Back in early October there was a set of vulnerabilities for PDF related software discovered.
Quote:
CVE-2010-3702:
The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, CUPS, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) via unknown vectors that trigger an uninitialized pointer dereference.
|
Quote:
CVE-2010-3703:
The PostScriptFunction::PostScriptFunction function in poppler/Function.cc in the PDF parser in poppler 0.8.7 and possibly other versions up to 0.15.1, and possibly other products, allows context-dependent attackers to cause a denial of service (crash) via a PDF file that triggers an uninitialized pointer dereference.
|
Quote:
CVE-2010-3704:
The FoFiType1: arse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with a crafted Type1 font that contains a negative array index, which bypasses input validation and which triggers memory corruption.
|
I sent a note about these to security at slackware.com back towards the end of October when I noticed that they hadn't been updated, but I've still not seen any updates show up, though poppler has been updated to 0.14.5 in current which should be ok.
xpdf 3.02pl5 has been available since around the 20th Oct to fix this and I've been running a local build of it without issue here since it was released by upstream.
3702 & 3 don't look all that serious, but the 'arbitrary code' aspect of 3704 seems to be a cause for concern.
Did these just slip through the cracks or is there a reason they haven't been updated yet?
