CVE-2010-4653

CWE-190Integer Overflow7 documents7 sources
Severity
6.5MEDIUM
EPSS
0.8%
top 26.28%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Freedesktop PopplerPoppler PopplerDebian Debian Linux
Timeline
PublishedNov 13
Latest updateApr 21

Description

An integer overflow condition in poppler before 0.16.3 can occur when parsing CharCodes for fonts.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages4 packages

NVDfreedesktop/poppler< 0.16.3
Debianpoppler< 0.16.3-1+3
CVEListV5poppler/popplerbefore 0.16.3
Debianxpdf< 3.02-9+3

Also affects: Debian Linux 10.0, 8.0, 9.0

Patches

Patch: bugzilla.redhat.comPatch: bugzilla.redhat.com

🔴Vulnerability Details

3
GHSA
GHSA-x5gr-9mc7-wwfg: An integer overflow condition in poppler before 02022-04-21
OSV
CVE-2010-4653: An integer overflow condition in poppler before 02019-11-13
CVEList
CVE-2010-4653: An integer overflow condition in poppler before 02019-11-13

📋Vendor Advisories

2
Red Hat
xpdf: integer overflow in CharCodeToUnicode::addMapping2010-01-21
Debian
CVE-2010-4653: poppler - An integer overflow condition in poppler before 0.16.3 can occur when parsing Ch...2010

💬Community

1
Bugzilla
CVE-2010-4653 xpdf: integer overflow in CharCodeToUnicode::addMapping2011-01-24
CVE-2010-4653 (MEDIUM CVSS 6.5) | An integer overflow condition in po | cvebase.io