CVE-2010-3702
Published: May 11, 2010
The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, CUPS, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) via unknown vectors that trigger an uninitialized pointer dereference.
HIGH
CVSS v2: 7.5
CVSS v2: 7.5
Status
| DocFilters Release | Package | State | Justification | Comment |
|---|---|---|---|---|
| 25.1 | xpdf (4.05) | Not Affected | Code Not Present | 4.05 does not match CVE configuration. |
| 24.4 | xpdf (4.05) | Not Affected | Code Not Present | 4.05 does not match CVE configuration. |
| 24.4.0 | xpdf (4.05) | Not Affected | Code Not Present | 4.05 does not match CVE configuration. |
| 24.3 | xpdf (4.05) | Not Affected | Code Not Present | 4.05 does not match CVE configuration. |
| 24.2.1 | xpdf (4.05) | Not Affected | Code Not Present | 4.05 does not match CVE configuration. |
| 24.2 | xpdf (4.05) | Not Affected | Code Not Present | 4.05 does not match CVE configuration. |
| 24.1 | xpdf (3.02) | Resolved | Code Not Present | Patched applied from about:blank |
| 23.3 | xpdf (3.02) | Resolved | Code Not Present | Patched applied from about:blank |
| 23.2.1 | xpdf (3.02) | Resolved | Code Not Present | Patched applied from about:blank |
| 23.2 | xpdf (3.02) | Resolved | Code Not Present | Patched applied from about:blank |
| 23.1 | xpdf (3.02) | Resolved | Code Not Present | Patched applied from about:blank |