CVE DATABASE  /  CVE-2010-3704

CVE-2010-3704

Summary

The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with a crafted PostScript Type1 font that contains a negative array index, which bypasses input validation and triggers memory corruption.

CVSS 2.0 breakdown

Weakness type (CWE)

• CWE-20

Affected products

References

• ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch
• http://cgit.freedesktop.org/poppler/poppler/commit/?id=39d140bfc0b8239bdd96d6a55842034ae5c05473
• http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050268.html
• http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050285.html
• http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050390.html
• http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html
• http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html
• http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html
• http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html
• http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html
• http://rhn.redhat.com/errata/RHSA-2012-1201.html
• http://secunia.com/advisories/42141
• http://secunia.com/advisories/42357
• http://secunia.com/advisories/42397
• http://secunia.com/advisories/42691

Data: NIST NVD. NVD last modified 2026-04-29. Always verify against the vendor advisory before acting.