CVE-2010-3703

Published: Nov 5, 2010Modified: Apr 29, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:P

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

The PostScriptFunction::PostScriptFunction function in poppler/Function.cc in the PDF parser in poppler 0.8.7 and possibly other versions up to 0.15.1, and possibly other products, allows context-dependent attackers to cause a denial of service (crash) via a PDF file that triggers an uninitialized pointer dereference.

Affected (35)

Products: Poppler: Poppler

1 product

Configuration A

35 vulnerable

Vulnerable Software	Affected Versions
Poppler Poppler	Version 0.10.0
Poppler Poppler	Version 0.10.1
Poppler Poppler	Version 0.10.2
Poppler Poppler	Version 0.10.3
Poppler Poppler	Version 0.10.4
Poppler Poppler	Version 0.10.5
Poppler Poppler	Version 0.10.6
Poppler Poppler	Version 0.10.7
Poppler Poppler	Version 0.11.0
Poppler Poppler	Version 0.11.1
Poppler Poppler	Version 0.11.2
Poppler Poppler	Version 0.11.3
Poppler Poppler	Version 0.12.0
Poppler Poppler	Version 0.12.1
Poppler Poppler	Version 0.12.2
Poppler Poppler	Version 0.12.3
Poppler Poppler	Version 0.12.4
Poppler Poppler	Version 0.13.0
Poppler Poppler	Version 0.13.1
Poppler Poppler	Version 0.13.2
Poppler Poppler	Version 0.13.3
Poppler Poppler	Version 0.13.4
Poppler Poppler	Version 0.14.0
Poppler Poppler	Version 0.14.1
Poppler Poppler	Version 0.14.2
Poppler Poppler	Version 0.14.3
Poppler Poppler	Version 0.14.4
Poppler Poppler	Version 0.14.5
Poppler Poppler	Version 0.15.0
Poppler Poppler	Version 0.15.1
Poppler Poppler	Version 0.8.7
Poppler Poppler	Version 0.9.0
Poppler Poppler	Version 0.9.1
Poppler Poppler	Version 0.9.2
Poppler Poppler	Version 0.9.3

Related CWEs

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (24)

http://cgit.freedesktop.org/poppler/poppler/commit/?id=bf2055088a3a2d3bb3d3c37d464954ec1a25771f

Source: secalert@redhat.com

http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html

Source: secalert@redhat.com

http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html

Source: secalert@redhat.com

http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html

Source: secalert@redhat.com

http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html

Source: secalert@redhat.com

http://secunia.com/advisories/42357

Source: secalert@redhat.com

http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.571720

Source: secalert@redhat.com

http://www.mandriva.com/security/advisories?name=MDVSA-2010:231

Source: secalert@redhat.com

http://www.openwall.com/lists/oss-security/2010/10/04/6

Source: secalert@redhat.com

http://www.redhat.com/support/errata/RHSA-2010-0859.html

Source: secalert@redhat.com

http://www.ubuntu.com/usn/USN-1005-1

Source: secalert@redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=639356

Source: secalert@redhat.com

http://cgit.freedesktop.org/poppler/poppler/commit/?id=bf2055088a3a2d3bb3d3c37d464954ec1a25771f

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/42357

Source: af854a3a-2127-422b-91ae-364da2661108

http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.571720

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.mandriva.com/security/advisories?name=MDVSA-2010:231

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2010/10/04/6

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2010-0859.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.ubuntu.com/usn/USN-1005-1

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugzilla.redhat.com/show_bug.cgi?id=639356

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.