CVE-2010-3704

CWE-20 — Improper Input Validation9 documents9 sources

Severity

6.8MEDIUM

EPSS

1.4%

top 19.61%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Glyphandcog Xpdfreader Foolabs Xpdf Poppler Poppler

Timeline

PublishedNov 5

Latest updateMay 17

Description

The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with a crafted PostScript Type1 font that contains a negative array index, which bypasses input validation and triggers memory corruption.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages5 packages

▶Debianxpdf< 3.02-9+3

▶Debianpoppler< 0.12.4-1.2+3

▶NVDglyphandcog/xpdfreader3.02+20

▶NVDfoolabs/xpdf18 versions+17

▶NVDpoppler/poppler35 versions+34

Patches

Patch: ftp.foolabs.com ↗Patch: cgit.freedesktop.org ↗Patch: ftp.foolabs.com ↗

🔴Vulnerability Details

GHSA

GHSA-fwg7-7mhm-4945: The FoFiType1::parse function in fofi/FoFiType1↗2022-05-17

▶

OSV

CVE-2010-3704: The FoFiType1::parse function in fofi/FoFiType1↗2010-11-05

▶

CVEList

CVE-2010-3704: The FoFiType1::parse function in fofi/FoFiType1↗2010-11-05

▶

💥Exploits & PoCs

Exploit-DB

Microsoft Visual Studio - Msmask32.ocx ActiveX Buffer Overflow (MS08-070) (Metasploit)↗2010-11-24

▶

📋Vendor Advisories

Ubuntu

poppler vulnerabilities↗2010-10-19

▶

Red Hat

xpdf: array indexing error in FoFiType1::parse()↗2010-09-24

▶

Debian

CVE-2010-3704: poppler - The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf bef...↗2010

▶

💬Community

Bugzilla

CVE-2010-3704 xpdf: array indexing error in FoFiType1::parse()↗2010-09-30

▶