This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Poppler First view 2010-11-05
Product Poppler Last view 2010-11-05
Version 0.14.5 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:poppler:poppler

Activity : Overall

Related : CVE

  Date Alert Description
6.8 2010-11-05 CVE-2010-3704

The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with a crafted PostScript Type1 font that contains a negative array index, which bypasses input validation and triggers memory corruption.
4.3 2010-11-05 CVE-2010-3703

The PostScriptFunction::PostScriptFunction function in poppler/Function.cc in the PDF parser in poppler 0.8.7 and possibly other versions up to 0.15.1, and possibly other products, allows context-dependent attackers to cause a denial of service (crash) via a PDF file that triggers an uninitialized pointer dereference.

CWE : Common Weakness Enumeration

%idName
100% (2) CWE-20 Improper Input Validation

Open Source Vulnerability Database (OSVDB)

id Description
69063 Poppler poppler/Function.cc PostScriptFunction::PostScriptFunction Uninitiali...
69062 Poppler fofi/FoFiType1.cc FoFiType1::parse Function Memory Corruption

OpenVAS Exploits

id Description
2012-08-24 Name : CentOS Update for tetex CESA-2012:1201 centos5
File : nvt/gb_CESA-2012_1201_tetex_centos5.nasl
2012-08-24 Name : RedHat Update for tetex RHSA-2012:1201-01
File : nvt/gb_RHSA-2012_1201-01_tetex.nasl
2011-08-09 Name : CentOS Update for poppler CESA-2010:0749 centos5 i386
File : nvt/gb_CESA-2010_0749_poppler_centos5_i386.nasl
2011-08-09 Name : CentOS Update for kdegraphics CESA-2010:0753 centos5 i386
File : nvt/gb_CESA-2010_0753_kdegraphics_centos5_i386.nasl
2011-03-07 Name : Debian Security Advisory DSA 2135-1 (xpdf)
File : nvt/deb_2135_1.nasl
2010-12-02 Name : Fedora Update for xpdf FEDORA-2010-16744
File : nvt/gb_fedora_2010_16744_xpdf_fc14.nasl
2010-12-02 Name : Fedora Update for poppler FEDORA-2010-15857
File : nvt/gb_fedora_2010_15857_poppler_fc14.nasl
2010-11-17 Name : Debian Security Advisory DSA 2116-1 (poppler)
File : nvt/deb_2116_1.nasl
2010-11-16 Name : Mandriva Update for poppler MDVSA-2010:231 (poppler)
File : nvt/gb_mandriva_MDVSA_2010_231.nasl
2010-11-16 Name : Mandriva Update for poppler MDVSA-2010:230 (poppler)
File : nvt/gb_mandriva_MDVSA_2010_230.nasl
2010-11-16 Name : Mandriva Update for xpdf MDVSA-2010:228 (xpdf)
File : nvt/gb_mandriva_MDVSA_2010_228.nasl
2010-11-16 Name : Fedora Update for xpdf FEDORA-2010-16705
File : nvt/gb_fedora_2010_16705_xpdf_fc12.nasl
2010-11-16 Name : Fedora Update for xpdf FEDORA-2010-16662
File : nvt/gb_fedora_2010_16662_xpdf_fc13.nasl
2010-10-22 Name : Ubuntu Update for poppler vulnerabilities USN-1005-1
File : nvt/gb_ubuntu_USN_1005_1.nasl
2010-10-22 Name : Fedora Update for poppler FEDORA-2010-15981
File : nvt/gb_fedora_2010_15981_poppler_fc12.nasl
2010-10-22 Name : Fedora Update for poppler FEDORA-2010-15911
File : nvt/gb_fedora_2010_15911_poppler_fc13.nasl
2010-10-19 Name : RedHat Update for kdegraphics RHSA-2010:0753-01
File : nvt/gb_RHSA-2010_0753-01_kdegraphics.nasl
2010-10-19 Name : RedHat Update for gpdf RHSA-2010:0752-01
File : nvt/gb_RHSA-2010_0752-01_gpdf.nasl
2010-10-19 Name : RedHat Update for xpdf RHSA-2010:0751-01
File : nvt/gb_RHSA-2010_0751-01_xpdf.nasl
2010-10-19 Name : RedHat Update for poppler RHSA-2010:0749-01
File : nvt/gb_RHSA-2010_0749-01_poppler.nasl
2010-10-19 Name : CentOS Update for kdegraphics CESA-2010:0753 centos4 i386
File : nvt/gb_CESA-2010_0753_kdegraphics_centos4_i386.nasl
2010-10-19 Name : CentOS Update for gpdf CESA-2010:0752 centos4 i386
File : nvt/gb_CESA-2010_0752_gpdf_centos4_i386.nasl
2010-10-19 Name : CentOS Update for xpdf CESA-2010:0751 centos4 i386
File : nvt/gb_CESA-2010_0751_xpdf_centos4_i386.nasl
0000-00-00 Name : Slackware Advisory SSA:2010-324-02 poppler
File : nvt/esoft_slk_ssa_2010_324_02.nasl
0000-00-00 Name : Slackware Advisory SSA:2010-324-01 xpdf
File : nvt/esoft_slk_ssa_2010_324_01.nasl

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2017-09-01 Name: The remote OracleVM host is missing one or more security updates.
File: oraclevm_OVMSA-2017-0147.nasl - Type: ACT_GATHER_INFO
2014-06-13 Name: The remote openSUSE host is missing a security update.
File: suse_11_3_libpoppler-devel-101016.nasl - Type: ACT_GATHER_INFO
2014-06-13 Name: The remote openSUSE host is missing a security update.
File: suse_11_3_OpenOffice_org-110330.nasl - Type: ACT_GATHER_INFO
2014-02-18 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201402-17.nasl - Type: ACT_GATHER_INFO
2013-10-07 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201310-03.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2012-1201.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2010-0859.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2010-0755.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2010-0754.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2010-0753.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing a security update.
File: oraclelinux_ELSA-2010-0752.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing a security update.
File: oraclelinux_ELSA-2010-0751.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing a security update.
File: oraclelinux_ELSA-2010-0750.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2010-0749.nasl - Type: ACT_GATHER_INFO
2012-08-24 Name: The remote Scientific Linux host is missing one or more security updates.
File: sl_20120823_tetex_on_SL5_x.nasl - Type: ACT_GATHER_INFO
2012-08-24 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2012-1201.nasl - Type: ACT_GATHER_INFO
2012-08-24 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2012-1201.nasl - Type: ACT_GATHER_INFO
2012-08-01 Name: The remote Scientific Linux host is missing one or more security updates.
File: sl_20101007_kdegraphics_on_SL4_x.nasl - Type: ACT_GATHER_INFO
2012-08-01 Name: The remote Scientific Linux host is missing one or more security updates.
File: sl_20101110_poppler_on_SL6_x.nasl - Type: ACT_GATHER_INFO
2012-08-01 Name: The remote Scientific Linux host is missing a security update.
File: sl_20101007_xpdf_on_SL3_x.nasl - Type: ACT_GATHER_INFO
2012-08-01 Name: The remote Scientific Linux host is missing one or more security updates.
File: sl_20101007_poppler_on_SL5_x.nasl - Type: ACT_GATHER_INFO
2012-08-01 Name: The remote Scientific Linux host is missing a security update.
File: sl_20101007_gpdf_on_SL4_x.nasl - Type: ACT_GATHER_INFO
2011-05-05 Name: The remote openSUSE host is missing a security update.
File: suse_11_2_libpoppler-devel-101016.nasl - Type: ACT_GATHER_INFO
2011-05-05 Name: The remote openSUSE host is missing a security update.
File: suse_11_2_OpenOffice_org-110330.nasl - Type: ACT_GATHER_INFO
2011-05-05 Name: The remote openSUSE host is missing a security update.
File: suse_11_1_xpdf-101014.nasl - Type: ACT_GATHER_INFO