oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE requests: Poppler, Quassel, Pyfribidi, Overkill, DocUtils, FireGPG, Wireshark

From: Josh Bressers <bressers () redhat com>
Date: Mon, 4 Oct 2010 15:11:23 -0400 (EDT)
----- "Tomas Hoger" <thoger () redhat com> wrote:

According to Tomas, only the first three things needs IDs:




e853106b58 is uninitialized pointer use flaw.  Pointer value may be
controlled by PDF content, hence if pointed to attacker-controlled
memory, code execution may be possible via virtual method call.  This
should date back to very old xpdf versions.


http://cgit.freedesktop.org/poppler/poppler/commit/?id=e853106b58d6b4b0467dbd6436c9bb1cfbd372cf

Use CVE-2010-3702



bf2055088a seems similar to the above one.  Pointer is to the class that
has not virtual methods, but may be used to corrupt memory.  This should
only affect poppler versions after b1d4efb082.


http://cgit.freedesktop.org/poppler/poppler/commit/?id=bf2055088a3a2d3bb3d3c37d464954ec1a25771f

Use CVE-2010-3703


39d140bfc0 array indexing error / underflow.  On platforms where atoi can
return negative result, this can allow out-of-array-bounds write.  Code
appears in old xpdf versions too.


http://cgit.freedesktop.org/poppler/poppler/commit/?id=39d140bfc0b8239bdd96d6a55842034ae5c05473

Use CVE-2010-3704

Thanks.

-- 
    JB
Previous By Date Next
Previous By Thread Next

Current thread: