CVE-2010-0206

CWE-476NULL Pointer Dereference8 documents8 sources
Severity
5.5MEDIUM
EPSS
0.4%
top 36.66%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Xpdf XpdfXpdfreader Xpdf
Timeline
PublishedOct 30
Latest updateApr 21

Description

xpdf allows remote attackers to cause a denial of service (NULL pointer dereference and crash) in the way it processes JBIG2 PDF stream objects.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages3 packages

CVEListV5xpdf/xpdfN/A
NVDxpdfreader/xpdf3.03-17, 3.04-13, 3.04-4+2
Debianpoppler< 0.16.3-1+3

🔴Vulnerability Details

3
GHSA
GHSA-g23w-mcm2-h6c5: xpdf allows remote attackers to cause a denial of service (NULL pointer dereference and crash) in the way it processes JBIG2 PDF stream objects2022-04-21
OSV
CVE-2010-0206: xpdf allows remote attackers to cause a denial of service (NULL pointer dereference and crash) in the way it processes JBIG2 PDF stream objects2019-10-30
CVEList
CVE-2010-0206: xpdf allows remote attackers to cause a denial of service (NULL pointer dereference and crash) in the way it processes JBIG2 PDF stream objects2019-10-30

💥Exploits & PoCs

1
Exploit-DB
Microsoft NetDDE Service - Remote Overflow (MS04-031) (Metasploit)2010-07-03

📋Vendor Advisories

2
Red Hat
xpdf: Invalid pointer dereference by processing JBIG2 PDF stream objects2010-05-19
Debian
CVE-2010-0206: poppler - xpdf allows remote attackers to cause a denial of service (NULL pointer derefere...2010

💬Community

1
Bugzilla
CVE-2010-0206 xpdf: Invalid pointer dereference by processing JBIG2 PDF stream objects2010-04-07
CVE-2010-0206 (MEDIUM CVSS 5.5) | xpdf allows remote attackers to cau | cvebase.io