppler-utils-0:0.5.4-4.4.el5_5.14.x86_64",
"5Client:poppler-0:0.5.4-4.4.el5_5.14.i386",
"5Client:poppler-0:0.5.4-4.4.el5_5.14.ia64",
"5Client:poppler-0:0.5.4-4.4.el5_5.14.ppc",
"5Client:poppler-0:0.5.4-4.4.el5_5.14.ppc64",
"5Client:poppler-0:0.5.4-4.4.el5_5.14.s390",
"5Client:poppler-0:0.5.4-4.4.el5_5.14.s390x",
"5Client:poppler-0:0.5.4-4.4.el5_5.14.src",
"5Client:poppler-0:0.5.4-4.4.el5_5.14.x86_64",
"5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.i386",
"5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ia64",
"5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc",
"5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc64",
"5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390",
"5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390x",
"5Client:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.x86_64",
"5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.i386",
"5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.ia64",
"5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.ppc",
"5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.ppc64",
"5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.s390",
"5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.s390x",
"5Client:poppler-devel-0:0.5.4-4.4.el5_5.14.x86_64",
"5Client:poppler-utils-0:0.5.4-4.4.el5_5.14.i386",
"5Client:poppler-utils-0:0.5.4-4.4.el5_5.14.ia64",
"5Client:poppler-utils-0:0.5.4-4.4.el5_5.14.ppc",
"5Client:poppler-utils-0:0.5.4-4.4.el5_5.14.s390x",
"5Client:poppler-utils-0:0.5.4-4.4.el5_5.14.x86_64",
"5Server:poppler-0:0.5.4-4.4.el5_5.14.i386",
"5Server:poppler-0:0.5.4-4.4.el5_5.14.ia64",
"5Server:poppler-0:0.5.4-4.4.el5_5.14.ppc",
"5Server:poppler-0:0.5.4-4.4.el5_5.14.ppc64",
"5Server:poppler-0:0.5.4-4.4.el5_5.14.s390",
"5Server:poppler-0:0.5.4-4.4.el5_5.14.s390x",
"5Server:poppler-0:0.5.4-4.4.el5_5.14.src",
"5Server:poppler-0:0.5.4-4.4.el5_5.14.x86_64",
"5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.i386",
"5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ia64",
"5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc",
"5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.ppc64",
"5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390",
"5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.s390x",
"5Server:poppler-debuginfo-0:0.5.4-4.4.el5_5.14.x86_64",
"5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.i386",
"5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.ia64",
"5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.ppc",
"5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.ppc64",
"5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.s390",
"5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.s390x",
"5Server:poppler-devel-0:0.5.4-4.4.el5_5.14.x86_64",
"5Server:poppler-utils-0:0.5.4-4.4.el5_5.14.i386",
"5Server:poppler-utils-0:0.5.4-4.4.el5_5.14.ia64",
"5Server:poppler-utils-0:0.5.4-4.4.el5_5.14.ppc",
"5Server:poppler-utils-0:0.5.4-4.4.el5_5.14.s390x",
"5Server:poppler-utils-0:0.5.4-4.4.el5_5.14.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "xpdf: array indexing error in FoFiType1::parse()"
}
]
}
RHSA-2010:0751
Vulnerability from csaf_redhat - Published: 2010-10-07 15:23 - Updated: 2026-01-28 22:51Summary
Red Hat Security Advisory: xpdf security update
Severity
Important
Notes
Topic: An updated xpdf package that fixes two security issues is now available for
Red Hat Enterprise Linux 4.
The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.
Details: Xpdf is an X Window System based viewer for Portable Document Format (PDF)
files.
An uninitialized pointer use flaw was discovered in Xpdf. An attacker could
create a malicious PDF file that, when opened, would cause Xpdf to crash
or, potentially, execute arbitrary code. (CVE-2010-3702)
An array index error was found in the way Xpdf parsed PostScript Type 1
fonts embedded in PDF documents. An attacker could create a malicious PDF
file that, when opened, would cause Xpdf to crash or, potentially, execute
arbitrary code. (CVE-2010-3704)
Users are advised to upgrade to this updated package, which contains
backported patches to correct these issues.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, CUPS, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) via unknown vectors that trigger an uninitialized pointer dereference.
5.8 ()
Affected products
Fixed
52 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS:xpdf-1:3.00-24.el4_8.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:xpdf-1:3.00-24.el4_8.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:xpdf-1:3.00-24.el4_8.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:xpdf-1:3.00-24.el4_8.1.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:xpdf-1:3.00-24.el4_8.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:xpdf-1:3.00-24.el4_8.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:xpdf-1:3.00-24.el4_8.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:xpdf-debuginfo-1:3.00-24.el4_8.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:xpdf-debuginfo-1:3.00-24.el4_8.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:xpdf-debuginfo-1:3.00-24.el4_8.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:xpdf-debuginfo-1:3.00-24.el4_8.1.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:xpdf-debuginfo-1:3.00-24.el4_8.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:xpdf-debuginfo-1:3.00-24.el4_8.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:xpdf-1:3.00-24.el4_8.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:xpdf-1:3.00-24.el4_8.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:xpdf-1:3.00-24.el4_8.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:xpdf-1:3.00-24.el4_8.1.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:xpdf-1:3.00-24.el4_8.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:xpdf-1:3.00-24.el4_8.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:xpdf-1:3.00-24.el4_8.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:xpdf-debuginfo-1:3.00-24.el4_8.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:xpdf-debuginfo-1:3.00-24.el4_8.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:xpdf-debuginfo-1:3.00-24.el4_8.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:xpdf-debuginfo-1:3.00-24.el4_8.1.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:xpdf-debuginfo-1:3.00-24.el4_8.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:xpdf-debuginfo-1:3.00-24.el4_8.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:xpdf-1:3.00-24.el4_8.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:xpdf-1:3.00-24.el4_8.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:xpdf-1:3.00-24.el4_8.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:xpdf-1:3.00-24.el4_8.1.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:xpdf-1:3.00-24.el4_8.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:xpdf-1:3.00-24.el4_8.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:xpdf-1:3.00-24.el4_8.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:xpdf-debuginfo-1:3.00-24.el4_8.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:xpdf-debuginfo-1:3.00-24.el4_8.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:xpdf-debuginfo-1:3.00-24.el4_8.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:xpdf-debuginfo-1:3.00-24.el4_8.1.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:xpdf-debuginfo-1:3.00-24.el4_8.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:xpdf-debuginfo-1:3.00-24.el4_8.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:xpdf-1:3.00-24.el4_8.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:xpdf-1:3.00-24.el4_8.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:xpdf-1:3.00-24.el4_8.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:xpdf-1:3.00-24.el4_8.1.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:xpdf-1:3.00-24.el4_8.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:xpdf-1:3.00-24.el4_8.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:xpdf-1:3.00-24.el4_8.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:xpdf-debuginfo-1:3.00-24.el4_8.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:xpdf-debuginfo-1:3.00-24.el4_8.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:xpdf-debuginfo-1:3.00-24.el4_8.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:xpdf-debuginfo-1:3.00-24.el4_8.1.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:xpdf-debuginfo-1:3.00-24.el4_8.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:xpdf-debuginfo-1:3.00-24.el4_8.1.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with a crafted PostScript Type1 font that contains a negative array index, which bypasses input validation and triggers memory corruption.
6.8 ()
Affected products
Fixed
52 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS:xpdf-1:3.00-24.el4_8.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:xpdf-1:3.00-24.el4_8.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:xpdf-1:3.00-24.el4_8.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:xpdf-1:3.00-24.el4_8.1.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:xpdf-1:3.00-24.el4_8.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:xpdf-1:3.00-24.el4_8.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:xpdf-1:3.00-24.el4_8.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:xpdf-debuginfo-1:3.00-24.el4_8.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:xpdf-debuginfo-1:3.00-24.el4_8.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:xpdf-debuginfo-1:3.00-24.el4_8.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:xpdf-debuginfo-1:3.00-24.el4_8.1.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:xpdf-debuginfo-1:3.00-24.el4_8.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:xpdf-debuginfo-1:3.00-24.el4_8.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:xpdf-1:3.00-24.el4_8.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:xpdf-1:3.00-24.el4_8.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:xpdf-1:3.00-24.el4_8.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:xpdf-1:3.00-24.el4_8.1.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:xpdf-1:3.00-24.el4_8.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:xpdf-1:3.00-24.el4_8.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:xpdf-1:3.00-24.el4_8.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:xpdf-debuginfo-1:3.00-24.el4_8.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:xpdf-debuginfo-1:3.00-24.el4_8.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:xpdf-debuginfo-1:3.00-24.el4_8.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:xpdf-debuginfo-1:3.00-24.el4_8.1.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:xpdf-debuginfo-1:3.00-24.el4_8.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:xpdf-debuginfo-1:3.00-24.el4_8.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:xpdf-1:3.00-24.el4_8.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:xpdf-1:3.00-24.el4_8.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:xpdf-1:3.00-24.el4_8.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:xpdf-1:3.00-24.el4_8.1.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:xpdf-1:3.00-24.el4_8.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:xpdf-1:3.00-24.el4_8.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:xpdf-1:3.00-24.el4_8.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:xpdf-debuginfo-1:3.00-24.el4_8.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:xpdf-debuginfo-1:3.00-24.el4_8.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:xpdf-debuginfo-1:3.00-24.el4_8.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:xpdf-debuginfo-1:3.00-24.el4_8.1.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:xpdf-debuginfo-1:3.00-24.el4_8.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:xpdf-debuginfo-1:3.00-24.el4_8.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:xpdf-1:3.00-24.el4_8.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:xpdf-1:3.00-24.el4_8.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:xpdf-1:3.00-24.el4_8.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:xpdf-1:3.00-24.el4_8.1.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:xpdf-1:3.00-24.el4_8.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:xpdf-1:3.00-24.el4_8.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:xpdf-1:3.00-24.el4_8.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:xpdf-debuginfo-1:3.00-24.el4_8.1.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:xpdf-debuginfo-1:3.00-24.el4_8.1.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:xpdf-debuginfo-1:3.00-24.el4_8.1.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:xpdf-debuginfo-1:3.00-24.el4_8.1.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:xpdf-debuginfo-1:3.00-24.el4_8.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:xpdf-debuginfo-1:3.00-24.el4_8.1.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
References
13 references
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2010:0751 | self |
| https://access.redhat.com/security/updates/classi… | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=595245 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=638960 | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2010-3702 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=595245 | external |
| https://www.cve.org/CVERecord?id=CVE-2010-3702 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2010-3702 | external |
| https://access.redhat.com/security/cve/CVE-2010-3704 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=638960 | external |
| https://www.cve.org/CVERecord?id=CVE-2010-3704 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2010-3704 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An updated xpdf package that fixes two security issues is now available for\nRed Hat Enterprise Linux 4.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Xpdf is an X Window System based viewer for Portable Document Format (PDF)\nfiles.\n\nAn uninitialized pointer use flaw was discovered in Xpdf. An attacker could\ncreate a malicious PDF file that, when opened, would cause Xpdf to crash\nor, potentially, execute arbitrary code. (CVE-2010-3702)\n\nAn array index error was found in the way Xpdf parsed PostScript Type 1\nfonts embedded in PDF documents. An attacker could create a malicious PDF\nfile that, when opened, would cause Xpdf to crash or, potentially, execute\narbitrary code. (CVE-2010-3704)\n\nUsers are advised to upgrade to this updated package, which contains\nbackported patches to correct these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2010:0751",
"url": "https://access.redhat.com/errata/RHSA-2010:0751"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "595245",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=595245"
},
{
"category": "external",
"summary": "638960",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=638960"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2010/rhsa-2010_0751.json"
}
],
"title": "Red Hat Security Advisory: xpdf security update",
"tracking": {
"current_release_date": "2026-01-28T22:51:22+00:00",
"generator": {
"date": "2026-01-28T22:51:22+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.16"
}
},
"id": "RHSA-2010:0751",
"initial_release_date": "2010-10-07T15:23:00+00:00",
"revision_history": [
{
"date": "2010-10-07T15:23:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2010-10-07T11:26:14+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-28T22:51:22+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 4",
"product": {
"name": "Red Hat Enterprise Linux AS version 4",
"product_id": "4AS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::as"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop version 4",
"product": {
"name": "Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::desktop"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 4",
"product": {
"name": "Red Hat Enterprise Linux ES version 4",
"product_id": "4ES",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::es"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 4",
"product": {
"name": "Red Hat Enterprise Linux WS version 4",
"product_id": "4WS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::ws"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "xpdf-debuginfo-1:3.00-24.el4_8.1.ia64",
"product": {
"name": "xpdf-debuginfo-1:3.00-24.el4_8.1.ia64",
"product_id": "xpdf-debuginfo-1:3.00-24.el4_8.1.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xpdf-debuginfo@3.00-24.el4_8.1?arch=ia64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "xpdf-1:3.00-24.el4_8.1.ia64",
"product": {
"name": "xpdf-1:3.00-24.el4_8.1.ia64",
"product_id": "xpdf-1:3.00-24.el4_8.1.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xpdf@3.00-24.el4_8.1?arch=ia64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "xpdf-debuginfo-1:3.00-24.el4_8.1.x86_64",
"product": {
"name": "xpdf-debuginfo-1:3.00-24.el4_8.1.x86_64",
"product_id": "xpdf-debuginfo-1:3.00-24.el4_8.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xpdf-debuginfo@3.00-24.el4_8.1?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "xpdf-1:3.00-24.el4_8.1.x86_64",
"product": {
"name": "xpdf-1:3.00-24.el4_8.1.x86_64",
"product_id": "xpdf-1:3.00-24.el4_8.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xpdf@3.00-24.el4_8.1?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "xpdf-debuginfo-1:3.00-24.el4_8.1.i386",
"product": {
"name": "xpdf-debuginfo-1:3.00-24.el4_8.1.i386",
"product_id": "xpdf-debuginfo-1:3.00-24.el4_8.1.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xpdf-debuginfo@3.00-24.el4_8.1?arch=i386\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "xpdf-1:3.00-24.el4_8.1.i386",
"product": {
"name": "xpdf-1:3.00-24.el4_8.1.i386",
"product_id": "xpdf-1:3.00-24.el4_8.1.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xpdf@3.00-24.el4_8.1?arch=i386\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "xpdf-1:3.00-24.el4_8.1.src",
"product": {
"name": "xpdf-1:3.00-24.el4_8.1.src",
"product_id": "xpdf-1:3.00-24.el4_8.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xpdf@3.00-24.el4_8.1?arch=src\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "xpdf-debuginfo-1:3.00-24.el4_8.1.ppc",
"product": {
"name": "xpdf-debuginfo-1:3.00-24.el4_8.1.ppc",
"product_id": "xpdf-debuginfo-1:3.00-24.el4_8.1.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xpdf-debuginfo@3.00-24.el4_8.1?arch=ppc\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "xpdf-1:3.00-24.el4_8.1.ppc",
"product": {
"name": "xpdf-1:3.00-24.el4_8.1.ppc",
"product_id": "xpdf-1:3.00-24.el4_8.1.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xpdf@3.00-24.el4_8.1?arch=ppc\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "xpdf-debuginfo-1:3.00-24.el4_8.1.s390x",
"product": {
"name": "xpdf-debuginfo-1:3.00-24.el4_8.1.s390x",
"product_id": "xpdf-debuginfo-1:3.00-24.el4_8.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xpdf-debuginfo@3.00-24.el4_8.1?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "xpdf-1:3.00-24.el4_8.1.s390x",
"product": {
"name": "xpdf-1:3.00-24.el4_8.1.s390x",
"product_id": "xpdf-1:3.00-24.el4_8.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xpdf@3.00-24.el4_8.1?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "xpdf-debuginfo-1:3.00-24.el4_8.1.s390",
"product": {
"name": "xpdf-debuginfo-1:3.00-24.el4_8.1.s390",
"product_id": "xpdf-debuginfo-1:3.00-24.el4_8.1.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xpdf-debuginfo@3.00-24.el4_8.1?arch=s390\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "xpdf-1:3.00-24.el4_8.1.s390",
"product": {
"name": "xpdf-1:3.00-24.el4_8.1.s390",
"product_id": "xpdf-1:3.00-24.el4_8.1.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xpdf@3.00-24.el4_8.1?arch=s390\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "xpdf-1:3.00-24.el4_8.1.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:xpdf-1:3.00-24.el4_8.1.i386"
},
"product_reference": "xpdf-1:3.00-24.el4_8.1.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xpdf-1:3.00-24.el4_8.1.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:xpdf-1:3.00-24.el4_8.1.ia64"
},
"product_reference": "xpdf-1:3.00-24.el4_8.1.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xpdf-1:3.00-24.el4_8.1.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:xpdf-1:3.00-24.el4_8.1.ppc"
},
"product_reference": "xpdf-1:3.00-24.el4_8.1.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xpdf-1:3.00-24.el4_8.1.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:xpdf-1:3.00-24.el4_8.1.s390"
},
"product_reference": "xpdf-1:3.00-24.el4_8.1.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xpdf-1:3.00-24.el4_8.1.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:xpdf-1:3.00-24.el4_8.1.s390x"
},
"product_reference": "xpdf-1:3.00-24.el4_8.1.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xpdf-1:3.00-24.el4_8.1.src as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:xpdf-1:3.00-24.el4_8.1.src"
},
"product_reference": "xpdf-1:3.00-24.el4_8.1.src",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xpdf-1:3.00-24.el4_8.1.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:xpdf-1:3.00-24.el4_8.1.x86_64"
},
"product_reference": "xpdf-1:3.00-24.el4_8.1.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xpdf-debuginfo-1:3.00-24.el4_8.1.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:xpdf-debuginfo-1:3.00-24.el4_8.1.i386"
},
"product_reference": "xpdf-debuginfo-1:3.00-24.el4_8.1.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xpdf-debuginfo-1:3.00-24.el4_8.1.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:xpdf-debuginfo-1:3.00-24.el4_8.1.ia64"
},
"product_reference": "xpdf-debuginfo-1:3.00-24.el4_8.1.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xpdf-debuginfo-1:3.00-24.el4_8.1.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:xpdf-debuginfo-1:3.00-24.el4_8.1.ppc"
},
"product_reference": "xpdf-debuginfo-1:3.00-24.el4_8.1.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xpdf-debuginfo-1:3.00-24.el4_8.1.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:xpdf-debuginfo-1:3.00-24.el4_8.1.s390"
},
"product_reference": "xpdf-debuginfo-1:3.00-24.el4_8.1.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xpdf-debuginfo-1:3.00-24.el4_8.1.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:xpdf-debuginfo-1:3.00-24.el4_8.1.s390x"
},
"product_reference": "xpdf-debuginfo-1:3.00-24.el4_8.1.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xpdf-debuginfo-1:3.00-24.el4_8.1.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:xpdf-debuginfo-1:3.00-24.el4_8.1.x86_64"
},
"product_reference": "xpdf-debuginfo-1:3.00-24.el4_8.1.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xpdf-1:3.00-24.el4_8.1.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:xpdf-1:3.00-24.el4_8.1.i386"
},
"product_reference": "xpdf-1:3.00-24.el4_8.1.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xpdf-1:3.00-24.el4_8.1.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:xpdf-1:3.00-24.el4_8.1.ia64"
},
"product_reference": "xpdf-1:3.00-24.el4_8.1.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xpdf-1:3.00-24.el4_8.1.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:xpdf-1:3.00-24.el4_8.1.ppc"
},
"product_reference": "xpdf-1:3.00-24.el4_8.1.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xpdf-1:3.00-24.el4_8.1.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:xpdf-1:3.00-24.el4_8.1.s390"
},
"product_reference": "xpdf-1:3.00-24.el4_8.1.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xpdf-1:3.00-24.el4_8.1.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:xpdf-1:3.00-24.el4_8.1.s390x"
},
"product_reference": "xpdf-1:3.00-24.el4_8.1.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xpdf-1:3.00-24.el4_8.1.src as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:xpdf-1:3.00-24.el4_8.1.src"
},
"product_reference": "xpdf-1:3.00-24.el4_8.1.src",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xpdf-1:3.00-24.el4_8.1.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:xpdf-1:3.00-24.el4_8.1.x86_64"
},
"product_reference": "xpdf-1:3.00-24.el4_8.1.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xpdf-debuginfo-1:3.00-24.el4_8.1.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:xpdf-debuginfo-1:3.00-24.el4_8.1.i386"
},
"product_reference": "xpdf-debuginfo-1:3.00-24.el4_8.1.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xpdf-debuginfo-1:3.00-24.el4_8.1.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:xpdf-debuginfo-1:3.00-24.el4_8.1.ia64"
},
"product_reference": "xpdf-debuginfo-1:3.00-24.el4_8.1.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xpdf-debuginfo-1:3.00-24.el4_8.1.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:xpdf-debuginfo-1:3.00-24.el4_8.1.ppc"
},
"product_reference": "xpdf-debuginfo-1:3.00-24.el4_8.1.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xpdf-debuginfo-1:3.00-24.el4_8.1.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:xpdf-debuginfo-1:3.00-24.el4_8.1.s390"
},
"product_reference": "xpdf-debuginfo-1:3.00-24.el4_8.1.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xpdf-debuginfo-1:3.00-24.el4_8.1.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:xpdf-debuginfo-1:3.00-24.el4_8.1.s390x"
},
"product_reference": "xpdf-debuginfo-1:3.00-24.el4_8.1.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xpdf-debuginfo-1:3.00-24.el4_8.1.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:xpdf-debuginfo-1:3.00-24.el4_8.1.x86_64"
},
"product_reference": "xpdf-debuginfo-1:3.00-24.el4_8.1.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xpdf-1:3.00-24.el4_8.1.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:xpdf-1:3.00-24.el4_8.1.i386"
},
"product_reference": "xpdf-1:3.00-24.el4_8.1.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xpdf-1:3.00-24.el4_8.1.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:xpdf-1:3.00-24.el4_8.1.ia64"
},
"product_reference": "xpdf-1:3.00-24.el4_8.1.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xpdf-1:3.00-24.el4_8.1.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:xpdf-1:3.00-24.el4_8.1.ppc"
},
"product_reference": "xpdf-1:3.00-24.el4_8.1.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xpdf-1:3.00-24.el4_8.1.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:xpdf-1:3.00-24.el4_8.1.s390"
},
"product_reference": "xpdf-1:3.00-24.el4_8.1.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xpdf-1:3.00-24.el4_8.1.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:xpdf-1:3.00-24.el4_8.1.s390x"
},
"product_reference": "xpdf-1:3.00-24.el4_8.1.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xpdf-1:3.00-24.el4_8.1.src as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:xpdf-1:3.00-24.el4_8.1.src"
},
"product_reference": "xpdf-1:3.00-24.el4_8.1.src",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xpdf-1:3.00-24.el4_8.1.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:xpdf-1:3.00-24.el4_8.1.x86_64"
},
"product_reference": "xpdf-1:3.00-24.el4_8.1.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xpdf-debuginfo-1:3.00-24.el4_8.1.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:xpdf-debuginfo-1:3.00-24.el4_8.1.i386"
},
"product_reference": "xpdf-debuginfo-1:3.00-24.el4_8.1.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xpdf-debuginfo-1:3.00-24.el4_8.1.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:xpdf-debuginfo-1:3.00-24.el4_8.1.ia64"
},
"product_reference": "xpdf-debuginfo-1:3.00-24.el4_8.1.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xpdf-debuginfo-1:3.00-24.el4_8.1.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:xpdf-debuginfo-1:3.00-24.el4_8.1.ppc"
},
"product_reference": "xpdf-debuginfo-1:3.00-24.el4_8.1.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xpdf-debuginfo-1:3.00-24.el4_8.1.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:xpdf-debuginfo-1:3.00-24.el4_8.1.s390"
},
"product_reference": "xpdf-debuginfo-1:3.00-24.el4_8.1.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xpdf-debuginfo-1:3.00-24.el4_8.1.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:xpdf-debuginfo-1:3.00-24.el4_8.1.s390x"
},
"product_reference": "xpdf-debuginfo-1:3.00-24.el4_8.1.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xpdf-debuginfo-1:3.00-24.el4_8.1.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:xpdf-debuginfo-1:3.00-24.el4_8.1.x86_64"
},
"product_reference": "xpdf-debuginfo-1:3.00-24.el4_8.1.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xpdf-1:3.00-24.el4_8.1.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:xpdf-1:3.00-24.el4_8.1.i386"
},
"product_reference": "xpdf-1:3.00-24.el4_8.1.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xpdf-1:3.00-24.el4_8.1.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:xpdf-1:3.00-24.el4_8.1.ia64"
},
"product_reference": "xpdf-1:3.00-24.el4_8.1.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xpdf-1:3.00-24.el4_8.1.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:xpdf-1:3.00-24.el4_8.1.ppc"
},
"product_reference": "xpdf-1:3.00-24.el4_8.1.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xpdf-1:3.00-24.el4_8.1.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:xpdf-1:3.00-24.el4_8.1.s390"
},
"product_reference": "xpdf-1:3.00-24.el4_8.1.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xpdf-1:3.00-24.el4_8.1.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:xpdf-1:3.00-24.el4_8.1.s390x"
},
"product_reference": "xpdf-1:3.00-24.el4_8.1.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xpdf-1:3.00-24.el4_8.1.src as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:xpdf-1:3.00-24.el4_8.1.src"
},
"product_reference": "xpdf-1:3.00-24.el4_8.1.src",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xpdf-1:3.00-24.el4_8.1.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:xpdf-1:3.00-24.el4_8.1.x86_64"
},
"product_reference": "xpdf-1:3.00-24.el4_8.1.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xpdf-debuginfo-1:3.00-24.el4_8.1.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:xpdf-debuginfo-1:3.00-24.el4_8.1.i386"
},
"product_reference": "xpdf-debuginfo-1:3.00-24.el4_8.1.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xpdf-debuginfo-1:3.00-24.el4_8.1.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:xpdf-debuginfo-1:3.00-24.el4_8.1.ia64"
},
"product_reference": "xpdf-debuginfo-1:3.00-24.el4_8.1.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xpdf-debuginfo-1:3.00-24.el4_8.1.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:xpdf-debuginfo-1:3.00-24.el4_8.1.ppc"
},
"product_reference": "xpdf-debuginfo-1:3.00-24.el4_8.1.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xpdf-debuginfo-1:3.00-24.el4_8.1.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:xpdf-debuginfo-1:3.00-24.el4_8.1.s390"
},
"product_reference": "xpdf-debuginfo-1:3.00-24.el4_8.1.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xpdf-debuginfo-1:3.00-24.el4_8.1.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:xpdf-debuginfo-1:3.00-24.el4_8.1.s390x"
},
"product_reference": "xpdf-debuginfo-1:3.00-24.el4_8.1.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xpdf-debuginfo-1:3.00-24.el4_8.1.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:xpdf-debuginfo-1:3.00-24.el4_8.1.x86_64"
},
"product_reference": "xpdf-debuginfo-1:3.00-24.el4_8.1.x86_64",
"relates_to_product_reference": "4WS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2010-3702",
"discovery_date": "2010-05-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "595245"
}
],
"notes": [
{
"category": "description",
"text": "The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, CUPS, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) via unknown vectors that trigger an uninitialized pointer dereference.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xpdf: uninitialized Gfx::parser pointer dereference",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS:xpdf-1:3.00-24.el4_8.1.i386",
"4AS:xpdf-1:3.00-24.el4_8.1.ia64",
"4AS:xpdf-1:3.00-24.el4_8.1.ppc",
"4AS:xpdf-1:3.00-24.el4_8.1.s390",
"4AS:xpdf-1:3.00-24.el4_8.1.s390x",
"4AS:xpdf-1:3.00-24.el4_8.1.src",
"4AS:xpdf-1:3.00-24.el4_8.1.x86_64",
"4AS:xpdf-debuginfo-1:3.00-24.el4_8.1.i386",
"4AS:xpdf-debuginfo-1:3.00-24.el4_8.1.ia64",
"4AS:xpdf-debuginfo-1:3.00-24.el4_8.1.ppc",
"4AS:xpdf-debuginfo-1:3.00-24.el4_8.1.s390",
"4AS:xpdf-debuginfo-1:3.00-24.el4_8.1.s390x",
"4AS:xpdf-debuginfo-1:3.00-24.el4_8.1.x86_64",
"4Desktop:xpdf-1:3.00-24.el4_8.1.i386",
"4Desktop:xpdf-1:3.00-24.el4_8.1.ia64",
"4Desktop:xpdf-1:3.00-24.el4_8.1.ppc",
"4Desktop:xpdf-1:3.00-24.el4_8.1.s390",
"4Desktop:xpdf-1:3.00-24.el4_8.1.s390x",
"4Desktop:xpdf-1:3.00-24.el4_8.1.src",
"4Desktop:xpdf-1:3.00-24.el4_8.1.x86_64",
"4Desktop:xpdf-debuginfo-1:3.00-24.el4_8.1.i386",
"4Desktop:xpdf-debuginfo-1:3.00-24.el4_8.1.ia64",
"4Desktop:xpdf-debuginfo-1:3.00-24.el4_8.1.ppc",
"4Desktop:xpdf-debuginfo-1:3.00-24.el4_8.1.s390",
"4Desktop:xpdf-debuginfo-1:3.00-24.el4_8.1.s390x",
"4Desktop:xpdf-debuginfo-1:3.00-24.el4_8.1.x86_64",
"4ES:xpdf-1:3.00-24.el4_8.1.i386",
"4ES:xpdf-1:3.00-24.el4_8.1.ia64",
"4ES:xpdf-1:3.00-24.el4_8.1.ppc",
"4ES:xpdf-1:3.00-24.el4_8.1.s390",
"4ES:xpdf-1:3.00-24.el4_8.1.s390x",
"4ES:xpdf-1:3.00-24.el4_8.1.src",
"4ES:xpdf-1:3.00-24.el4_8.1.x86_64",
"4ES:xpdf-debuginfo-1:3.00-24.el4_8.1.i386",
"4ES:xpdf-debuginfo-1:3.00-24.el4_8.1.ia64",
"4ES:xpdf-debuginfo-1:3.00-24.el4_8.1.ppc",
"4ES:xpdf-debuginfo-1:3.00-24.el4_8.1.s390",
"4ES:xpdf-debuginfo-1:3.00-24.el4_8.1.s390x",
"4ES:xpdf-debuginfo-1:3.00-24.el4_8.1.x86_64",
"4WS:xpdf-1:3.00-24.el4_8.1.i386",
"4WS:xpdf-1:3.00-24.el4_8.1.ia64",
"4WS:xpdf-1:3.00-24.el4_8.1.ppc",
"4WS:xpdf-1:3.00-24.el4_8.1.s390",
"4WS:xpdf-1:3.00-24.el4_8.1.s390x",
"4WS:xpdf-1:3.00-24.el4_8.1.src",
"4WS:xpdf-1:3.00-24.el4_8.1.x86_64",
"4WS:xpdf-debuginfo-1:3.00-24.el4_8.1.i386",
"4WS:xpdf-debuginfo-1:3.00-24.el4_8.1.ia64",
"4WS:xpdf-debuginfo-1:3.00-24.el4_8.1.ppc",
"4WS:xpdf-debuginfo-1:3.00-24.el4_8.1.s390",
"4WS:xpdf-debuginfo-1:3.00-24.el4_8.1.s390x",
"4WS:xpdf-debuginfo-1:3.00-24.el4_8.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3702"
},
{
"category": "external",
"summary": "RHBZ#595245",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=595245"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3702",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3702"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3702",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3702"
}
],
"release_date": "2010-09-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-10-07T15:23:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS:xpdf-1:3.00-24.el4_8.1.i386",
"4AS:xpdf-1:3.00-24.el4_8.1.ia64",
"4AS:xpdf-1:3.00-24.el4_8.1.ppc",
"4AS:xpdf-1:3.00-24.el4_8.1.s390",
"4AS:xpdf-1:3.00-24.el4_8.1.s390x",
"4AS:xpdf-1:3.00-24.el4_8.1.src",
"4AS:xpdf-1:3.00-24.el4_8.1.x86_64",
"4AS:xpdf-debuginfo-1:3.00-24.el4_8.1.i386",
"4AS:xpdf-debuginfo-1:3.00-24.el4_8.1.ia64",
"4AS:xpdf-debuginfo-1:3.00-24.el4_8.1.ppc",
"4AS:xpdf-debuginfo-1:3.00-24.el4_8.1.s390",
"4AS:xpdf-debuginfo-1:3.00-24.el4_8.1.s390x",
"4AS:xpdf-debuginfo-1:3.00-24.el4_8.1.x86_64",
"4Desktop:xpdf-1:3.00-24.el4_8.1.i386",
"4Desktop:xpdf-1:3.00-24.el4_8.1.ia64",
"4Desktop:xpdf-1:3.00-24.el4_8.1.ppc",
"4Desktop:xpdf-1:3.00-24.el4_8.1.s390",
"4Desktop:xpdf-1:3.00-24.el4_8.1.s390x",
"4Desktop:xpdf-1:3.00-24.el4_8.1.src",
"4Desktop:xpdf-1:3.00-24.el4_8.1.x86_64",
"4Desktop:xpdf-debuginfo-1:3.00-24.el4_8.1.i386",
"4Desktop:xpdf-debuginfo-1:3.00-24.el4_8.1.ia64",
"4Desktop:xpdf-debuginfo-1:3.00-24.el4_8.1.ppc",
"4Desktop:xpdf-debuginfo-1:3.00-24.el4_8.1.s390",
"4Desktop:xpdf-debuginfo-1:3.00-24.el4_8.1.s390x",
"4Desktop:xpdf-debuginfo-1:3.00-24.el4_8.1.x86_64",
"4ES:xpdf-1:3.00-24.el4_8.1.i386",
"4ES:xpdf-1:3.00-24.el4_8.1.ia64",
"4ES:xpdf-1:3.00-24.el4_8.1.ppc",
"4ES:xpdf-1:3.00-24.el4_8.1.s390",
"4ES:xpdf-1:3.00-24.el4_8.1.s390x",
"4ES:xpdf-1:3.00-24.el4_8.1.src",
"4ES:xpdf-1:3.00-24.el4_8.1.x86_64",
"4ES:xpdf-debuginfo-1:3.00-24.el4_8.1.i386",
"4ES:xpdf-debuginfo-1:3.00-24.el4_8.1.ia64",
"4ES:xpdf-debuginfo-1:3.00-24.el4_8.1.ppc",
"4ES:xpdf-debuginfo-1:3.00-24.el4_8.1.s390",
"4ES:xpdf-debuginfo-1:3.00-24.el4_8.1.s390x",
"4ES:xpdf-debuginfo-1:3.00-24.el4_8.1.x86_64",
"4WS:xpdf-1:3.00-24.el4_8.1.i386",
"4WS:xpdf-1:3.00-24.el4_8.1.ia64",
"4WS:xpdf-1:3.00-24.el4_8.1.ppc",
"4WS:xpdf-1:3.00-24.el4_8.1.s390",
"4WS:xpdf-1:3.00-24.el4_8.1.s390x",
"4WS:xpdf-1:3.00-24.el4_8.1.src",
"4WS:xpdf-1:3.00-24.el4_8.1.x86_64",
"4WS:xpdf-debuginfo-1:3.00-24.el4_8.1.i386",
"4WS:xpdf-debuginfo-1:3.00-24.el4_8.1.ia64",
"4WS:xpdf-debuginfo-1:3.00-24.el4_8.1.ppc",
"4WS:xpdf-debuginfo-1:3.00-24.el4_8.1.s390",
"4WS:xpdf-debuginfo-1:3.00-24.el4_8.1.s390x",
"4WS:xpdf-debuginfo-1:3.00-24.el4_8.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0751"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS:xpdf-1:3.00-24.el4_8.1.i386",
"4AS:xpdf-1:3.00-24.el4_8.1.ia64",
"4AS:xpdf-1:3.00-24.el4_8.1.ppc",
"4AS:xpdf-1:3.00-24.el4_8.1.s390",
"4AS:xpdf-1:3.00-24.el4_8.1.s390x",
"4AS:xpdf-1:3.00-24.el4_8.1.src",
"4AS:xpdf-1:3.00-24.el4_8.1.x86_64",
"4AS:xpdf-debuginfo-1:3.00-24.el4_8.1.i386",
"4AS:xpdf-debuginfo-1:3.00-24.el4_8.1.ia64",
"4AS:xpdf-debuginfo-1:3.00-24.el4_8.1.ppc",
"4AS:xpdf-debuginfo-1:3.00-24.el4_8.1.s390",
"4AS:xpdf-debuginfo-1:3.00-24.el4_8.1.s390x",
"4AS:xpdf-debuginfo-1:3.00-24.el4_8.1.x86_64",
"4Desktop:xpdf-1:3.00-24.el4_8.1.i386",
"4Desktop:xpdf-1:3.00-24.el4_8.1.ia64",
"4Desktop:xpdf-1:3.00-24.el4_8.1.ppc",
"4Desktop:xpdf-1:3.00-24.el4_8.1.s390",
"4Desktop:xpdf-1:3.00-24.el4_8.1.s390x",
"4Desktop:xpdf-1:3.00-24.el4_8.1.src",
"4Desktop:xpdf-1:3.00-24.el4_8.1.x86_64",
"4Desktop:xpdf-debuginfo-1:3.00-24.el4_8.1.i386",
"4Desktop:xpdf-debuginfo-1:3.00-24.el4_8.1.ia64",
"4Desktop:xpdf-debuginfo-1:3.00-24.el4_8.1.ppc",
"4Desktop:xpdf-debuginfo-1:3.00-24.el4_8.1.s390",
"4Desktop:xpdf-debuginfo-1:3.00-24.el4_8.1.s390x",
"4Desktop:xpdf-debuginfo-1:3.00-24.el4_8.1.x86_64",
"4ES:xpdf-1:3.00-24.el4_8.1.i386",
"4ES:xpdf-1:3.00-24.el4_8.1.ia64",
"4ES:xpdf-1:3.00-24.el4_8.1.ppc",
"4ES:xpdf-1:3.00-24.el4_8.1.s390",
"4ES:xpdf-1:3.00-24.el4_8.1.s390x",
"4ES:xpdf-1:3.00-24.el4_8.1.src",
"4ES:xpdf-1:3.00-24.el4_8.1.x86_64",
"4ES:xpdf-debuginfo-1:3.00-24.el4_8.1.i386",
"4ES:xpdf-debuginfo-1:3.00-24.el4_8.1.ia64",
"4ES:xpdf-debuginfo-1:3.00-24.el4_8.1.ppc",
"4ES:xpdf-debuginfo-1:3.00-24.el4_8.1.s390",
"4ES:xpdf-debuginfo-1:3.00-24.el4_8.1.s390x",
"4ES:xpdf-debuginfo-1:3.00-24.el4_8.1.x86_64",
"4WS:xpdf-1:3.00-24.el4_8.1.i386",
"4WS:xpdf-1:3.00-24.el4_8.1.ia64",
"4WS:xpdf-1:3.00-24.el4_8.1.ppc",
"4WS:xpdf-1:3.00-24.el4_8.1.s390",
"4WS:xpdf-1:3.00-24.el4_8.1.s390x",
"4WS:xpdf-1:3.00-24.el4_8.1.src",
"4WS:xpdf-1:3.00-24.el4_8.1.x86_64",
"4WS:xpdf-debuginfo-1:3.00-24.el4_8.1.i386",
"4WS:xpdf-debuginfo-1:3.00-24.el4_8.1.ia64",
"4WS:xpdf-debuginfo-1:3.00-24.el4_8.1.ppc",
"4WS:xpdf-debuginfo-1:3.00-24.el4_8.1.s390",
"4WS:xpdf-debuginfo-1:3.00-24.el4_8.1.s390x",
"4WS:xpdf-debuginfo-1:3.00-24.el4_8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "xpdf: uninitialized Gfx::parser pointer dereference"
},
{
"cve": "CVE-2010-3704",
"discovery_date": "2010-09-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "638960"
}
],
"notes": [
{
"category": "description",
"text": "The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with a crafted PostScript Type1 font that contains a negative array index, which bypasses input validation and triggers memory corruption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xpdf: array indexing error in FoFiType1::parse()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS:xpdf-1:3.00-24.el4_8.1.i386",
"4AS:xpdf-1:3.00-24.el4_8.1.ia64",
"4AS:xpdf-1:3.00-24.el4_8.1.ppc",
"4AS:xpdf-1:3.00-24.el4_8.1.s390",
"4AS:xpdf-1:3.00-24.el4_8.1.s390x",
"4AS:xpdf-1:3.00-24.el4_8.1.src",
"4AS:xpdf-1:3.00-24.el4_8.1.x86_64",
"4AS:xpdf-debuginfo-1:3.00-24.el4_8.1.i386",
"4AS:xpdf-debuginfo-1:3.00-24.el4_8.1.ia64",
"4AS:xpdf-debuginfo-1:3.00-24.el4_8.1.ppc",
"4AS:xpdf-debuginfo-1:3.00-24.el4_8.1.s390",
"4AS:xpdf-debuginfo-1:3.00-24.el4_8.1.s390x",
"4AS:xpdf-debuginfo-1:3.00-24.el4_8.1.x86_64",
"4Desktop:xpdf-1:3.00-24.el4_8.1.i386",
"4Desktop:xpdf-1:3.00-24.el4_8.1.ia64",
"4Desktop:xpdf-1:3.00-24.el4_8.1.ppc",
"4Desktop:xpdf-1:3.00-24.el4_8.1.s390",
"4Desktop:xpdf-1:3.00-24.el4_8.1.s390x",
"4Desktop:xpdf-1:3.00-24.el4_8.1.src",
"4Desktop:xpdf-1:3.00-24.el4_8.1.x86_64",
"4Desktop:xpdf-debuginfo-1:3.00-24.el4_8.1.i386",
"4Desktop:xpdf-debuginfo-1:3.00-24.el4_8.1.ia64",
"4Desktop:xpdf-debuginfo-1:3.00-24.el4_8.1.ppc",
"4Desktop:xpdf-debuginfo-1:3.00-24.el4_8.1.s390",
"4Desktop:xpdf-debuginfo-1:3.00-24.el4_8.1.s390x",
"4Desktop:xpdf-debuginfo-1:3.00-24.el4_8.1.x86_64",
"4ES:xpdf-1:3.00-24.el4_8.1.i386",
"4ES:xpdf-1:3.00-24.el4_8.1.ia64",
"4ES:xpdf-1:3.00-24.el4_8.1.ppc",
"4ES:xpdf-1:3.00-24.el4_8.1.s390",
"4ES:xpdf-1:3.00-24.el4_8.1.s390x",
"4ES:xpdf-1:3.00-24.el4_8.1.src",
"4ES:xpdf-1:3.00-24.el4_8.1.x86_64",
"4ES:xpdf-debuginfo-1:3.00-24.el4_8.1.i386",
"4ES:xpdf-debuginfo-1:3.00-24.el4_8.1.ia64",
"4ES:xpdf-debuginfo-1:3.00-24.el4_8.1.ppc",
"4ES:xpdf-debuginfo-1:3.00-24.el4_8.1.s390",
"4ES:xpdf-debuginfo-1:3.00-24.el4_8.1.s390x",
"4ES:xpdf-debuginfo-1:3.00-24.el4_8.1.x86_64",
"4WS:xpdf-1:3.00-24.el4_8.1.i386",
"4WS:xpdf-1:3.00-24.el4_8.1.ia64",
"4WS:xpdf-1:3.00-24.el4_8.1.ppc",
"4WS:xpdf-1:3.00-24.el4_8.1.s390",
"4WS:xpdf-1:3.00-24.el4_8.1.s390x",
"4WS:xpdf-1:3.00-24.el4_8.1.src",
"4WS:xpdf-1:3.00-24.el4_8.1.x86_64",
"4WS:xpdf-debuginfo-1:3.00-24.el4_8.1.i386",
"4WS:xpdf-debuginfo-1:3.00-24.el4_8.1.ia64",
"4WS:xpdf-debuginfo-1:3.00-24.el4_8.1.ppc",
"4WS:xpdf-debuginfo-1:3.00-24.el4_8.1.s390",
"4WS:xpdf-debuginfo-1:3.00-24.el4_8.1.s390x",
"4WS:xpdf-debuginfo-1:3.00-24.el4_8.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3704"
},
{
"category": "external",
"summary": "RHBZ#638960",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=638960"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3704",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3704"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3704",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3704"
}
],
"release_date": "2010-09-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-10-07T15:23:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS:xpdf-1:3.00-24.el4_8.1.i386",
"4AS:xpdf-1:3.00-24.el4_8.1.ia64",
"4AS:xpdf-1:3.00-24.el4_8.1.ppc",
"4AS:xpdf-1:3.00-24.el4_8.1.s390",
"4AS:xpdf-1:3.00-24.el4_8.1.s390x",
"4AS:xpdf-1:3.00-24.el4_8.1.src",
"4AS:xpdf-1:3.00-24.el4_8.1.x86_64",
"4AS:xpdf-debuginfo-1:3.00-24.el4_8.1.i386",
"4AS:xpdf-debuginfo-1:3.00-24.el4_8.1.ia64",
"4AS:xpdf-debuginfo-1:3.00-24.el4_8.1.ppc",
"4AS:xpdf-debuginfo-1:3.00-24.el4_8.1.s390",
"4AS:xpdf-debuginfo-1:3.00-24.el4_8.1.s390x",
"4AS:xpdf-debuginfo-1:3.00-24.el4_8.1.x86_64",
"4Desktop:xpdf-1:3.00-24.el4_8.1.i386",
"4Desktop:xpdf-1:3.00-24.el4_8.1.ia64",
"4Desktop:xpdf-1:3.00-24.el4_8.1.ppc",
"4Desktop:xpdf-1:3.00-24.el4_8.1.s390",
"4Desktop:xpdf-1:3.00-24.el4_8.1.s390x",
"4Desktop:xpdf-1:3.00-24.el4_8.1.src",
"4Desktop:xpdf-1:3.00-24.el4_8.1.x86_64",
"4Desktop:xpdf-debuginfo-1:3.00-24.el4_8.1.i386",
"4Desktop:xpdf-debuginfo-1:3.00-24.el4_8.1.ia64",
"4Desktop:xpdf-debuginfo-1:3.00-24.el4_8.1.ppc",
"4Desktop:xpdf-debuginfo-1:3.00-24.el4_8.1.s390",
"4Desktop:xpdf-debuginfo-1:3.00-24.el4_8.1.s390x",
"4Desktop:xpdf-debuginfo-1:3.00-24.el4_8.1.x86_64",
"4ES:xpdf-1:3.00-24.el4_8.1.i386",
"4ES:xpdf-1:3.00-24.el4_8.1.ia64",
"4ES:xpdf-1:3.00-24.el4_8.1.ppc",
"4ES:xpdf-1:3.00-24.el4_8.1.s390",
"4ES:xpdf-1:3.00-24.el4_8.1.s390x",
"4ES:xpdf-1:3.00-24.el4_8.1.src",
"4ES:xpdf-1:3.00-24.el4_8.1.x86_64",
"4ES:xpdf-debuginfo-1:3.00-24.el4_8.1.i386",
"4ES:xpdf-debuginfo-1:3.00-24.el4_8.1.ia64",
"4ES:xpdf-debuginfo-1:3.00-24.el4_8.1.ppc",
"4ES:xpdf-debuginfo-1:3.00-24.el4_8.1.s390",
"4ES:xpdf-debuginfo-1:3.00-24.el4_8.1.s390x",
"4ES:xpdf-debuginfo-1:3.00-24.el4_8.1.x86_64",
"4WS:xpdf-1:3.00-24.el4_8.1.i386",
"4WS:xpdf-1:3.00-24.el4_8.1.ia64",
"4WS:xpdf-1:3.00-24.el4_8.1.ppc",
"4WS:xpdf-1:3.00-24.el4_8.1.s390",
"4WS:xpdf-1:3.00-24.el4_8.1.s390x",
"4WS:xpdf-1:3.00-24.el4_8.1.src",
"4WS:xpdf-1:3.00-24.el4_8.1.x86_64",
"4WS:xpdf-debuginfo-1:3.00-24.el4_8.1.i386",
"4WS:xpdf-debuginfo-1:3.00-24.el4_8.1.ia64",
"4WS:xpdf-debuginfo-1:3.00-24.el4_8.1.ppc",
"4WS:xpdf-debuginfo-1:3.00-24.el4_8.1.s390",
"4WS:xpdf-debuginfo-1:3.00-24.el4_8.1.s390x",
"4WS:xpdf-debuginfo-1:3.00-24.el4_8.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0751"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS:xpdf-1:3.00-24.el4_8.1.i386",
"4AS:xpdf-1:3.00-24.el4_8.1.ia64",
"4AS:xpdf-1:3.00-24.el4_8.1.ppc",
"4AS:xpdf-1:3.00-24.el4_8.1.s390",
"4AS:xpdf-1:3.00-24.el4_8.1.s390x",
"4AS:xpdf-1:3.00-24.el4_8.1.src",
"4AS:xpdf-1:3.00-24.el4_8.1.x86_64",
"4AS:xpdf-debuginfo-1:3.00-24.el4_8.1.i386",
"4AS:xpdf-debuginfo-1:3.00-24.el4_8.1.ia64",
"4AS:xpdf-debuginfo-1:3.00-24.el4_8.1.ppc",
"4AS:xpdf-debuginfo-1:3.00-24.el4_8.1.s390",
"4AS:xpdf-debuginfo-1:3.00-24.el4_8.1.s390x",
"4AS:xpdf-debuginfo-1:3.00-24.el4_8.1.x86_64",
"4Desktop:xpdf-1:3.00-24.el4_8.1.i386",
"4Desktop:xpdf-1:3.00-24.el4_8.1.ia64",
"4Desktop:xpdf-1:3.00-24.el4_8.1.ppc",
"4Desktop:xpdf-1:3.00-24.el4_8.1.s390",
"4Desktop:xpdf-1:3.00-24.el4_8.1.s390x",
"4Desktop:xpdf-1:3.00-24.el4_8.1.src",
"4Desktop:xpdf-1:3.00-24.el4_8.1.x86_64",
"4Desktop:xpdf-debuginfo-1:3.00-24.el4_8.1.i386",
"4Desktop:xpdf-debuginfo-1:3.00-24.el4_8.1.ia64",
"4Desktop:xpdf-debuginfo-1:3.00-24.el4_8.1.ppc",
"4Desktop:xpdf-debuginfo-1:3.00-24.el4_8.1.s390",
"4Desktop:xpdf-debuginfo-1:3.00-24.el4_8.1.s390x",
"4Desktop:xpdf-debuginfo-1:3.00-24.el4_8.1.x86_64",
"4ES:xpdf-1:3.00-24.el4_8.1.i386",
"4ES:xpdf-1:3.00-24.el4_8.1.ia64",
"4ES:xpdf-1:3.00-24.el4_8.1.ppc",
"4ES:xpdf-1:3.00-24.el4_8.1.s390",
"4ES:xpdf-1:3.00-24.el4_8.1.s390x",
"4ES:xpdf-1:3.00-24.el4_8.1.src",
"4ES:xpdf-1:3.00-24.el4_8.1.x86_64",
"4ES:xpdf-debuginfo-1:3.00-24.el4_8.1.i386",
"4ES:xpdf-debuginfo-1:3.00-24.el4_8.1.ia64",
"4ES:xpdf-debuginfo-1:3.00-24.el4_8.1.ppc",
"4ES:xpdf-debuginfo-1:3.00-24.el4_8.1.s390",
"4ES:xpdf-debuginfo-1:3.00-24.el4_8.1.s390x",
"4ES:xpdf-debuginfo-1:3.00-24.el4_8.1.x86_64",
"4WS:xpdf-1:3.00-24.el4_8.1.i386",
"4WS:xpdf-1:3.00-24.el4_8.1.ia64",
"4WS:xpdf-1:3.00-24.el4_8.1.ppc",
"4WS:xpdf-1:3.00-24.el4_8.1.s390",
"4WS:xpdf-1:3.00-24.el4_8.1.s390x",
"4WS:xpdf-1:3.00-24.el4_8.1.src",
"4WS:xpdf-1:3.00-24.el4_8.1.x86_64",
"4WS:xpdf-debuginfo-1:3.00-24.el4_8.1.i386",
"4WS:xpdf-debuginfo-1:3.00-24.el4_8.1.ia64",
"4WS:xpdf-debuginfo-1:3.00-24.el4_8.1.ppc",
"4WS:xpdf-debuginfo-1:3.00-24.el4_8.1.s390",
"4WS:xpdf-debuginfo-1:3.00-24.el4_8.1.s390x",
"4WS:xpdf-debuginfo-1:3.00-24.el4_8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "xpdf: array indexing error in FoFiType1::parse()"
}
]
}
RHSA-2010:0752
Vulnerability from csaf_redhat - Published: 2010-10-07 15:27 - Updated: 2026-01-28 22:51Summary
Red Hat Security Advisory: gpdf security update
Severity
Important
Notes
Topic: An updated gpdf package that fixes two security issues is now available for
Red Hat Enterprise Linux 4.
The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.
Details: GPdf is a viewer for Portable Document Format (PDF) files.
An uninitialized pointer use flaw was discovered in GPdf. An attacker could
create a malicious PDF file that, when opened, would cause GPdf to crash
or, potentially, execute arbitrary code. (CVE-2010-3702)
An array index error was found in the way GPdf parsed PostScript Type 1
fonts embedded in PDF documents. An attacker could create a malicious PDF
file that, when opened, would cause GPdf to crash or, potentially, execute
arbitrary code. (CVE-2010-3704)
Users are advised to upgrade to this updated package, which contains
backported patches to correct these issues.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, CUPS, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) via unknown vectors that trigger an uninitialized pointer dereference.
5.8 ()
Affected products
Fixed
52 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with a crafted PostScript Type1 font that contains a negative array index, which bypasses input validation and triggers memory corruption.
6.8 ()
Affected products
Fixed
52 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4AS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4Desktop:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4ES:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.i386 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ia64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ppc | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 4WS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
References
13 references
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2010:0752 | self |
| https://access.redhat.com/security/updates/classi… | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=595245 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=638960 | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2010-3702 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=595245 | external |
| https://www.cve.org/CVERecord?id=CVE-2010-3702 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2010-3702 | external |
| https://access.redhat.com/security/cve/CVE-2010-3704 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=638960 | external |
| https://www.cve.org/CVERecord?id=CVE-2010-3704 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2010-3704 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An updated gpdf package that fixes two security issues is now available for\nRed Hat Enterprise Linux 4.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "GPdf is a viewer for Portable Document Format (PDF) files.\n\nAn uninitialized pointer use flaw was discovered in GPdf. An attacker could\ncreate a malicious PDF file that, when opened, would cause GPdf to crash\nor, potentially, execute arbitrary code. (CVE-2010-3702)\n\nAn array index error was found in the way GPdf parsed PostScript Type 1\nfonts embedded in PDF documents. An attacker could create a malicious PDF\nfile that, when opened, would cause GPdf to crash or, potentially, execute\narbitrary code. (CVE-2010-3704)\n\nUsers are advised to upgrade to this updated package, which contains\nbackported patches to correct these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2010:0752",
"url": "https://access.redhat.com/errata/RHSA-2010:0752"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "595245",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=595245"
},
{
"category": "external",
"summary": "638960",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=638960"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2010/rhsa-2010_0752.json"
}
],
"title": "Red Hat Security Advisory: gpdf security update",
"tracking": {
"current_release_date": "2026-01-28T22:51:22+00:00",
"generator": {
"date": "2026-01-28T22:51:22+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.16"
}
},
"id": "RHSA-2010:0752",
"initial_release_date": "2010-10-07T15:27:00+00:00",
"revision_history": [
{
"date": "2010-10-07T15:27:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2010-10-07T11:31:37+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-28T22:51:22+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 4",
"product": {
"name": "Red Hat Enterprise Linux AS version 4",
"product_id": "4AS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::as"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop version 4",
"product": {
"name": "Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::desktop"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 4",
"product": {
"name": "Red Hat Enterprise Linux ES version 4",
"product_id": "4ES",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::es"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 4",
"product": {
"name": "Red Hat Enterprise Linux WS version 4",
"product_id": "4WS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::ws"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "gpdf-0:2.8.2-7.7.2.el4_8.7.ia64",
"product": {
"name": "gpdf-0:2.8.2-7.7.2.el4_8.7.ia64",
"product_id": "gpdf-0:2.8.2-7.7.2.el4_8.7.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gpdf@2.8.2-7.7.2.el4_8.7?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ia64",
"product": {
"name": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ia64",
"product_id": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gpdf-debuginfo@2.8.2-7.7.2.el4_8.7?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "gpdf-0:2.8.2-7.7.2.el4_8.7.src",
"product": {
"name": "gpdf-0:2.8.2-7.7.2.el4_8.7.src",
"product_id": "gpdf-0:2.8.2-7.7.2.el4_8.7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gpdf@2.8.2-7.7.2.el4_8.7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "gpdf-0:2.8.2-7.7.2.el4_8.7.x86_64",
"product": {
"name": "gpdf-0:2.8.2-7.7.2.el4_8.7.x86_64",
"product_id": "gpdf-0:2.8.2-7.7.2.el4_8.7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gpdf@2.8.2-7.7.2.el4_8.7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.x86_64",
"product": {
"name": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.x86_64",
"product_id": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gpdf-debuginfo@2.8.2-7.7.2.el4_8.7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "gpdf-0:2.8.2-7.7.2.el4_8.7.i386",
"product": {
"name": "gpdf-0:2.8.2-7.7.2.el4_8.7.i386",
"product_id": "gpdf-0:2.8.2-7.7.2.el4_8.7.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gpdf@2.8.2-7.7.2.el4_8.7?arch=i386"
}
}
},
{
"category": "product_version",
"name": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.i386",
"product": {
"name": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.i386",
"product_id": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gpdf-debuginfo@2.8.2-7.7.2.el4_8.7?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "gpdf-0:2.8.2-7.7.2.el4_8.7.ppc",
"product": {
"name": "gpdf-0:2.8.2-7.7.2.el4_8.7.ppc",
"product_id": "gpdf-0:2.8.2-7.7.2.el4_8.7.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gpdf@2.8.2-7.7.2.el4_8.7?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ppc",
"product": {
"name": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ppc",
"product_id": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gpdf-debuginfo@2.8.2-7.7.2.el4_8.7?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "gpdf-0:2.8.2-7.7.2.el4_8.7.s390x",
"product": {
"name": "gpdf-0:2.8.2-7.7.2.el4_8.7.s390x",
"product_id": "gpdf-0:2.8.2-7.7.2.el4_8.7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gpdf@2.8.2-7.7.2.el4_8.7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390x",
"product": {
"name": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390x",
"product_id": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gpdf-debuginfo@2.8.2-7.7.2.el4_8.7?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "gpdf-0:2.8.2-7.7.2.el4_8.7.s390",
"product": {
"name": "gpdf-0:2.8.2-7.7.2.el4_8.7.s390",
"product_id": "gpdf-0:2.8.2-7.7.2.el4_8.7.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gpdf@2.8.2-7.7.2.el4_8.7?arch=s390"
}
}
},
{
"category": "product_version",
"name": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390",
"product": {
"name": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390",
"product_id": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gpdf-debuginfo@2.8.2-7.7.2.el4_8.7?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gpdf-0:2.8.2-7.7.2.el4_8.7.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.i386"
},
"product_reference": "gpdf-0:2.8.2-7.7.2.el4_8.7.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpdf-0:2.8.2-7.7.2.el4_8.7.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.ia64"
},
"product_reference": "gpdf-0:2.8.2-7.7.2.el4_8.7.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpdf-0:2.8.2-7.7.2.el4_8.7.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.ppc"
},
"product_reference": "gpdf-0:2.8.2-7.7.2.el4_8.7.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpdf-0:2.8.2-7.7.2.el4_8.7.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.s390"
},
"product_reference": "gpdf-0:2.8.2-7.7.2.el4_8.7.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpdf-0:2.8.2-7.7.2.el4_8.7.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.s390x"
},
"product_reference": "gpdf-0:2.8.2-7.7.2.el4_8.7.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpdf-0:2.8.2-7.7.2.el4_8.7.src as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.src"
},
"product_reference": "gpdf-0:2.8.2-7.7.2.el4_8.7.src",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpdf-0:2.8.2-7.7.2.el4_8.7.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.x86_64"
},
"product_reference": "gpdf-0:2.8.2-7.7.2.el4_8.7.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.i386"
},
"product_reference": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ia64"
},
"product_reference": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ppc"
},
"product_reference": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390"
},
"product_reference": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390x"
},
"product_reference": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.x86_64"
},
"product_reference": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpdf-0:2.8.2-7.7.2.el4_8.7.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.i386"
},
"product_reference": "gpdf-0:2.8.2-7.7.2.el4_8.7.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpdf-0:2.8.2-7.7.2.el4_8.7.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.ia64"
},
"product_reference": "gpdf-0:2.8.2-7.7.2.el4_8.7.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpdf-0:2.8.2-7.7.2.el4_8.7.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.ppc"
},
"product_reference": "gpdf-0:2.8.2-7.7.2.el4_8.7.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpdf-0:2.8.2-7.7.2.el4_8.7.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.s390"
},
"product_reference": "gpdf-0:2.8.2-7.7.2.el4_8.7.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpdf-0:2.8.2-7.7.2.el4_8.7.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.s390x"
},
"product_reference": "gpdf-0:2.8.2-7.7.2.el4_8.7.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpdf-0:2.8.2-7.7.2.el4_8.7.src as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.src"
},
"product_reference": "gpdf-0:2.8.2-7.7.2.el4_8.7.src",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpdf-0:2.8.2-7.7.2.el4_8.7.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.x86_64"
},
"product_reference": "gpdf-0:2.8.2-7.7.2.el4_8.7.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.i386"
},
"product_reference": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ia64"
},
"product_reference": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ppc"
},
"product_reference": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390"
},
"product_reference": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390x"
},
"product_reference": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.x86_64"
},
"product_reference": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpdf-0:2.8.2-7.7.2.el4_8.7.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.i386"
},
"product_reference": "gpdf-0:2.8.2-7.7.2.el4_8.7.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpdf-0:2.8.2-7.7.2.el4_8.7.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.ia64"
},
"product_reference": "gpdf-0:2.8.2-7.7.2.el4_8.7.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpdf-0:2.8.2-7.7.2.el4_8.7.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.ppc"
},
"product_reference": "gpdf-0:2.8.2-7.7.2.el4_8.7.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpdf-0:2.8.2-7.7.2.el4_8.7.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.s390"
},
"product_reference": "gpdf-0:2.8.2-7.7.2.el4_8.7.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpdf-0:2.8.2-7.7.2.el4_8.7.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.s390x"
},
"product_reference": "gpdf-0:2.8.2-7.7.2.el4_8.7.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpdf-0:2.8.2-7.7.2.el4_8.7.src as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.src"
},
"product_reference": "gpdf-0:2.8.2-7.7.2.el4_8.7.src",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpdf-0:2.8.2-7.7.2.el4_8.7.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.x86_64"
},
"product_reference": "gpdf-0:2.8.2-7.7.2.el4_8.7.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.i386"
},
"product_reference": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ia64"
},
"product_reference": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ppc"
},
"product_reference": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390"
},
"product_reference": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390x"
},
"product_reference": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.x86_64"
},
"product_reference": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpdf-0:2.8.2-7.7.2.el4_8.7.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.i386"
},
"product_reference": "gpdf-0:2.8.2-7.7.2.el4_8.7.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpdf-0:2.8.2-7.7.2.el4_8.7.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.ia64"
},
"product_reference": "gpdf-0:2.8.2-7.7.2.el4_8.7.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpdf-0:2.8.2-7.7.2.el4_8.7.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.ppc"
},
"product_reference": "gpdf-0:2.8.2-7.7.2.el4_8.7.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpdf-0:2.8.2-7.7.2.el4_8.7.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.s390"
},
"product_reference": "gpdf-0:2.8.2-7.7.2.el4_8.7.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpdf-0:2.8.2-7.7.2.el4_8.7.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.s390x"
},
"product_reference": "gpdf-0:2.8.2-7.7.2.el4_8.7.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpdf-0:2.8.2-7.7.2.el4_8.7.src as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.src"
},
"product_reference": "gpdf-0:2.8.2-7.7.2.el4_8.7.src",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpdf-0:2.8.2-7.7.2.el4_8.7.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.x86_64"
},
"product_reference": "gpdf-0:2.8.2-7.7.2.el4_8.7.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.i386"
},
"product_reference": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ia64"
},
"product_reference": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ppc"
},
"product_reference": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390"
},
"product_reference": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390x"
},
"product_reference": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.x86_64"
},
"product_reference": "gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.x86_64",
"relates_to_product_reference": "4WS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2010-3702",
"discovery_date": "2010-05-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "595245"
}
],
"notes": [
{
"category": "description",
"text": "The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, CUPS, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) via unknown vectors that trigger an uninitialized pointer dereference.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xpdf: uninitialized Gfx::parser pointer dereference",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.i386",
"4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.ia64",
"4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.ppc",
"4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.s390",
"4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.s390x",
"4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.src",
"4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.x86_64",
"4AS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.i386",
"4AS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ia64",
"4AS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ppc",
"4AS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390",
"4AS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390x",
"4AS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.x86_64",
"4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.i386",
"4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.ia64",
"4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.ppc",
"4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.s390",
"4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.s390x",
"4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.src",
"4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.x86_64",
"4Desktop:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.i386",
"4Desktop:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ia64",
"4Desktop:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ppc",
"4Desktop:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390",
"4Desktop:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390x",
"4Desktop:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.x86_64",
"4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.i386",
"4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.ia64",
"4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.ppc",
"4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.s390",
"4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.s390x",
"4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.src",
"4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.x86_64",
"4ES:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.i386",
"4ES:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ia64",
"4ES:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ppc",
"4ES:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390",
"4ES:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390x",
"4ES:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.x86_64",
"4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.i386",
"4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.ia64",
"4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.ppc",
"4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.s390",
"4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.s390x",
"4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.src",
"4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.x86_64",
"4WS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.i386",
"4WS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ia64",
"4WS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ppc",
"4WS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390",
"4WS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390x",
"4WS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3702"
},
{
"category": "external",
"summary": "RHBZ#595245",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=595245"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3702",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3702"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3702",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3702"
}
],
"release_date": "2010-09-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-10-07T15:27:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.i386",
"4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.ia64",
"4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.ppc",
"4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.s390",
"4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.s390x",
"4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.src",
"4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.x86_64",
"4AS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.i386",
"4AS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ia64",
"4AS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ppc",
"4AS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390",
"4AS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390x",
"4AS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.x86_64",
"4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.i386",
"4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.ia64",
"4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.ppc",
"4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.s390",
"4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.s390x",
"4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.src",
"4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.x86_64",
"4Desktop:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.i386",
"4Desktop:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ia64",
"4Desktop:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ppc",
"4Desktop:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390",
"4Desktop:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390x",
"4Desktop:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.x86_64",
"4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.i386",
"4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.ia64",
"4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.ppc",
"4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.s390",
"4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.s390x",
"4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.src",
"4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.x86_64",
"4ES:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.i386",
"4ES:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ia64",
"4ES:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ppc",
"4ES:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390",
"4ES:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390x",
"4ES:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.x86_64",
"4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.i386",
"4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.ia64",
"4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.ppc",
"4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.s390",
"4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.s390x",
"4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.src",
"4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.x86_64",
"4WS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.i386",
"4WS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ia64",
"4WS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ppc",
"4WS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390",
"4WS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390x",
"4WS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0752"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.i386",
"4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.ia64",
"4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.ppc",
"4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.s390",
"4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.s390x",
"4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.src",
"4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.x86_64",
"4AS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.i386",
"4AS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ia64",
"4AS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ppc",
"4AS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390",
"4AS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390x",
"4AS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.x86_64",
"4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.i386",
"4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.ia64",
"4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.ppc",
"4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.s390",
"4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.s390x",
"4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.src",
"4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.x86_64",
"4Desktop:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.i386",
"4Desktop:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ia64",
"4Desktop:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ppc",
"4Desktop:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390",
"4Desktop:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390x",
"4Desktop:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.x86_64",
"4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.i386",
"4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.ia64",
"4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.ppc",
"4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.s390",
"4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.s390x",
"4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.src",
"4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.x86_64",
"4ES:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.i386",
"4ES:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ia64",
"4ES:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ppc",
"4ES:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390",
"4ES:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390x",
"4ES:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.x86_64",
"4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.i386",
"4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.ia64",
"4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.ppc",
"4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.s390",
"4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.s390x",
"4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.src",
"4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.x86_64",
"4WS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.i386",
"4WS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ia64",
"4WS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ppc",
"4WS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390",
"4WS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390x",
"4WS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "xpdf: uninitialized Gfx::parser pointer dereference"
},
{
"cve": "CVE-2010-3704",
"discovery_date": "2010-09-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "638960"
}
],
"notes": [
{
"category": "description",
"text": "The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with a crafted PostScript Type1 font that contains a negative array index, which bypasses input validation and triggers memory corruption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xpdf: array indexing error in FoFiType1::parse()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.i386",
"4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.ia64",
"4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.ppc",
"4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.s390",
"4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.s390x",
"4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.src",
"4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.x86_64",
"4AS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.i386",
"4AS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ia64",
"4AS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ppc",
"4AS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390",
"4AS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390x",
"4AS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.x86_64",
"4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.i386",
"4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.ia64",
"4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.ppc",
"4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.s390",
"4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.s390x",
"4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.src",
"4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.x86_64",
"4Desktop:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.i386",
"4Desktop:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ia64",
"4Desktop:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ppc",
"4Desktop:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390",
"4Desktop:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390x",
"4Desktop:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.x86_64",
"4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.i386",
"4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.ia64",
"4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.ppc",
"4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.s390",
"4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.s390x",
"4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.src",
"4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.x86_64",
"4ES:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.i386",
"4ES:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ia64",
"4ES:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ppc",
"4ES:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390",
"4ES:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390x",
"4ES:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.x86_64",
"4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.i386",
"4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.ia64",
"4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.ppc",
"4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.s390",
"4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.s390x",
"4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.src",
"4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.x86_64",
"4WS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.i386",
"4WS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ia64",
"4WS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ppc",
"4WS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390",
"4WS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390x",
"4WS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3704"
},
{
"category": "external",
"summary": "RHBZ#638960",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=638960"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3704",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3704"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3704",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3704"
}
],
"release_date": "2010-09-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-10-07T15:27:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.i386",
"4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.ia64",
"4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.ppc",
"4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.s390",
"4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.s390x",
"4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.src",
"4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.x86_64",
"4AS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.i386",
"4AS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ia64",
"4AS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ppc",
"4AS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390",
"4AS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390x",
"4AS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.x86_64",
"4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.i386",
"4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.ia64",
"4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.ppc",
"4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.s390",
"4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.s390x",
"4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.src",
"4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.x86_64",
"4Desktop:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.i386",
"4Desktop:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ia64",
"4Desktop:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ppc",
"4Desktop:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390",
"4Desktop:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390x",
"4Desktop:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.x86_64",
"4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.i386",
"4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.ia64",
"4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.ppc",
"4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.s390",
"4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.s390x",
"4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.src",
"4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.x86_64",
"4ES:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.i386",
"4ES:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ia64",
"4ES:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ppc",
"4ES:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390",
"4ES:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390x",
"4ES:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.x86_64",
"4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.i386",
"4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.ia64",
"4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.ppc",
"4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.s390",
"4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.s390x",
"4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.src",
"4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.x86_64",
"4WS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.i386",
"4WS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ia64",
"4WS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ppc",
"4WS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390",
"4WS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390x",
"4WS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0752"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.i386",
"4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.ia64",
"4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.ppc",
"4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.s390",
"4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.s390x",
"4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.src",
"4AS:gpdf-0:2.8.2-7.7.2.el4_8.7.x86_64",
"4AS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.i386",
"4AS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ia64",
"4AS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ppc",
"4AS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390",
"4AS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390x",
"4AS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.x86_64",
"4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.i386",
"4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.ia64",
"4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.ppc",
"4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.s390",
"4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.s390x",
"4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.src",
"4Desktop:gpdf-0:2.8.2-7.7.2.el4_8.7.x86_64",
"4Desktop:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.i386",
"4Desktop:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ia64",
"4Desktop:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ppc",
"4Desktop:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390",
"4Desktop:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390x",
"4Desktop:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.x86_64",
"4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.i386",
"4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.ia64",
"4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.ppc",
"4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.s390",
"4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.s390x",
"4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.src",
"4ES:gpdf-0:2.8.2-7.7.2.el4_8.7.x86_64",
"4ES:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.i386",
"4ES:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ia64",
"4ES:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ppc",
"4ES:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390",
"4ES:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390x",
"4ES:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.x86_64",
"4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.i386",
"4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.ia64",
"4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.ppc",
"4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.s390",
"4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.s390x",
"4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.src",
"4WS:gpdf-0:2.8.2-7.7.2.el4_8.7.x86_64",
"4WS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.i386",
"4WS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ia64",
"4WS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.ppc",
"4WS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390",
"4WS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.s390x",
"4WS:gpdf-debuginfo-0:2.8.2-7.7.2.el4_8.7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "xpdf: array indexing error in FoFiType1::parse()"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…